Symmetric Key Infrastructure Karel Masarik, Daniel Cvrcek Faculty of Information Technology Brno University of Technology

Slides:



Advertisements
Similar presentations
Chapter 14 – Authentication Applications
Advertisements

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
Cryptography and Network Security Chapter 14
Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Lecture 23 Internet Authentication Applications
Authentication & Kerberos
1 Digital Signatures & Authentication Protocols. 2 Digital Signatures have looked at message authentication –but does not address issues of lack of trust.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
6/1/20151 Digital Signature and Public Key Infrastructure Course:COSC Instructor:Professor Anvari Student ID: Name:Xin Wen Date:11/25/00.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
CS555Spring 2012/Topic 161 Cryptography CS 555 Topic 16: Key Management and The Need for Public Key Cryptography.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
EEC 688/788 Secure and Dependable Computing Lecture 7 Wenbing Zhao Department of Electrical and Computer Engineering Cleveland State University
Information Security of Embedded Systems : Algorithms and Measures Prof. Dr. Holger Schlingloff Institut für Informatik und Fraunhofer FIRST.
E-Government Security and necessary Infrastructures Dimitrios Lekkas Dept. of Systems and Products Design Engineering University of the Aegean
Key Distribution CS 470 Introduction to Applied Cryptography
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
Security on the Internet Jan Damsgaard Dept. of Informatics Copenhagen Business School
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Computer Science Public Key Management Lecture 5.
Page 1 Secure Communication Paul Krzyzanowski Distributed Systems Except as otherwise noted, the content of this presentation.
Computer Security Tran, Van Hoai Department of Systems & Networking Faculty of Computer Science & Engineering HCMC University of Technology.
ECE453 – Introduction to Computer Networks Lecture 18 – Network Security (I)
Part Two Network Security Applications Chapter 4 Key Distribution and User Authentication.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Csci5233 Computer Security1 Bishop: Chapter 10 (Cont.) Key Management: Storage & Revoking.
Securing Electronic Transactions University of Palestine Eng. Wisam Zaqoot April 2010 ITSS 4201 Internet Insurance and Information Hiding.
02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.
IS511 Introduction to Information Security Lecture 4 Cryptography 2
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Key Management. Session and Interchange Keys  Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and.
Cryptography and Network Security (CS435) Part Eight (Key Management)
15.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Key Management.
Authentication 3: On The Internet. 2 Readings URL attacks
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
Matej Bel University Cascaded signatures Ladislav Huraj Department of Computer Science Faculty of Natural Sciences Matthias Bel University Banska Bystrica.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Computer and Network Security - Message Digests, Kerberos, PKI –
Creating and Managing Digital Certificates Chapter Eleven.
Cryptography and Network Security Chapter 14
Using Public Key Cryptography Key management and public key infrastructures.
COEN 351 Authentication. Authentication is based on What you know Passwords, Pins, Answers to questions, … What you have (Physical) keys, tokens, smart-card.
Chapt. 10 – Key Management Dr. Wayne Summers Department of Computer Science Columbus State University
User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
CPIS 312 Chapter Four: PUBLIC KEY CRYPTO. Index 2 A.Introduction A.1 Asymmetric Key Cryptography- Introduction A.2 General ideas about the Public Key.
Fourth Edition by William Stallings Lecture slides by Lawrie Brown
Key management issues in PGP
Computer Communication & Networks
Information Security message M one-way hash fingerprint f = H(M)
Presentation transcript:

Symmetric Key Infrastructure Karel Masarik, Daniel Cvrcek Faculty of Information Technology Brno University of Technology

Security and Protection of Information Current State there is no TTP / CA generally trusted large amount of CAs standards for name structure - uniqueness complicated mutual certificate verification is it possible to transfer trust? see Farrell’s presentation from yesterday (XML) commercial pressure to use certificates as often as possible – everywhere certificate structure becomes complicated

Security and Protection of Information Certificate Verification signature verification certificate validity verification certificate attributes verification cross-check with list of revoked certificates all the steps several times verification of root-certificate hash

