Key Managment

8/3/2019 Key Managment

1/39

Key managementKey management deals with how secret keys insymmetric key cryptography andpublic keys inasymmetric key cryptography are distributed andmanaged.

Symmetric-key distributionAsymmetric-key distribution

Topics discussed in this section:


2/39

SYMMETRIC-KEY DISTRIBUTIONSymmetric-key cryptography is where a shared secretkey between two people is used in order tocommunicate with each other.

To exchange confidential messages with N people, oneneeds N different keys. However

for N people to communicate with one another, a total

of N(N-1)/2 keys are needed


3/39

Symmetric-key distributionEach person in the group of N needs N-1 keys tocommunicate with the others but because the key areshared we need only N(N-1)/2


4/39

However this approach has two problems and theyinclude N2 problem and distribution of keys .

This is when the number of required keys for N entitiesis close to N2 .

Since we need N(N-1)/2 keys this means that if wehave 1 million people to communicate with each other

then each person needs almost 0.5 million keys so intotal 1 billion keys are needed.


5/39

Weve seen that the number of keys can be a problemplus the distribution of the keys. For example, if Alicewants to communicate with Bob she needs just onekey. If she needs to communicate with 1 millionpeople, she will need 1 million keys BUT how can sheexchange 1 million secret keyswith 1 million people.

Efficient ways of maintaining and distributing secretkeys are needed and are as follows:


6/39

1.Key Distribution Center(KDC)we need an efficient to maintain and distribute secretkeys thats why we use KDC .

This is were each person establishes a sharedsecretkey with a trusted partyknown as the KeyDistribution key (KDC) in order to reduce the numberof keys needed.


7/39

Key Distribution Center: KDC


8/39

A secret key is established between the KDC and eachmember.

Process:

Alice sends request to KDC, stating that she need asecret session key (temporary) with Bob.

KDC informs Bob of Alices request.

If Bob agrees, session key is created between the two.


9/39

Secret key established by each member at the KDC isused to authenticate each member to the KDC andprevent impersonation from others

Note


10/39

Creation of session keysWhen KDC creates secret keys for each member, thiskey is used only between the member and the KDCbut not between the two members.

For two members to communicate with each otherKDC creates a session key using their secret keys at thecenter, authenticates the members to the center and toeach other then establishes a session between them.

Once communication is terminated, the session key isno longer valid.

NOTE: Session key is used only once percommunication


11/39

Note

A session symmetric key between two parties is used

only once.


12/39

Creation of session key between Alice(sender)

and Bob(receiver).


13/39

Creation of session keysStep1: Alice sends a plain text message to the KDCrequesting a symmetric session key between herselfand Bob. Message contains her registered id(Alice),Bobs id(Bob). This message is not encrypted but KDCdoesnt mind.


14/39

Creation of session keysStep2: KDC receives the message and creates whatis called a ticket. Ticket is encrypted with Bobs keyand contains Alices id, Bobs id and the session

key. The ticket with a copy of the session key issent to Alice; she decrypts it and extracts thesession key. She can t decrypt Bobs ticket becauseit is meant for Bob.NOTE:Theres double encryption in this messagei.e. ticket and entire message. In this secondmessage Alice is authenticated to the KDC becauseshe is the only one who can decrypt the message.


15/39

Creation of session keysStep3: Alice sends the ticket to Bob then Bob opensthe ticket and knows that Alice wants to sendmessages to him using the specified session key.

NOTE: In this message Bob too is authenticated to theKDC because he is the only one who can actually openthe message.

Since Bob is authenticated to the KDC he is alsoauthenticated to Alice in the same way Alice isauthenticated to Bob since they both trust the KDC.


16/39

KerberosThis is an authentication protocol at the same time aKDC that has become very popular.

Three servers are involved in the kerberos protocol:Three servers are involved in kerberos protocol

Authentication server(AS)

Ticket-granting server(TGS)

Real Data Server that provides services to others.

In our example Bob is he server and Alice is the user


17/39

Relationship between kerberos

servers


18/39

e a ons p e ween er erosservers

Authentication Server(AS): The AS is the KDC in

the kerberos protocol. Each user registers with ASand is granted a user identity and password. AShas a database with all the registeredidentifications and passwords. AS verifies the user

and issues a session key to be used between Aliceand TGS and then sends ticket for TGS.

Ticket-Granting Server(TGS): Issues ticket for the

real server (Bob). It also provides a session keybetween user(Alice) and receiver(Bob). Kerberosseparates user verification from ticket issuing sothat user verifies id with AS just once and can later

she can contact TGS multiple times to obtain


19/39

Relationship between kerberos

serversReal Server: The real server(Bob) provides services tothe user(Alice).

Kerberos is designed for client/server program such asFTP in which user uses the client process to accessserver process.


