Uploaded byVIRAJRATHOD8
PPTX, PDF352 views

key management

Key management involves techniques for establishing and maintaining secure cryptographic key relationships between parties. It includes procedures for key generation, distribution, installation, storage, backup and recovery, updating, revocation and destruction. The objective is to maintain keys in a way that counters threats like secret key compromise or unauthorized key use, while conforming to a security policy. Symmetric key encryption and public key techniques can be used. Key distribution methods include physical delivery, use of a third party, encryption with a previous key, or relaying via a secure third party communication channel. A key management lifecycle outlines registration, initialization, generation, installation, registration, normal use, backup, update, archival, de-registration and destruction, recovery and rev

Embed presentation

Download to read offline
Key Management and Distribution Submitted To: Asst.Prof.Richa Sharma Submitted By: Viraj Rathod (RSU1908032)
What is keymanagement?  Key management is the set of techniques and procedures supporting the establishment and maintenance of keying relationship between authorized parties.  A keying relationship is the state wherein communicating entities share common data(keying material) to facilitate cryptography techniques. This data may include public or secret keys, initialization values, and additional non-secret parameters.
 Key management encompasses techniques and procedures supporting: 1. Initialization of systems users within adomain; 2. Generation, distribution, and installation of keying material; 3. Controlling the use of keying material; 4. Update, revocation, and destruction of keying material; & 5. Storage, backup/recovery, and archival of keying material.
OBJECTIVES  The objective of key management is to maintain keying relationships and keying material in a manner that counters relevant threats  In practice an additional objective is conformance to a relevant security policy
THREATS 1. Compromise of confidentiality of secret keys. 2. Compromise of authenticity of secret or publickeys. 3. Unauthorized use of public or secret keys.
SECURITYPOLICY  Security policy explicitly or implicitly definesthe threats a system is intended to address.  Security policy may affect the stringency of cryptographic requirements, depending on the susceptibility of the environment in questionsto various types of attack.
KEY Management Techniques  Key management (a). Symmetric-key encryption encryption decryption plaintext plaintextciphertext secretkeysecretkey symmetric key generator
(b) public-key encryption Asymmetric key pair generator Secure channel (private & authentication) Secure channel (authentication only) Unsecured channel (no protection) decryptionencryption plaintext plaintext ciphertext Privatekey Public key
 Public-key techniques Primary advantages offered by public-key techniques for applications related to key management include: 1. Simplified key management. 2. On-line trusted server not required. 3. Enhanced functionality. KEY Management Techniques
 Techniques for distributing confidential keys Key layering and symmetric-key certificates Key layering: 1.master keys –keys at the highest level in the hierarchy 2.key-encrypting keys –symmetric keys or encryption public keys used for key transport or storage of other keys 3.data keys –used to provide cryptographic operations on user data Cont…
Symmetric-key certificates provide a means for a KTC(KeyTranslation Center) to avoid the requirement of either maintaining a secure database of user secrets (or duplicating such a database for multiple servers), or retrieving such keys from a database upon translation requests. Symmetric key certificates
1. User Registration 2. User Initialization 3. Key Generation 4. Key Installation 5. Key Registration 6. Normal Use 7. Key Backup 8. Key Update 9. Archival 10. Key De-registration & Destruction 11. Key Recovery 12. Key Revocation KEY Management lifecycle
 Given parties A and Bhave various key distribution alternatives: 1. A can select key and physically deliver toB 2. third party can select & deliver key to A &B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B KEY distribution
KEY distributionTASk
KEY distributionscenario
 Hierarchies of KDC’s required for large networks, but must trust eachother.  Session key lifetimes should be limited for greater security.  Use of automatic key distribution on behalf of users, but must trust system.  Use of decentralized key distribution.  Controlling key usage. KEY distributionissues
 Merkle proposed this very simple scheme that  allows secure communications  no keys before/after exist Simple secret KEY distribution
secret KEY distributionWith confidentiality & authentication
 It can be considered as using one ofthe following: • Public Announcement. • Publicly Available Directory. • Public-key Authority. • Public-key Certificates. Distributionof public keys
 users distribute public keys to recipients or broadcast to community atlarge  eg. append PGP keys to email messages or post to news groups or email list  major weakness is forgery  anyone can create a key claiming to be someone else and broadcast it  until forgery is discovered can masquerade as claimed user 1). public Announcement
2). publicly Availabledirectory  can obtain greater security by registering keys with a public directory  directory must be trusted with properties:  contains {name,public-key} entries  participants register securely with directory  participants can replace key at anytime  directory is periodically published  directory can be accessed electronically  still vulnerable to tampering orforgery
3). public-KEYAUTHORITY  Improve security by tightening control over distribution of keys from directory.  Has properties of directory.  Requires users to know public key for thedirectory.  Then users interact with directory to obtain any desired public key securely  Does require real-time access to directory when keys are needed.  May be vulnerable to tampering.
pkacont..
4). Public-key certificates  Certificates allow key exchange withoutreal-time access to public-keyauthority.  A certificate binds identity to publickey  Usually with other info such as period of validity, rights of use etc.  With all contents signedby a trusted public-key or certificate authority (CA).  Can be verified by anyone who knows thepublic-key authorities public-key.
pkc cont..
Thank you..!!

