Post on 21-Jan-2016
description
Minimizing the number of keys for secure communication in a networkBy Niels Duif
Remarks
• Ask questions• Proof by example
/ Department of Mathematics and Computer Science PAGE 221-04-23
Contents
• Introduction• Splitting a message• Constructions• Combining constructions• Conclusions
/ Department of Mathematics and Computer Science PAGE 321-04-23
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 421-04-23
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 521-04-23
Alice
Bob
Eve Chris
common key: kAB
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 621-04-23
Alice
Bob
Eve Chris
common key: kAB
Hi!
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 721-04-23
Alice
Bob
Eve Chris
common key: kAB
z$#
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 821-04-23
Alice
Bob
Eve Chris
common key: kAB
z$#
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 921-04-23
Alice
Bob
Eve Chris
common key: kAB
z$#
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 1021-04-23
Alice
Bob
Eve Chris
common key: kAB
Hi!
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 1121-04-23
Alice
Bob
Eve Chris
common key: kAB
Hi!
?
Introduction
• Network
• Symmetric cryptography
/ Department of Mathematics and Computer Science PAGE 1221-04-23
Alice
Bob
Eve Chris
common key: kAB common key: kBC
common key: kCE
Communication graph
/ Department of Mathematics and Computer Science PAGE 1321-04-23
Alice Bob Chris Eve
Communication graph
• Persons are represented by nodes• Nodes that have one or more keys in common are
connected by a line
/ Department of Mathematics and Computer Science PAGE 1421-04-23
Alice Bob Chris Eve
Communication graph
• Persons are represented by nodes• Nodes that have one or more keys in common are
connected by a line• The lines are labelled with the common keys
/ Department of Mathematics and Computer Science PAGE 1521-04-23
Alice Bob Chris Eve
kAB kBC kCE
Communication graph
• Persons are represented by nodes• Nodes that have one or more keys in common are
connected by a line• The lines are labelled with the common keys
/ Department of Mathematics and Computer Science PAGE 1621-04-23
A B C E
1 2 3
Communication graph
• Nodes may have more than one key in common
/ Department of Mathematics and Computer Science PAGE 1721-04-23
A B
C D
1
3
25
4
Communication graph
• Nodes may have more than one key in common
/ Department of Mathematics and Computer Science PAGE 1821-04-23
A (1,2,5) B (1,4,5)
C (2,3) D (3,4)
1
3
25
4
How to assign keys?
/ Department of Mathematics and Computer Science PAGE 1921-04-23
C
B
A
E
D
How to assign keys?
• Give every pair of nodes a different key
/ Department of Mathematics and Computer Science PAGE 2021-04-23
C
B
A
E
D
How to assign keys?
• Give every pair of nodes a different key
/ Department of Mathematics and Computer Science PAGE 2121-04-23
C
B
A
E
D
How to assign keys?
• Give every pair of nodes a different key
• This requires keys for n nodes
/ Department of Mathematics and Computer Science PAGE 2221-04-23
C
B
A
E
D
2
)1(
2
nnn
Using fewer keys
• Is secure communication possible with fewer keys?− Yes, assuming that some nodes may be trusted
• Assumption: at most t nodes cannot be trusted• Aim: minimize the total number of keys, c
/ Department of Mathematics and Computer Science PAGE 2321-04-23
Splitting a message
/ Department of Mathematics and Computer Science PAGE 2421-04-23
Splitting a message
• Split a message and send it through different paths• Example: communication from A to D
/ Department of Mathematics and Computer Science PAGE 2521-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
Splitting a message
• Split a message and send it through different paths• Example: communication from A to D
/ Department of Mathematics and Computer Science PAGE 2621-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
part 1
Splitting a message
• Split a message and send it through different paths• Example: communication from A to D
/ Department of Mathematics and Computer Science PAGE 2721-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
part 1
part 2
Splitting a message
• Determine random shares: M1, M2, ... , Ms-1
• Use bitwise addition mod 2: “ ”, or “XOR”
• Ms = M1 M2 ... Ms-1 M
• M1 M2 ... Ms-1 Ms = M
/ Department of Mathematics and Computer Science PAGE 2821-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
/ Department of Mathematics and Computer Science PAGE 2921-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
/ Department of Mathematics and Computer Science PAGE 3021-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M0 = 01001000 01101001 00100001
/ Department of Mathematics and Computer Science PAGE 3121-04-23
Splitting a message
• Example: the message is ‘Hi!’
M0 = 01001000 01101001 00100001
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M1 = 11101101 11101111 10010001
M2 = 10100101 10000110 10110000
M0 = 01001000 01101001 00100001
/ Department of Mathematics and Computer Science PAGE 3221-04-23
Sending a message
/ Department of Mathematics and Computer Science PAGE 3321-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
M1
Sending a message
/ Department of Mathematics and Computer Science PAGE 3421-04-23
A (1,2) B (1,4)
C (2,3) D (3,4)
1
3
2 4
M1
M2
Retrieving a message
• The message is retrieved as the XOR of all shares:
• M = M1 M2 ... Ms
• All shares are needed to retreive the message
/ Department of Mathematics and Computer Science PAGE 3521-04-23
Constructions for t=1
• One corrupt node• The total number of keys is c• How large can n be?
