10 - Chapter 10 Key Management Session and Interchange Keys...

Info icon This preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: A rt and Science Slide #10-1 Chapter 10: Key Management Session and Interchange Keys Key Exchange Key Generation Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures
Image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: A rt and Science Slide #10-2 Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures
Image of page 2
June 1, 2004 Computer Security: A rt and Science Slide #10-3 Notation X     Y  : {  Z  ||  W  }  k X , Y X  sends  Y  the message produced by concatenating  Z   and  W  enciphered by key  k X , Y , which is shared by users  X  and  Y A     T  : {  Z  }  k A  || {  W  }  k A , T A  sends  T  a message consisting of the concatenation of  Z  enciphered using  k A A ’s key, and  W  enciphered using  k A , T , the key shared by  A  and  T r 1 r 2  nonces (nonrepeating random numbers)
Image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: A rt and Science Slide #10-4 Session, Interchange Keys Alice wants to send a message  m  to Bob Assume public key encryption Alice generates a random cryptographic key  k s  and uses  it to encipher  m To be used for this message  only Called a  session key She enciphers  k s  with Bob;s public key  k B k B  enciphers all session keys Alice uses to communicate with  Bob Called an interchange  key Alice sends {  m  }  k s   k s   k B
Image of page 4
June 1, 2004 Computer Security: A rt and Science Slide #10-5 Benefits Limits amount of traffic enciphered with single  key Standard practice, to decrease the amount of traffic an  attacker can obtain Prevents some attacks Example: Alice will send Bob message that is either  “BUY” or “SELL”. Eve computes possible ciphertexts  { “BUY” }  k B  and  { “SELL” }  k B . Eve intercepts  enciphered message, compares, and gets plaintext at  once
Image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: A rt and Science Slide #10-6 Key Exchange Algorithms Goal: Alice, Bob get shared key Key cannot be sent in clear Attacker can listen in Key can be sent enciphered, or derived from exchanged data  plus data not known to an eavesdropper Alice, Bob may trust third party All cryptosystems, protocols publicly known Only secret data is the keys, ancillary information known only  to Alice and Bob needed to derive keys Anything transmitted is assumed known to attacker
Image of page 6
June 1, 2004 Computer Security: A rt and Science Slide #10-7 Classical Key Exchange Bootstrap problem: how do Alice, Bob  begin?
Image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full Document Right Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern