Download presentation
Presentation is loading. Please wait.
Published byAntony Stokes Modified over 9 years ago
1
Key Management
2
Session and Interchange Keys Key management – distribution of cryptographic keys, mechanisms used to bind an identity to a key, and the generation, maintenance, and revoking of such keys Solves problem of propagating authentication Interchange key – cryptographic key associated with a principal to a communication Session key - cryptographic key associated with the communication
3
Key Exchange Goal is two allow two parties to communicate secretly using a shared cryptographic key 1.Key cannot be transmitted in the clear (must be encipher when sent or derived without an exchange of data used to derive the key) 2.Sender and receiver may decide to trust a third party 3.Cryptosystems and protocols are publicly known. The only secret data is the keys involved.
4
Cryptographic Key Infrastructures Certificate- token that binds an identity to a cryptographic key X.509: Directory Authentication Framework – defines certificate formats and certification validation (see security notes for details) Certification authority (CA) – entity that issues certificates PGP (Pretty Good Privacy) – enchipherment program widely used to provide privacy for electronic mail (see web link to www.pgp.org)
5
Storing and Revoking Keys If stored in a file, easy to compromise, even if enchiphered Store on one or more smart cards (ROM)
6
Digital Signatures Digital signatures – authenticates both the origin and content of a message Uses public key cryptography Provides nonrepudiation RSA Digital Signature (some problems) El Gamal Digital Signature
Similar presentations
© 2024 SlidePlayer.com. Inc.
All rights reserved.