Key Management. Session and Interchange Keys Key management – distribution of cryptographic keys,...
-
Upload
antony-stokes -
Category
Documents
-
view
223 -
download
0
Transcript of Key Management. Session and Interchange Keys Key management – distribution of cryptographic keys,...
Key Management
Session and Interchange Keys
Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and the generation, maintenance, and revoking of such keys
Solves problem of propagating authentication
Interchange key – cryptographic key associated with a principal to a communication
Session key - cryptographic key associated with the communication
Key Exchange
Goal is two allow two parties to communicate secretly using a shared cryptographic key
1. Key cannot be transmitted in the clear (must be encipher when sent or derived without an exchange of data used to derive the key)
2. Sender and receiver may decide to trust a third party
3. Cryptosystems and protocols are publicly known. The only secret data is the keys involved.
Cryptographic Key Infrastructures
Certificate- token that binds an identity to a cryptographic key
X.509: Directory Authentication Framework – defines certificate formats and certification validation (see security notes for details)
Certification authority (CA) – entity that issues certificates
PGP (Pretty Good Privacy) – enchipherment program widely used to provide privacy for electronic mail (see web link to www.pgp.org)
Storing and Revoking Keys
If stored in a file, easy to compromise, even if enchiphered
Store on one or more smart cards (ROM)
Digital Signatures
Digital signatures – authenticates both the origin and content of a message
Uses public key cryptography
Provides nonrepudiation
RSA Digital Signature (some problems)
El Gamal Digital Signature