More Related Content

PDF
Ch14
byFrancis Alamina
 
PPTX
Key Management and Distribution
bySyed Bahadur Shah
 
PDF
Email security presentation
bySubhradeepMaji
 
PPTX
Cryptography and Network Security
byPa Van Tanku
 
PPTX
Kerberos : An Authentication Application
byVidulatiwari
 
PPTX
MAC-Message Authentication Codes
byDarshanPatil82
 
PPT
Pretty good privacy
byPushkar Dutt
 
PPTX
Public Key Cryptography
byGopal Sakarkar
 
Ch14
byFrancis Alamina
 
Key Management and Distribution
bySyed Bahadur Shah
 
Email security presentation
bySubhradeepMaji
 
Cryptography and Network Security
byPa Van Tanku
 
Kerberos : An Authentication Application
byVidulatiwari
 
MAC-Message Authentication Codes
byDarshanPatil82
 
Pretty good privacy
byPushkar Dutt
 
Public Key Cryptography
byGopal Sakarkar
 

What's hot

PPTX
Key management and distribution
byRiya Choudhary
 
PPTX
Network Security
bymoviebro1
 
PPTX
symmetric cipher model.pptx
byAjaykumar967485
 
PPT
Distribution of public keys and hmac
byanuragjagetiya
 
PPTX
unit 4.pptx of hash function in cryptography
byNithyasriA2
 
PPTX
Substitution cipher and Its Cryptanalysis
bySunil Meena
 
PPTX
Active and Passive Network Attacks
byPradipta Poudel
 
PPTX
Pgp pretty good privacy
byPawan Arya
 
PPT
Email security
byIndrajit Sreemany
 
PPT
Ssl (Secure Sockets Layer)
byAsad Ali
 
PPTX
CISSP - Chapter 3 - Cryptography
byKarthikeyan Dhayalan
 
PPT
Web security
byMuhammad Usman
 
PPTX
Cryptography
bysubodh pawar
 
PDF
Asymmetric Cryptography
byUTD Computer Security Group
 
PPTX
Encryption And Decryption Using AES Algorithm
byAhmed Raza Shaikh
 
PPT
SSL/TLS
byDr Anjan Krishnamurthy
 
PPTX
Hash function
bySalman Memon
 
PPTX
Ssl in a nutshell
byFrank Kelly
 
PDF
BAIT1103 Chapter 6
bylimsh
 
PPT
Protocol for Secure Communication
bychauhankapil
 
Key management and distribution
byRiya Choudhary
 
Network Security
bymoviebro1
 
symmetric cipher model.pptx
byAjaykumar967485
 
Distribution of public keys and hmac
byanuragjagetiya
 
unit 4.pptx of hash function in cryptography
byNithyasriA2
 
Substitution cipher and Its Cryptanalysis
bySunil Meena
 
Active and Passive Network Attacks
byPradipta Poudel
 
Pgp pretty good privacy
byPawan Arya
 
Email security
byIndrajit Sreemany
 
Ssl (Secure Sockets Layer)
byAsad Ali
 
CISSP - Chapter 3 - Cryptography
byKarthikeyan Dhayalan
 
Web security
byMuhammad Usman
 
Cryptography
bysubodh pawar
 
Asymmetric Cryptography
byUTD Computer Security Group
 
Encryption And Decryption Using AES Algorithm
byAhmed Raza Shaikh
 
SSL/TLS
byDr Anjan Krishnamurthy
 
Hash function
bySalman Memon
 
Ssl in a nutshell
byFrank Kelly
 
BAIT1103 Chapter 6
bylimsh
 
Protocol for Secure Communication
bychauhankapil
 

Similar to key management

PPTX
key management in cryptography and network security
bySri Latha
 
PPT
Key management.ppt
bySou Jana
 
PDF
Unit 2_Key distribution_Deffi-Hellman.pdf
byKanchanPatil34
 
PPTX
