资源描述
Click to edit Master title style,Click to edit Master text styles,Second level,Third level,Fourth level,Fifth level,SMU,CSE 5349/7349,*,Key Distribution,SMU,Where to Put Encryption?,Link level,Vulnerable links equipped with encryption devices on both sides,Needs large number of devices,Needs decryption to perform routing,End-to-end,Carried out at the end systems,Can encrypt only the data portion and not the header,SMU,Link vs.End-to-End Key Distribution,Link keys must be distributed to each pair of link endpoints in advance,Relatively easy to distribute securely,For e-t-e,must generate and distribute many keys,often in real time,SMU,Logical Placement,Application layer,Transport layer,Network layer,Link layer,SMU,Traffic Analysis,Both techniques hide user data(payload),Link encryption,Hides address information,Buffers clear data in each node,E-T-E encryption,Leaves addresses in the clear,No need to buffer decrypted payload,Use both techniques?,SMU,Traffic Analysis,Identities of communicating partners,Frequency of communication,Message patterns,e.g.,length,quantity,(encrypted)content,Correlation between messages and real world events,Can(sometimes)be defeated through traffic padding,SMU,Covert Channels,Essentially,the dual of traffic analysis,Usually intended to violate or defeat a security policy,Examples,Message length,Message content,Message presence,SMU,Key Distribution,Most important component in secure transmission.,Options:(between A and B).,A selects a key and physically delivers it to B.,A trusted third party key distribution center(KDC)selects a key and physically delivers it to A and B.,If A and B already have have a viable key,it can be used to distribute a new key.,If A and B have a secure link to KDC,can receive the key through that channel.,SMU,Key Distribution(contd),Manual delivery is straightforward for link encryption,challenging for E-T-E,The number of keys grows quadratically with the number of endpoints,(n*(n-1)/2),Further complexity for application/user level encryption,KDC a good alternative,Only,n,master keys required,SMU,Decentralized Distribution,No need for KDC to be trusted and protected,Any two nodes can establish a session key,Needs n(n-1)/2 master keys,Can generate any number of session keys,Key distribution protocol,SMU,Public Key Management,Distribution of public keys,Public announcement,Public directories,Public-key authority,Public-key certificates,Use of public-key encryption to distribute secret keys,SMU,Public-Key Authority and Certificates,Very similar to session key obtaining process,Both the parties are assumed to have authoritys public key,Authority sends the key encrypted in private key(for authentication),Authority could be a bottle-neck,Instead use certificates authenticated by authority,SMU,Public-key distribution of secret keys,A sends public key,ID)to B,B sends secret key encrypted in Kua,A decrypts for private key,SMU,Public-Key Authority,Public-key authority,A,B,(1)Request|T,1,(2)E,Kd_auth,K,e_b,|Request|T,1,(3)E,Ke_b,ID,A,|N,1,(6)E,Ke_a,N1|N2,(7)E,Ke_b,N,2,(4)Request|T,2,(5)E,Kd_auth,K,e_a,|Request|T,2,SMU,Public-Key Certificates,A certificate contains a public key and other information,Created by a certificate authority,Given to the participant with the matching private key,A participant transmits its certificate to convey its key information,Other participants can verify that the certificate was created by the authority,All nodes are pre-configured with the public key of the certificate authority(CA),SMU,Exchange of Public-key Certificates,Certificate Authority,A,B,K,e_a,C,A,=E,Kd_auth,T,1,ID,A,K,e_a,(1)C,A,K,e_b,C,B,=E,Kd_auth,T,2,ID,B,K,e_b,(2)C,B,B does:D,Ke_auth,(C,A,)=D,Ke_auth,(E,Kd_auth,T,1,ID,A,K,e_a,)=(T,1,ID,A,K,e_a,),hence gets the public key of A,SMU,Public-key distribution of secret keys,A sends public key,ID)to B,B sends secret key encrypted in Kua,A decrypts for private key,Vulnerable to active attack?,A,B,(1)K,u_a,|ID,A,(2)E,Ku_a,K,s,SMU,Distribution With Confidentiality and Authentication,A,B,(1)E,Ku_b,N,1,|ID,A,(2)E,Ku_a,N,1,|N,2,(3)E,Ku_b,N,2,(4)E,Ku_b,E,Kr_a,K,s,SMU,Diffie-Hellman KE,Public information:,p,is a,prime number,g,is a generating element of,Z,p,Alices,Private Key:,a,Public Key:,g,a,mod,p,Bobs,Private Key:,b,Public Key:,g,b,mod,p,SMU,DH Key Exchange,Key Exchange:,Alice obtains,g,b,and computes,(,g,b,),a,=,g,ab,mod,p=k,s,Bob obtains,g,a,and computes,(,g,a,),b,=,g,ab,mod,p,=,k,s,Alice and Bob have agreed upon key,k,s,The well-known,man-in-the-middle,attack exploits the lack of authentication,SMU,Diffie-Hellman Scheme,Security factors,Discrete logarithm very difficult.,Shared key(the secret)itself never transmitted.,Disadvantages:,Expensive exponential operation,The scheme itself cannot be used to encrypt anything it is for secret key establishment.,No authentication,so you can not sign anything,SMU,Man-In-The-Middle Attack,AliceEveBob,g,a,=123,g,e,=654,g,b,=255,123-654-,-654 -255,g,ae,g,eb,Eve plays Bob to Alice and Alice to Bob
展开阅读全文