20/39

Operation of the Kerberos servers


21/39

Operation of kerberos servers cont

Client process(Alice) can access running processrunning on real server(Bob) in 6 steps:Step1:Alice sends her request to AS in plain text using her

registered id.Step2:AS sends a message encrypted with Alice's

symmetric key. The message contains two items: sessionkey that is used by Alice to contact TGS and ticket forTGS that is encrypted with the TGS symmetric key .Alice does not know her symmetric key, but when themessage arrives, she types her symmetric password. ThePassword and the appropriate algorithm together createthe symmetric key if the password is correct. Thepassword is then immediately destroyed; it is not sent tothe network, and it does not stay in the terminal. Processthen uses Alices key to decrypt message sent. Bothsession key and ticket are extracted.


22/39

Operation of kerberos servers contStep3: Alice now sends three items to TGS. The first is

the ticket received from AS then second is the name ofthe real server (Bob), the third is a timestamp which is

encrypted by the session key. The timestamp preventsa replay by Eve.


23/39

Operation of kerberos serversStep4:Now, TGS sends two tickets, each containing the

session key between Alice and Bob . The ticket forAlice is encrypted with session key ; the ticket for Bob

is encrypted with Bob's key . Note Eve cannot extractsession key between Alice and Bob because she doesntknow the session key or Bobs key .

Step5:Alice sends Bob's ticket with the timestamp

encrypted by session key for both Alice and Bob.Step6:Bob confirms the receipt by adding 1 to the

timestamp. The message is encrypted with KAB andsent to Alice.


24/39

Using different servers: To receive services fromdifferent servers, Alice just needs to start from step3 to6. Verification of her identity need not to be repeated.


25/39

ASYMMETRIC(PUBLIC)-KEY DISTRIBUTION

Asymmetric-key cryptography involves two keys;public key and private key

To communicate with someone, one only needs thepublic key of that person

Public key is open and available to everyone, howeveran existing private key is shielded from everyone and iskept private. This public key can be obtained by


26/39

Distribution of public keysPublic Announcement: This is a nave approach toannounce the key publicly e.g. newspapers, internet,scream the key from the senate building etc. However,this approach is not secure because its subject toforgery and even impersonation.

Trusted Center: More secure approach were the keysare kept in a dynamically updateable directory(like

telephone directory) by a trusted center . Each usercan select private/public key then keeps private keyand deliver public key for insertion into the directory.Center requires that each user registered proves their

identity.


27/39

Announcing a public key


28/39

Trusted center


29/39

Distribution of public keysControlled trusted center: This achieves higher levelof security by including a timestamp that is signed byan authority to prevent interception and modification

of the response of public key announcements.Example: If Alice wants to know Bobs public-key, shesends a request to the center including Bobs name andtimestamp then center responds with Bobs public key,

original request and timestamp signed with centersprivate key. Alice use public key of center that isknown by all to decrypt the message and extract Bobspublic key. Diagram below


30/39

Controlled trusted center


31/39

Distribution of public keysCertificate Authority(CA):CA is a federal or stateorganization that binds a public key to anentity/person and issues a certificate.

The previous approaches can cause a heavy load onthe center when the number of requests is large so thealternative is to create public key certificates .


32/39

Certificate Authority(CA)How CA works: Bob wants two things: he wants people toknow his public key, and he wants no one to accept a publickey forged as his. Bob can go to a CA. The CA has a well-

known public key itself that cannot be forged. The CAchecks Bob's identification (using a picture id along withother proof). It then asks Bob for his public key and theputs it on the certificate. To prevent certificate from beingforged CA also signs certificate using its private key.

After this Bob can upload the signed certificate. If anyonewants Bobs public key, they download the certificate anduse the public key of the CA to extract Bobs public keyfrom the certificate. Diagram below


33/39

Certification authority


34/39

X.509 protocolThough these certificates solve public key fraud itcreates a side effect in that each certificates mayhave a different format.

If one wishes to automatically download certificatesbelonging to different people, they may not be able todo so because one certificate may have public key inone format then another in another format e.g publickeys for different certificates may be on different lines.

To solve this, X.509 protocol was designed to describethe certificate in a structured way:


35/39

Fields on certificate as structured

by X.509 protocol Version Serial Number Signature

Issuer Period of validity Subject Subjects public key Issuer unique identifier Subject unique identifier Extension Encrypted


36/39

PUBLIC KEY INFRASTRUCTURE(PKI)In order to use public keys universally, we cant haveonly one KDC to answer all the queries. We need manyservers and the best solution is to put the servers in a

hierarchical relationship with one another.

Therefore, the solution to public key queries is ahierarchical structure called Public KeyInfrastructure(PKI).


37/39

PKI hierarchy


38/39

PKI hierarchyAt the first level; we have the root CA that certifies theperformance of CAs in the second level

Level-1 CAs operate in large geographical or logicalareas

Level-2 CAs operate in smaller geographical areas.


39/39

Key Managment

Documents

Transcript of Key Managment