Security and Protection of Information PKI - Summary there is a TTP + simple key management - when broken, one can not even verify a signature signature verification + in-site (original idea) - access to actual CRL -> on-line access to TTP unique identification + each CA (certificate service provider) takes care of it - is the recipient able to perform the same (never seen an ID card) non-repudiation the biggest advantage of … not PKI but asymmetric crypto

Security and Protection of Information The Facts asymmetric cryptography simple key-agreement non-repudiation when a shared key exists, all the subsequent communication the same as with the symmetric key management X.509-based PKI fails very serious problem is to keep actual information about public keys the assumptions leading to X.509 definition

Security and Protection of Information Communication Schemes a) 1:n – server with clients how big problem is to have a shared symmetric key with the server and use for generation of short-term public key certificates b) m:n, m=n, network (equivalent nodes) server – the one running its own key management a) intranet – one server b) e-business –small number of servers c) - peers >1 server => mutual trust

Security and Protection of Information Eliminating PKI Problems Tiny PKI Local Key Infrastructure entry point – X.509 certificate (link to PKI) our own local shared keys symmetric or asymmetric validity of local keys is short / one-time key we do not need CRL revocation is automatic or on peer-to-peer basis

Security and Protection of Information Local Scheme CA X. 509 certificates client CA client PKI Lokální KI authentication key SDSI names attributes server client Example AK – certificate and shared secret hash AK is the index into databases of shared keys

Security and Protection of Information Properties minimal dependance on PKI (enrollment) complete certificate verification done only once certificate make link name – public key exploring PKI’s unique identification of users CRL is replaced with other mechanisms short-time keys, one-time tickets, direct revocation in n:a communication model client complexity grows categories signer – verifier disappear

Security and Protection of Information Symmetric Key Infrastructure Christianson, Crispo, Malcolm Proc. of Security Protocols basis for a project solved as M.Sc. thesis forward secrecy K i =H(S i-1 |1) and S i =H(S i-1 |0) S i – shared secret K i – symmetric key valid for just one message S i and K i are updated with each message exchange

Security and Protection of Information Non-Repudiation we want to transfer messages secured with symmetric crypto exploiting mutually mistrusting parties for non-repudiation E AT (M), E AB (M) – E TB (M), E AB (M) A, T, B – mutually mistrusting S – e.g. firewalls ATB

Security and Protection of Information Trusted Third Party it is needed shared keys with all users or other TTPs key distribution or translation center – very powerful use of DH key agreement protocol DH does not ensure authentication we do trust TTP to ensure authentication TTP does not posses enough information to follows client communication sessions

Security and Protection of Information Authentication Protocol just an example of how to do it (Denning-Sacco variant of Needham-Schroeder protocol) Alice, Bob, and TTP a common generator g and modulus N A  B: g Xa mod N B  A: g Xb mod N A  T: ID A, ID B, H 2 (g XaXb ) T  A: {ID A, K AB, H 2 (g XaXb ), {ID A, K AB, H 2 (g XaXb )}K BT }K AT A  B: {ID A, K AB, H 2 (g XaXb )}K BT B  A: {H(g XaXb )}K AB

Security and Protection of Information Messages mirrors M Ksm1, M Ksr M Km1m2, M Ksr M Km2m3, M Ksr M Km3r, M Ksr

Security and Protection of Information Messages mirrors M Ksm1, M Ksr M Km1m2, M Ksr M Km2m3, M Ksr M Km3r <> M Ksr

Security and Protection of Information What We Can Do create new relations between “anonymous” entities decrease importance of TTP into authentication and control (arbiter) functions offer mechanisms for ensuring non-repudiation in the case of any dispute detect unauthorized changes of messages and detect their originator compromise of TTP does not break the whole scheme – users can still work

Security and Protection of Information What is the cost each principal needs a hardware security module (smart card at least) PKI expects the same from you each principal generates and keeps logs it is for all principals and all messages they send/receive/transmit there must be a TTP for principal enrolment and dispute solving PKI needs a TTP with much more power

Security and Protection of Information Conclusions PKI is not universal and problem-free key management should be designed with taking care of environment we do not need X.509v3, v4 in most applications less options requirements must be made mandatory

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.