2. Key Distribution Problem:
When cryptography is employed for secure
communications in distributed systems, a need for key
distribution arises because two communicating
entities can securely communicate only when they
obtain matching keys for encryption and decryption
oh the transmitted messages.
A matching keys held by two communicating
entities forms an independent, private logical channel
between them.
The key distribution problem deals with how to
securely supply the keys necessary to create these
logical channels
3. Key Distribution In Symmetric
Cryptosystems
When two users of two different nodes
want to communicate securely by
using a symmetric cryptosystem, they
must first share the
encryption/decryption key.
The key must be transmitted from one
of the two users to the other user.
A circularity exists in symmetric
cryptosystems.
This circularity can only be broken
through prior distribution of a small
number of keys by some secure means.
The usual approach is to use a server
process that performs the job of A Key
Distribution Center(KDC)
4. APPROCHES ARE AS FOLLOWS:
CENTRSLIZED APPROACH
FULLY DISTRIBUTED APPROACH
PARTIALLY DISTRIBUTED APPROACH
CENTRALIZED APPROACH:
In this approach, a single centralized
KDC is used that maintains a table of
secret keys for each user.
A user’s secret key is known only to
the user and KDC.
6. m1=(Ra,Ida,IDb)
Where Ra=code for the request made by user A
IDa=identifier of user A
IDb=identifier of user B
m2=E((Ra,Kab,C1),Ka)
Where Kab=secret key generated by the KDC for secure
communications between users A
and B
C1=E((Kab,IDa),Kb)
where Kb=private key of user B
Ka=private key of user A
m3=C1
m4=C2=E(Nr,Kab)
where Nr=a random number generated by user B
M5=C3=E(Nt,Kab)
where Nt=f(Nr) and f is a previously defined
function
7. Advantage:
Simple and easy to implement.
Drawback:
Poor reliability and performance
bottleneck of the single KDC
That is ,fresh key distributions cannot take
place if the node on which the KDC resides
crashes, and the KDC may get overloaded
in large system with too many users.