Key management
bySujata Regoti
 
PPTX
008 Key Distribution with examples and some
byAssadLeo1
 
PPTX
Untitled presentation (5).pptx
byArchanaPandiyan
 
PPT
cst 448 module 5 ch14_key_mgt_nemo ktu s7 security in computing
bysreekeshnamboodiri1
 
PPT
Information and data security key management and distribution
byMazin Alwaaly
 
PPT
symmetric key distribution using public-key encryption
byjanwepooja
 
PPT
Key Managment in Network Security William Stalling
bysomeoneelse1981
 
PPT
Unit 1INTRODUCTION AND KEY MANAGEMENT
bysuganyak59
 
PPT
ch14_ Key management in network security
byrajirajesh8
 
PPTX
Lecture of key management in info security
bymuqaddashakeel1166
 
PPT
CHAPTER 14 CRYPTOGR AND NETWORK SECURITY
byComputerScienceDepar10
 
PPTX
Module 5-Key management in security in computing
byAparnaSunil24
 
PPT
Lec 10 - Key Management.ppt
byIshaKanwal4
 
PDF
W3Key Management and Distributionoooooooo
bySyedShahbazRxa
 
PPTX
Untitled presentation (5).pptx
byArchanaPandiyan
 
PPTX
Lectur can you explain me this slidee-17.pptx
byMUHAMMADAHMAD173574
 
PPT
Is unit-4-part-1
byvmuniraja
 
key management in cryptography and network security
bySri Latha
 
Key management.ppt
bySou Jana
 
Unit 2_Key distribution_Deffi-Hellman.pdf
byKanchanPatil34
 
Key management
bySujata Regoti
 
008 Key Distribution with examples and some
byAssadLeo1
 
Untitled presentation (5).pptx
byArchanaPandiyan
 
cst 448 module 5 ch14_key_mgt_nemo ktu s7 security in computing
bysreekeshnamboodiri1
 
Information and data security key management and distribution
byMazin Alwaaly
 
symmetric key distribution using public-key encryption
byjanwepooja
 
Key Managment in Network Security William Stalling
bysomeoneelse1981
 
Unit 1INTRODUCTION AND KEY MANAGEMENT
bysuganyak59
 
ch14_ Key management in network security
byrajirajesh8
 
Lecture of key management in info security
bymuqaddashakeel1166
 
CHAPTER 14 CRYPTOGR AND NETWORK SECURITY
byComputerScienceDepar10
 
Module 5-Key management in security in computing
byAparnaSunil24
 
Lec 10 - Key Management.ppt
byIshaKanwal4
 
W3Key Management and Distributionoooooooo
bySyedShahbazRxa
 
Untitled presentation (5).pptx
byArchanaPandiyan
 
Lectur can you explain me this slidee-17.pptx
byMUHAMMADAHMAD173574
 
Is unit-4-part-1
byvmuniraja
 

Recently uploaded

PDF
Introduction : Operating-System Services
bySanjay Gunjal
 
PDF
Numerical_Methods_for_Engineers_SEVENTH.pdf
bydamlatablett123
 
PPTX
uCOS_II_LED_Multitasking_Exp.no.2.pptx uCOS_II_LED_Multitasking_Exp.no.2.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
PPTX
Embedded_Linux_ARM_Cross_Compilation_Exp.no.3.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
PDF
Python Frameworks for Machine Learning Labmanuel
bygomathisankariv2
 
PPTX
RTOS_Automatic_Room_Light_Controller_ Exp.no.1.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
PDF
1.39 inch Flexible Round AMOLED Display for Smartwatch
bySyluxdisplay
 
