Key Establishment Techniques: Key Distribution and Key Agreement - PowerPoint PPT Presentation

About This Presentation
Title:

Key Establishment Techniques: Key Distribution and Key Agreement

Description:

Can be extended to arbitrary radix b using Ingemarsson as the basic building block. ... Optimal radix in both cases is 2. The Conference Tree ... – PowerPoint PPT presentation

Number of Views:270
Avg rating:3.0/5.0
Slides: 12
Provided by: wadet
Category:

less

Transcript and Presenter's Notes

Title: Key Establishment Techniques: Key Distribution and Key Agreement


1
Key Establishment TechniquesKey Distribution
and Key Agreement
  • Wade Trappe

2
Key Establishment The problem
  • Securing communication requires that the data is
    encrypted before being transmitted.
  • Associated with encryption and decryption are
    keys that must be shared by the participants.
  • The problem of securing the data then becomes the
    problem of securing the establishment of keys.
  • Task If the participants do not physically meet,
    then how do the participants establish a shared
    key?
  • Two types of key establishment
  • Key Agreement
  • Key Distribution

3
Key Distribution
  • Key Agreement protocols the key isnt determined
    until after the protocol is performed.
  • Key Distribution protocols one party generates
    the key and distributes it to Bob and/or Alice
    (Shamirs 3pass, Kerberos).
  • Shamirs Three-Pass Protocol
  • Alice generates and Bob generates
    .
  • A key K is distributed by

4
Basic TTP Key Distribution
KDC
Kb
Ka
1. A Sends Request IDA IDB N1
2. KDC Sends EKa KAB Request IDA IDB
N1EKb(KAB, IDA)
3. A Sends EKb(KAB, IDA)
4. B Sends EKAB(N2)
5. A Sends EKAB(f(N2))
5
Key Agreement
  • In many scenarios, it is desirable for two
    parties to exchange messages in order to
    establish a shared secret that may be used to
    generate a key.
  • The Diffie-Hellman (DH) protocol is a basic tool
    used to establish shared keys in two-party
    communication.
  • Two parties, A and B, establish a shared secret
    by
  • The security of the DH scheme is based upon the
    intractibility of the Diffie-Hellman Problem
  • The Diffie-Hellman scheme can be extended to work
    on arbitrary groups (e.g. Elliptic Curves).

6
Intruder In The Middle
  • The Intruder-in-the-Middle attack on
    Diffie-Hellman is based upon the following
    strategy to improve ones chess ranking
  • Eve challenges two grandmasters, and uses GM1s
    moves against GM2. Eve can either win one game,
    or tie both games.
  • Eve has and can perform the
    Intruder-in-the-Middle attack by

Alice
Bob
Eve
Decrypts data with KAE, uses data and encrypts
with KBE
Decrypts data with KBE
7
Station-to-Station Protocol
  • Digital signatures can be used to prevent this
    protocol failure (STS Protocol).
  • A digital signature is a scheme that ties a
    message and its author together.
  • Private sig( ) function and Public ver( )
    function.

Verifies sig
Verifies sig
8
N-to-N Group Key Establishment
  • Many group scenarios require contributory key
    establishment protocols.
  • 1-to-1 Key Establishment Diffie-Hellman (DH)
    protocol
  • Two parties, A and B, establish a shared secret
    by
  • Extensions to multi-user scenarios
  • Ingemarsson Requires N-1 rounds and O(N2)
    exponentiations
  • Burmester-Desmedt Requires 2 rounds but full
    broadcast
  • GDH (Steiner et al.) Requires N rounds and O(N)
    exp.

9
Butterfly Group Diffie-Hellman
Example
u1
u2
u3
u4
  • Can be extended to arbitrary radix b using
    Ingemarsson as the basic building block.
  • Total Rounds
  • Total Messages
  • Optimal radix in both cases is 2.

u5
u6
u7
u8
10
The Conference Tree
  • Group key formation procedure is described by
  • Communication flow diagram
  • Conference Tree
  • Conference tree describes the subgroups and
    subgroup keys.

u1
u2
u3
u4
u5
u6
u7
K101
K001
K011
K100
K110
K000
K010
K111
u8
11
Making Primes
  • Fact Let n be an odd prime and let
    , where r is odd. Let a be any integer such that
    gcd(a,n)1. Then either or
    for some .
  • Definition Let n be an odd composite with
    . Let
  • . If either
    or , for some
    then n is a strong pseudoprime
    base a, and a is a strong liar for n.
  • Fact If n is an odd composite integer, then at
    most 1/4 of the numbers a are strong liars for
    n.
  • We can use this in a Monte-Carlo algorithm to
    produce primes
  • Test t different as.
  • Probability of falsely identifying a prime is
Write a Comment
User Comments (0)
About PowerShow.com