/ Department of Mathematics and Computer Science PAGE 3621-04-23
Sperner’s theorem
• n is at most
• This uses all possible key sets of size
/ Department of Mathematics and Computer Science PAGE 3721-04-23
2c
c
2
c
Example
/ Department of Mathematics and Computer Science PAGE 3821-04-23
62
4
n
4c
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Example
• Communication from A to F
/ Department of Mathematics and Computer Science PAGE 3921-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Example
• Communication from A to F
/ Department of Mathematics and Computer Science PAGE 4021-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F
/ Department of Mathematics and Computer Science PAGE 4121-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4221-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4321-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4421-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4521-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all possible combinations of A’s and F’s keys
/ Department of Mathematics and Computer Science PAGE 4621-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Example
• Communication from A to F• Use all combinations of their keys
/ Department of Mathematics and Computer Science PAGE 4721-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X XA (1,2) F (3,4)
E(2,4)
D (2,3)
C (1,4)
B (1,3)
4
32
1
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 4821-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 4921-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5021-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5121-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5221-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5321-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Conclusion: Key 1 and 2or Key 3 and 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5421-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Conclusion: Key 1 and 2or Key 3 and 4
Eavesdrop
• The following keys are needed:
/ Department of Mathematics and Computer Science PAGE 5521-04-23
Key 1 Key 2 Key 3 Key 4
A X X
B X X
C X X
D X X
E X X
F X X
Key 1 or Key 3 Key 1 or Key 4 Key 2 or Key 3 Key 2 or Key 4
Conclusion: Key 1 and 2or Key 3 and 4
Possible constructions
Number of nodes n 6 10 20 35 70 126 252
Number of keys c 4 5 6 7 8 9 10
/ Department of Mathematics and Computer Science PAGE 5621-04-23
Possible constructions
Number of nodes n 6 10 20 35 70 126 252
Number of keys c 4 5 6 7 8 9 10
/ Department of Mathematics and Computer Science PAGE 5721-04-23
25.1)(log2 nc
Possible constructions
Number of nodes n 6 10 20 35 70 126 252
Number of keys c 4 5 6 7 8 9 10
/ Department of Mathematics and Computer Science PAGE 5821-04-23
25.1)(log2 nc
For other values of n (Desmedt, Duif, Van Tilborg, Wang):
25.2)(log2 nc
Constructions for t>1
• Similar splitting of messages• Different constructions• Dual of a 2-design is used
/ Department of Mathematics and Computer Science PAGE 5921-04-23
What is a 2-design?
/ Department of Mathematics and Computer Science PAGE 6021-04-23
Example
/ Department of Mathematics and Computer Science PAGE 6121-04-23
The Fano Plane
Example
/ Department of Mathematics and Computer Science PAGE 6221-04-23
The dual is found by interchanging the points and lines
The Fano Plane
Example
/ Department of Mathematics and Computer Science PAGE 6321-04-23
The dual is found by interchanging the points and lines
The dual of the Fano Plane
Example
/ Department of Mathematics and Computer Science PAGE 6421-04-23
The dual is found by interchanging the points and lines
The dual of the Fano Plane
Another example
/ Department of Mathematics and Computer Science PAGE 6521-04-23
The Affine Plane over F3
Another example
/ Department of Mathematics and Computer Science PAGE 6621-04-23
The dual of the Affine Plane over F3
Important property
/ Department of Mathematics and Computer Science PAGE 6721-04-23
The dual of the Affine Plane over F3
Every two lines meet in a unique point
Possible constructions
Number of nodes, n 7 12 26 35 57 70
Number of keys, c 7 9 13 15 19 21
/ Department of Mathematics and Computer Science PAGE 6821-04-23
Number of nodes, n 13 20 50 63
Number of keys, c 13 16 25 28
t=2
t=3
ntc Known constructions: ntc
Other values of n
• Combine constructions• Use building blocks that are t-safe• Use some extra keys
/ Department of Mathematics and Computer Science PAGE 6921-04-23
Combining constructions
/ Department of Mathematics and Computer Science PAGE 7021-04-23
Safe for t=2
Combining constructions
/ Department of Mathematics and Computer Science PAGE 7121-04-23
Safe for t=2 Safe for t=2
Combining constructions
/ Department of Mathematics and Computer Science PAGE 7221-04-23
Safe for t=2
t+1 extra keys
How many keys are needed?
• Conjecture:
• Known constructions:
• Which is better?
/ Department of Mathematics and Computer Science PAGE 7321-04-23
ntc 2
ntc
PAGE 7421-04-23
Conclusions
• Block designs use fewer keys than existing constructions
• Constructions may be combined• Block designs use many communication paths
(about where is possible)
/ Department of Mathematics and Computer Science PAGE 7521-04-23
3t 1t
End of presentation
/ Department of Mathematics and Computer Science PAGE 7621-04-23
dual
Splitting messages Block designs
Combining constructionst=1
t>1
ntc 2
25.2)(log2 nc