5 - protocols, key man't, digital sertificates Flashcards
Cryptographic protocol
specification of message exchanges and action that involve use of cryptographic primitives in order to achieve a set of specific security goals
Elements of crypto protocol
1- assumptions
2- flow
3- messages
4- actions
Authentication and key establishment (AKE) objectives
1- mutual entity authentication
2- establishment of a common symmetric key
AKE protocol goals
- mutual:
– EA
– DOA
– key establishment
– key confirmation - key:
– confidentiality
– freshness
– unbiased control
Diffie Hellman protocol properties
- for environemnts w/o secure channels
- based on discrete logarithm
DH process
- A, B select p (large prime) and q<p (integer)
- A, B choose secret random n, m
- A->B: N = q^n mod p
B->A: M= q^m mod p - A: A = M^n = q^mn mod p
B: B = N^m = q^nm mod p
DH weakness
man in the middle attack
DH in practice
public key sertificate:
- public key
- info on owner’s indetity
- Dsign of issuer (verifies certificates)
Key man’t - areas
- lifecycle
- generation
- establishment
- storage
- usage
Key hierarchy
- master keys (?)
- keys encrypting keys
- data keys
Reason for key distribution
n users => n(n-1)/2 pairs (shared master keys)
What is used to prove identity in key distribution scenarios?
public key certificate
Public key certificate
strong association b/w a public key, its owner and other relevant data (expiry dates, restriction, etc)
PK certificate contents
- owner’s name
- PK value
- validity period
- signature: issuer signs data that forms PKS
Certification authority
- certificate creation and revocation
- trust anchor
