Presentation is loading. Please wait.

Presentation is loading. Please wait.

Secret Sharing and Key Escrow Supplemental Information for Cryptology Class Lecture slides by Richard Newman.

Published bySuzan Quinn Modified over 9 years ago

Similar presentations

Presentation on theme: "Secret Sharing and Key Escrow Supplemental Information for Cryptology Class Lecture slides by Richard Newman."— Presentation transcript:

1 Secret Sharing and Key Escrow Supplemental Information for Cryptology Class Lecture slides by Richard Newman

2 Secret Sharing and Key Escrow  touch on a few topics including: Need for key escrow Need for key escrow Basic key escrow approaches and history Basic key escrow approaches and history Secret sharing Secret sharing Threshold schemes Threshold schemes

3 Need for Key Escrow  Recovery of lost key Keyholder unable to provide key Keyholder unable to provide key Forgotten Forgotten Incapacitated Incapacitated Unavailable Unavailable Keyholder unwilling to provide key Keyholder unwilling to provide key Disgruntled (ex-) employee Disgruntled (ex-) employee Criminal, etc. Criminal, etc.  Legitimate causes Organizational information Organizational information Law Enforcement Law Enforcement  Controls on key recovery Only allow recovery when it is legitimate Only allow recovery when it is legitimate Limit recovery to appropriate elements Limit recovery to appropriate elements

4 Copyright  protects tangible or fixed expression of an idea but not the idea itself  is automatically assigned when created  may need to be registered in some countries  exists when: proposed work is original proposed work is original creator has put original idea in concrete form creator has put original idea in concrete form e.g. literary works, musical works, dramatic works, pantomimes and choreographic works, pictorial, graphic, and sculptural works, motion pictures and other audiovisual works, sound recordings, architectural works, software-related works. e.g. literary works, musical works, dramatic works, pantomimes and choreographic works, pictorial, graphic, and sculptural works, motion pictures and other audiovisual works, sound recordings, architectural works, software-related works.

5 Basic Key Escrow  Can store key K with trusted third party S Problem if S is unavailable Problem if S is unavailable Problem if S is compromised Problem if S is compromised Problem if S is dishonest Problem if S is dishonest  Can encrypt key K with key K’, store K’ with trusted third party Same problems as before Same problems as before  Can divide key K into n parts K = K 1 || K 2 || … || K n K = K 1 || K 2 || … || K n But each known part reduces keyspace to search… But each known part reduces keyspace to search… m colluders may be able to guess the rest m colluders may be able to guess the rest

6 Clipper Chip  US government program Wanted all commercial crypto done with Clipper Wanted all commercial crypto done with Clipper Algorithm secret initially (Skipjack – finally revealed) Algorithm secret initially (Skipjack – finally revealed) Wanted two parties to hold escrowed key for each chip Wanted two parties to hold escrowed key for each chip Law enforcement/executive branchLaw enforcement/executive branch Judiciary/judicial branchJudiciary/judicial branch Ultimately died due to strong public resistance Ultimately died due to strong public resistance  Clipper program key escrow Used XOR approach K = K 1 XOR K 2 Used XOR approach K = K 1 XOR K 2 If K 1 is random number, neither K 1 nor K 2 reveal info other than key length If K 1 is random number, neither K 1 nor K 2 reveal info other than key length

7 Secret Sharing  Want to share a secret S Say an escrowed key Say an escrowed key  Express S as a number  Derive shares S i from S, i=1,2,…,k  Each shareholder holds part of S  No fewer than k of them can derive any knowledge of S  All k of them can reconstruct S

8 Shamir’s Polynomial SS  Polynomial of degree k can be specified By k+1 coefficients By k+1 coefficients By k+1 distinct points By k+1 distinct points  Secret is P(x 0 ) Evaluate P at x 0 Evaluate P at x 0  Shares are (x i,P(x i )) for i=1,2,…,k+1 Distribute point pairs to shareholders Distribute point pairs to shareholders Fewer than k+1 points underspecify P(x) Fewer than k+1 points underspecify P(x)

9 Blakely’s Hyperplane SS  Imagine a k-dimensional space E.g., 3-dimensions E.g., 3-dimensions  Can specify (k-1)-dimensional hyperplanes These must be unique and must all have a common intersection point These must be unique and must all have a common intersection point Any two intersect in a (k-2)-dimensional hyperplane Any two intersect in a (k-2)-dimensional hyperplane E.g., 2-dimensional planes intersect in a line E.g., 2-dimensional planes intersect in a line  K of these hyperplanes intersect in a point The point coordinates constitute the shared secret The point coordinates constitute the shared secret