PDF
EPC vs Reality: The Schedule That Was Never Possible
byGanesh Kumar
 
PDF
TU/e - 2025-2026 - Lecture Geotechnics 3 - Arkesteijn
byRuud Arkesteijn
 
PPTX
Biological Oxygen Demand (BOD) Numericals-2026.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PPTX
Ion exchange or demineralization to soften water.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
PDF
UNIT02_TRE_GEOMETRIC DESIGN.pdf_________
byAaquib Ansari
 
PDF
algothon event ppt from gdg on campus nsec
byasutoshkumar560
 
PPTX
TechSprint Intro Session GDGOC PUSSGRC
bykashvidua39
 
PDF
The Eternal Citadel Architecture, Sacred Geography, and the Resilience of Som...
byAman Kumar Singh
 
PPTX
Starter Generator Testing – Why It Is Critical for Aerospace & Defence Platforms
byNeometrix_Engineering_Pvt_Ltd
 
PPTX
PEMET 413 KTU 2024 SCHEME MODULE 2 LECTURE 4.pptx
byVINAY B
 
PPTX
UNIT 1.3-Structure of Polymers_Material Science-.pptx
byDr. Sandip Thorat
 
PPTX
1.1 Structure of Materials_Material science.pptx
byDr. Sandip Thorat
 
PPTX
Treatment strategies for vertical maxillary excess.pptx
byharsh07burile
 
Introduction : Operating-System Services
bySanjay Gunjal
 
Numerical_Methods_for_Engineers_SEVENTH.pdf
bydamlatablett123
 
uCOS_II_LED_Multitasking_Exp.no.2.pptx uCOS_II_LED_Multitasking_Exp.no.2.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
Embedded_Linux_ARM_Cross_Compilation_Exp.no.3.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
Python Frameworks for Machine Learning Labmanuel
bygomathisankariv2
 
RTOS_Automatic_Room_Light_Controller_ Exp.no.1.pptx
bySanjivani College of Engineering, Kopargaon, Ahmednagar, Maharashtra, India
 
1.39 inch Flexible Round AMOLED Display for Smartwatch
bySyluxdisplay
 
EPC vs Reality: The Schedule That Was Never Possible
byGanesh Kumar
 
TU/e - 2025-2026 - Lecture Geotechnics 3 - Arkesteijn
byRuud Arkesteijn
 
Biological Oxygen Demand (BOD) Numericals-2026.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
Ion exchange or demineralization to soften water.pptx
byChemical Engineering Dept. NIT Rourkela-769008, Odisha, India
 
UNIT02_TRE_GEOMETRIC DESIGN.pdf_________
byAaquib Ansari
 
algothon event ppt from gdg on campus nsec
byasutoshkumar560
 
TechSprint Intro Session GDGOC PUSSGRC
bykashvidua39
 
The Eternal Citadel Architecture, Sacred Geography, and the Resilience of Som...
byAman Kumar Singh
 
Starter Generator Testing – Why It Is Critical for Aerospace & Defence Platforms
byNeometrix_Engineering_Pvt_Ltd
 
PEMET 413 KTU 2024 SCHEME MODULE 2 LECTURE 4.pptx
byVINAY B
 
UNIT 1.3-Structure of Polymers_Material Science-.pptx
byDr. Sandip Thorat
 
1.1 Structure of Materials_Material science.pptx
byDr. Sandip Thorat
 
Treatment strategies for vertical maxillary excess.pptx
byharsh07burile
 

key management

  • 1.
    Key Management and Distribution SubmittedTo: Asst.Prof.Richa Sharma Submitted By: Viraj Rathod (RSU1908032)
  • 2.
    What is keymanagement? Key management is the set of techniques and procedures supporting the establishment and maintenance of keying relationship between authorized parties.  A keying relationship is the state wherein communicating entities share common data(keying material) to facilitate cryptography techniques. This data may include public or secret keys, initialization values, and additional non-secret parameters.
  • 3.
     Key managementencompasses techniques and procedures supporting: 1. Initialization of systems users within adomain; 2. Generation, distribution, and installation of keying material; 3. Controlling the use of keying material; 4. Update, revocation, and destruction of keying material; & 5. Storage, backup/recovery, and archival of keying material.
  • 4.
    OBJECTIVES  The objectiveof key management is to maintain keying relationships and keying material in a manner that counters relevant threats  In practice an additional objective is conformance to a relevant security policy
  • 5.
    THREATS 1. Compromise ofconfidentiality of secret keys. 2. Compromise of authenticity of secret or publickeys. 3. Unauthorized use of public or secret keys.
  • 6.
    SECURITYPOLICY  Security policyexplicitly or implicitly definesthe threats a system is intended to address.  Security policy may affect the stringency of cryptographic requirements, depending on the susceptibility of the environment in questionsto various types of attack.
  • 7.
    KEY Management Techniques Key management (a). Symmetric-key encryption encryption decryption plaintext plaintextciphertext secretkeysecretkey symmetric key generator
  • 8.
    (b) public-key encryption Asymmetric keypair generator Secure channel (private & authentication) Secure channel (authentication only) Unsecured channel (no protection) decryptionencryption plaintext plaintext ciphertext Privatekey Public key
  • 9.
     Public-key techniques Primaryadvantages offered by public-key techniques for applications related to key management include: 1. Simplified key management. 2. On-line trusted server not required. 3. Enhanced functionality. KEY Management Techniques
  • 10.
     Techniques fordistributing confidential keys Key layering and symmetric-key certificates Key layering: 1.master keys –keys at the highest level in the hierarchy 2.key-encrypting keys –symmetric keys or encryption public keys used for key transport or storage of other keys 3.data keys –used to provide cryptographic operations on user data Cont…
  • 11.
    Symmetric-key certificates providea means for a KTC(KeyTranslation Center) to avoid the requirement of either maintaining a secure database of user secrets (or duplicating such a database for multiple servers), or retrieving such keys from a database upon translation requests. Symmetric key certificates
  • 12.
    1. User Registration 2.User Initialization 3. Key Generation 4. Key Installation 5. Key Registration 6. Normal Use 7. Key Backup 8. Key Update 9. Archival 10. Key De-registration & Destruction 11. Key Recovery 12. Key Revocation KEY Management lifecycle
  • 13.
     Given partiesA and Bhave various key distribution alternatives: 1. A can select key and physically deliver toB 2. third party can select & deliver key to A &B 3. if A & B have communicated previously can use previous key to encrypt a new key 4. if A & B have secure communications with a third party C, C can relay key between A & B KEY distribution
  • 14.
  • 15.
  • 16.
     Hierarchies ofKDC’s required for large networks, but must trust eachother.  Session key lifetimes should be limited for greater security.  Use of automatic key distribution on behalf of users, but must trust system.  Use of decentralized key distribution.  Controlling key usage. KEY distributionissues
  • 17.
     Merkle proposedthis very simple scheme that  allows secure communications  no keys before/after exist Simple secret KEY distribution
  • 18.
  • 19.
     It canbe considered as using one ofthe following: • Public Announcement. • Publicly Available Directory. • Public-key Authority. • Public-key Certificates. Distributionof public keys
  • 20.
     users distributepublic keys to recipients or broadcast to community atlarge  eg. append PGP keys to email messages or post to news groups or email list  major weakness is forgery  anyone can create a key claiming to be someone else and broadcast it  until forgery is discovered can masquerade as claimed user 1). public Announcement
  • 21.
    2). publicly Availabledirectory can obtain greater security by registering keys with a public directory  directory must be trusted with properties:  contains {name,public-key} entries  participants register securely with directory  participants can replace key at anytime  directory is periodically published  directory can be accessed electronically  still vulnerable to tampering orforgery
  • 22.
    3). public-KEYAUTHORITY  Improvesecurity by tightening control over distribution of keys from directory.  Has properties of directory.  Requires users to know public key for thedirectory.  Then users interact with directory to obtain any desired public key securely  Does require real-time access to directory when keys are needed.  May be vulnerable to tampering.
  • 23.
  • 24.
    4). Public-key certificates Certificates allow key exchange withoutreal-time access to public-keyauthority.  A certificate binds identity to publickey  Usually with other info such as period of validity, rights of use etc.  With all contents signedby a trusted public-key or certificate authority (CA).  Can be verified by anyone who knows thepublic-key authorities public-key.
  • 25.
  • 26.