10 - Chapter 10: Key Management Session and Interchange...

Info iconThis preview shows pages 1–8. Sign up to view the full content.

View Full Document Right Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #10-1 Chapter 10: Key Management Session and Interchange Keys Key Exchange Key Generation Cryptographic Key Infrastructure Storing and Revoking Keys Digital Signatures
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #10-2 Overview Key exchange Session vs. interchange keys Classical, public key methods Key generation Cryptographic key infrastructure Certificates Key storage Key escrow Key revocation Digital signatures
Background image of page 2
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #10-3 Notation X Y : { Z || W } k X , Y X sends Y the message produced by concatenating Z and W enciphered by key k X , Y , which is shared by users X and Y A T : { Z } k A || { W } k A , T A sends T a message consisting of the concatenation of Z enciphered using k A , A ’s key, and W enciphered using k A , T , the key shared by A and T r 1 , r 2 nonces (nonrepeating random numbers)
Background image of page 3

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #10-4 Session, Interchange Keys Alice wants to send a message m to Bob Assume public key encryption – Alice generates a random cryptographic key k s and uses it to encipher m To be used for this message only Called a session key – She enciphers k s with Bob;s public key k B k B enciphers all session keys Alice uses to communicate with Bob Called an interchange key – Alice sends { m } k s { k s } k B
Background image of page 4
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #10-5 Benefits Limits amount of traffic enciphered with single key Standard practice, to decrease the amount of traffic an attacker can obtain Prevents some attacks Example: Alice will send Bob message that is either “BUY” or “SELL”. Eve computes possible ciphertexts { “BUY” } k B and { “SELL” } k B . Eve intercepts enciphered message, compares, and gets plaintext at once
Background image of page 5

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #10-6 Key Exchange Algorithms Goal: Alice, Bob get shared key Key cannot be sent in clear Attacker can listen in Key can be sent enciphered, or derived from exchanged data plus data not known to an eavesdropper Alice, Bob may trust third party All cryptosystems, protocols publicly known Only secret data is the keys, ancillary information known only to Alice and Bob needed to derive keys Anything transmitted is assumed known to attacker
Background image of page 6
June 1, 2004 Computer Security: Art and Science ©2002-2004 Matt Bishop Slide #10-7 Classical Key Exchange Bootstrap problem: how do Alice, Bob begin? Alice can’t send it to Bob in the clear!
Background image of page 7

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
Image of page 8
This is the end of the preview. Sign up to access the rest of the document.

This note was uploaded on 05/04/2008 for the course CS 526 taught by Professor Wagstaff during the Fall '07 term at Purdue.

Page1 / 79

10 - Chapter 10: Key Management Session and Interchange...

This preview shows document pages 1 - 8. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online