10 Threshold Schemes  Extend secret sharing so that any k of n shareholders can recover secret Useful for fault tolerance Useful for fault tolerance And for threshold authorization policies And for threshold authorization policies  Examples Shamir: issue more points of polynomial Shamir: issue more points of polynomial Any k points of a k-1 degree polynomial specify polynomialAny k points of a k-1 degree polynomial specify polynomial Issue more than k points; any k of them will doIssue more than k points; any k of them will do Blakely: issue more intersecting hyperplanes Blakely: issue more intersecting hyperplanes Any k hyperplanes in a k-dimensional space specify the secretAny k hyperplanes in a k-dimensional space specify the secret Issue n>k hyperplanes; any k will doIssue n>k hyperplanes; any k will do

11 Threshold Scheme Uses  Fault tolerant key/secret escrow  Multifactor authentication Require multiple tokens, passwords, etc. Require multiple tokens, passwords, etc. Allow for fault tolerance – lost token, e.g. Allow for fault tolerance – lost token, e.g. Helps discourage theft (can’t use stolen object without the other needed elements) Helps discourage theft (can’t use stolen object without the other needed elements)  Multiparty authorization Require multiple parties to sign credential Require multiple parties to sign credential May be based on roles – so any k can sign May be based on roles – so any k can sign May be made hierarchical May be made hierarchical

12 Summary  reviewed a range of topics: Key escrow need, history, approaches Key escrow need, history, approaches Secret sharing Secret sharing Threshold schemes and uses Threshold schemes and uses

Download ppt "Secret Sharing and Key Escrow Supplemental Information for Cryptology Class Lecture slides by Richard Newman."

Similar presentations

COPYRIGHT AND COPYWRONG Respect Copyright, Celebrate Creativity.

COPYRIGHT AND COPYWRONG Respect Copyright, Celebrate Creativity.
By: Dellyn Ray, Christian Burciaga, And Brandon Gerke.

By: Dellyn Ray, Christian Burciaga, And Brandon Gerke.
Lecture 20 Legal and Ethical Aspects modified from slides of Lawrie Brown.

Lecture 20 Legal and Ethical Aspects modified from slides of Lawrie Brown.
Copyright and P2P Edward W. Felten Dept. of Computer Science Princeton University.

Copyright and P2P Edward W. Felten Dept. of Computer Science Princeton University.
Copyright and Fair Use Dan Lee Interim Team Leader for Undergraduate Services and Copyright Librarian March 21, 2007.

Copyright and Fair Use Dan Lee Interim Team Leader for Undergraduate Services and Copyright Librarian March 21, 2007.
US Copyright and Intellectual Property Issues Carol Green.

US Copyright and Intellectual Property Issues Carol Green.
Copyright Law Boston College Law School February 13, 2003 Formalities 2 - Review.

Copyright Law Boston College Law School February 13, 2003 Formalities 2 - Review.
1 Introduction to Software Engineering Lecture 38 – Intellectual Property.

1 Introduction to Software Engineering Lecture 38 – Intellectual Property.
Chapter 7.5 Intellectual Property Content, Law and Practice.

Chapter 7.5 Intellectual Property Content, Law and Practice.
Secret Sharing Algorithms

Secret Sharing Algorithms
© 2002 Regents of the University of Michigan For questions or permission requests, contact Jack Bernard,

© 2002 Regents of the University of Michigan For questions or permission requests, contact Jack Bernard,
Intellectual Property Boston College Law School January 11, 2008 Copyright – Fixation, Exclusions.

Intellectual Property Boston College Law School January 11, 2008 Copyright – Fixation, Exclusions.
© 2002 Steven J. McDonald What do these have in common? The Mona Lisa The Starr report What I am saying Your idea for a web page The Wexner Center for.

© 2002 Steven J. McDonald What do these have in common? The Mona Lisa The Starr report What I am saying Your idea for a web page The Wexner Center for.
Intellectual Property Boston College Law School January 18, 2008 Copyright – Ownership, Duration.

Intellectual Property Boston College Law School January 18, 2008 Copyright – Ownership, Duration.
Key Recovery and Secret Sharing -- Towards balancing the interests of individuals and those of governments --

Key Recovery and Secret Sharing -- Towards balancing the interests of individuals and those of governments --
Copyright & Fair Use. What is copyright? The legal right granted to an author, composer, playwright, publisher, or distributor to exclusive publication,

Copyright & Fair Use. What is copyright? The legal right granted to an author, composer, playwright, publisher, or distributor to exclusive publication,
C OPYRIGHT — W HAT ’ S THE B IG D EAL Copyright in an Academic Setting.

C OPYRIGHT — W HAT ’ S THE B IG D EAL Copyright in an Academic Setting.
Cryptography and Network Security Chapter 23 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 23 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Keywords: Legislation, Guidelines, Ownership, Copyright, Permissions, Copyright Free LO: You will be able to understand and explain Copyright, Designs.

Keywords: Legislation, Guidelines, Ownership, Copyright, Permissions, Copyright Free LO: You will be able to understand and explain Copyright, Designs.
Free Powerpoint Templates Page 1 Free Powerpoint Templates Copyright Law in Schools By Fran Rader

Free Powerpoint Templates Page 1 Free Powerpoint Templates Copyright Law in Schools By Fran Rader

Similar presentations

Ads by Google