-
7/27/2019 Ch14 Key Mgt
1/34
Cryptography andNetwork Security
Fifth Editionby William Stallings
-
7/27/2019 Ch14 Key Mgt
2/34
Key Management and
Distributiontopics of cryptographic key management /key
distribution are complex
cryptographic, protocol, & management issues
symmetric schemes require both parties toshare a common secret
keypublic key schemes require parties toacquire valid public
keyshave concerns with doing both
-
7/27/2019 Ch14 Key Mgt
3/34
Key Distribution
symmetric schemes require both parties toshare a common secret
key
issue is how to securely distribute this keywhilst protecting it
from othersfrequent key changes can be desirable
often secure system failure due to a breakin the key
distribution scheme
-
7/27/2019 Ch14 Key Mgt
4/34
Key Distribution
given parties A and B have various keydistribution
alternatives:
1. A can select key and physically deliver to B2. third party
can select & deliver key to A & B3. if A & B have
communicated previously can
use previous key to encrypt a new key4. if A & B have secure
communications with a
third party C, C can relay key between A & B
-
7/27/2019 Ch14 Key Mgt
5/34
Key Distribution Task
-
7/27/2019 Ch14 Key Mgt
6/34
Key Hierarchy
typically have a hierarchy of keyssession key
temporary keyused for encryption of data between usersfor one
logical session then discarded
master keyused to encrypt session keysshared by user & key
distribution center
-
7/27/2019 Ch14 Key Mgt
7/34
Key Hierarchy
-
7/27/2019 Ch14 Key Mgt
8/34
Key Distribution Scenario
-
7/27/2019 Ch14 Key Mgt
9/34
Key Distribution Issues
hierarchies of KDCs required for largenetworks, but must trust
each other
session key lifetimes should be limited forgreater securityuse
of automatic key distribution on behalf
of users, but must trust systemuse of decentralized key
distributioncontrolling key usage
-
7/27/2019 Ch14 Key Mgt
10/34
Symmetric Key Distribution
Using Public Keyspublic key cryptosystems are inefficient
so almost never use for direct data encryptionrather use to
encrypt secret keys for distribution
-
7/27/2019 Ch14 Key Mgt
11/34
Simple Secret Key Distribution
Merkle proposed this very simple schemeallows secure
communications
no keys before/after exist
-
7/27/2019 Ch14 Key Mgt
12/34
Man-in-the-Middle Attack
this very simple scheme is vulnerable toan active
man-in-the-middle attack
-
7/27/2019 Ch14 Key Mgt
13/34
Secret Key Distribution withConfidentiality and
Authentication
-
7/27/2019 Ch14 Key Mgt
14/34
Hybrid Key Distribution
retain use of private-key KDCshares secret master key with each
user
distributes session key using master keypublic-key used to
distribute master keys
especially useful with widely distributed users
rationaleperformancebackward compatibility
-
7/27/2019 Ch14 Key Mgt
15/34
Distribution of Public Keys
can be considered as using one of:public announcementpublicly
available directorypublic-key authoritypublic-key certificates
-
7/27/2019 Ch14 Key Mgt
16/34
Public Announcement
users distribute public keys to recipients orbroadcast to
community at large
eg. append PGP keys to email messages orpost to news groups or
email list
major weakness is forgeryanyone can create a key claiming to
besomeone else and broadcast ituntil forgery is discovered can
masquerade asclaimed user
-
7/27/2019 Ch14 Key Mgt
17/34
Publicly Available Directory
can obtain greater security by registeringkeys with a public
directorydirectory must be trusted with properties:
contains {name,public-key} entriesparticipants register securely
with directoryparticipants can replace key at any time
directory is periodically publisheddirectory can be accessed
electronically
still vulnerable to tampering or forgery
-
7/27/2019 Ch14 Key Mgt
18/34
Public-Key Authority
improve security by tightening control overdistribution of keys
from directoryhas properties of directoryand requires users to know
public key forthe directorythen users interact with directory to
obtainany desired public key securely
does require real-time access to directorywhen keys are
neededmay be vulnerable to tampering
-
7/27/2019 Ch14 Key Mgt
19/34
Public-Key Authority
-
7/27/2019 Ch14 Key Mgt
20/34
Public-Key Certificates
certificates allow key exchange withoutreal-time access to
public-key authoritya certificate binds identity to public key
usually with other info such as period ofvalidity, rights of use
etc
with all contents signed by a trusted
Public-Key or Certificate Authority (CA)can be verified by
anyone who knows thepublic-key authorities public-key
-
7/27/2019 Ch14 Key Mgt
21/34
Public-Key Certificates
-
7/27/2019 Ch14 Key Mgt
22/34
X.509 Authentication Service
part of CCITT X.500 directory service standardsdistributed
servers maintaining user info database
defines framework for authentication servicesdirectory may store
public-key certificateswith public key of user signed by
certification authority
also defines authentication protocols
uses public-key crypto & digital signaturesalgorithms not
standardised, but RSA recommended
X.509 certificates are widely usedhave 3 versions
-
7/27/2019 Ch14 Key Mgt
23/34
X.509
CertificateUse
-
7/27/2019 Ch14 Key Mgt
24/34
X.509 Certificates
issued by a Certification Authority (CA), containing:version V
(1, 2, or 3)serial number SN (unique within CA) identifying
certificatesignature algorithm identifier AI
issuer X.500 name CA)period of validity TA (from - to
dates)subject X.500 name A (name of owner)subject public-key info
Ap (algorithm, parameters, key)issuer unique identifier
(v2+)subject unique identifier (v2+)extension fields (v3)signature
(of hash of all fields in certificate)
notation CA denotes certificate for A signed by CA
-
7/27/2019 Ch14 Key Mgt
25/34
X.509 Certificates
-
7/27/2019 Ch14 Key Mgt
26/34
Obtaining a Certificate
any user with access to CA can get anycertificate from it
only the CA can modify a certificatebecause cannot be forged,
certificates canbe placed in a public directory
-
7/27/2019 Ch14 Key Mgt
27/34
CA Hierarchy
if both users share a common CA then they areassumed to know its
public keyotherwise CA's must form a hierarchy
use certificates linking members of hierarchy tovalidate other
CA'seach CA has certificates for clients (forward) andparent
(backward)
each client trusts parents certificatesenable verification of
any certificate from one CAby users of all other CAs in
hierarchy
-
7/27/2019 Ch14 Key Mgt
28/34
CA Hierarchy Use
-
7/27/2019 Ch14 Key Mgt
29/34
Certificate Revocation
certificates have a period of validitymay need to revoke before
expiry, eg:
1. user's private key is compromised2. user is no longer
certified by this CA3. CA's certificate is compromised
CAs maintain list of revoked certificates
the Certificate Revocation List (CRL)users should check
certificates with CAs CRL
-
7/27/2019 Ch14 Key Mgt
30/34
X.509 Version 3
has been recognised that additionalinformation is needed in a
certificate
email/URL, policy details, usage constraints
rather than explicitly naming new fieldsdefined a general
extension methodextensions consist of:
extension identifiercriticality indicatorextension value
-
7/27/2019 Ch14 Key Mgt
31/34
Certificate Extensions
key and policy informationconvey info about subject & issuer
keys, plusindicators of certificate policy
certificate subject and issuer attributessupport alternative
names, in alternativeformats for certificate subject and/or
issuer
certificate path constraintsallow constraints on use of
certificates byother CAs
-
7/27/2019 Ch14 Key Mgt
32/34
Public Key Infrastructure
-
7/27/2019 Ch14 Key Mgt
33/34
PKIX Management
functions:registrationinitialization
certificationkey pair recoverykey pair update
revocation requestcross certification
protocols: CMP, CMC
-
7/27/2019 Ch14 Key Mgt
34/34
Summary
have considered:symmetric key distribution using
symmetricencryptionsymmetric key distribution using
public-keyencryptiondistribution of public keys
announcement, directory, authrority, CAX.509 authentication and
certificatespublic key infrastructure (PKIX)
![ch14(1) [Autosaved]](https://img.pdfslide.tips/doc/110x75/577c81f91a28abe054aeed7b/ch141-autosaved.jpg)
