2. What is keymanagement?
Key management is the set of techniques and
procedures supporting the establishment and
maintenance of keying relationship between
authorized parties.
A keying relationship is the state wherein
communicating entities share common data(keying
material) to facilitate cryptography techniques. This
data may include public or secret keys, initialization
values, and additional non-secret parameters.
3. Key management encompasses techniques and
procedures supporting:
1. Initialization of systems users within adomain;
2. Generation, distribution, and installation of keying
material;
3. Controlling the use of keying material;
4. Update, revocation, and destruction of keying material; &
5. Storage, backup/recovery, and archival of keying
material.
4. OBJECTIVES
The objective of key management is to maintain
keying relationships and keying material in a
manner that counters relevant threats
In practice an additional objective is conformance to
a relevant security policy
5. THREATS
1. Compromise of confidentiality of secret keys.
2. Compromise of authenticity of secret or publickeys.
3. Unauthorized use of public or secret keys.
6. SECURITYPOLICY
Security policy explicitly or implicitly definesthe
threats a system is intended to address.
Security policy may affect the stringency of
cryptographic requirements, depending on the
susceptibility of the environment in questionsto
various types of attack.
9. Public-key techniques
Primary advantages offered by public-key techniques for
applications related to key management include:
1. Simplified key management.
2. On-line trusted server not required.
3. Enhanced functionality.
KEY Management Techniques
10. Techniques for distributing confidential keys
Key layering and symmetric-key certificates
Key layering:
1.master keys –keys at the highest level in the hierarchy
2.key-encrypting keys –symmetric keys or encryption
public keys used for key transport or storage of other
keys
3.data keys –used to provide cryptographic operations on
user data
Cont…
11. Symmetric-key certificates provide a means for a
KTC(KeyTranslation Center) to avoid the
requirement of either maintaining a secure
database of user secrets (or duplicating such a
database for multiple servers), or retrieving such
keys from a database upon translation requests.
Symmetric key certificates
13. Given parties A and Bhave various key distribution
alternatives:
1. A can select key and physically deliver toB
2. third party can select & deliver key to A &B
3. if A & B have communicated previously can use
previous key to encrypt a new key
4. if A & B have secure communications with a third
party C, C can relay key between A & B
KEY distribution
16. Hierarchies of KDC’s required for large networks, but
must trust eachother.
Session key lifetimes should be limited for greater
security.
Use of automatic key distribution on behalf of users,
but must trust system.
Use of decentralized key distribution.
Controlling key usage.
KEY distributionissues
17. Merkle proposed this very simple scheme that
allows secure communications
no keys before/after exist
Simple secret KEY distribution
19. It can be considered as using one ofthe
following:
• Public Announcement.
• Publicly Available Directory.
• Public-key Authority.
• Public-key Certificates.
Distributionof public keys
20. users distribute public keys to recipients or broadcast to
community atlarge
eg. append PGP keys to email messages or post to
news groups or email list
major weakness is forgery
anyone can create a key claiming to be someone else
and broadcast it
until forgery is discovered can masquerade as
claimed user
1). public Announcement
21. 2). publicly Availabledirectory
can obtain greater security by registering keys with a
public directory
directory must be trusted with properties:
contains {name,public-key} entries
participants register securely with directory
participants can replace key at anytime
directory is periodically published
directory can be accessed electronically
still vulnerable to tampering orforgery
22. 3). public-KEYAUTHORITY
Improve security by tightening control over
distribution of keys from directory.
Has properties of directory.
Requires users to know public key for thedirectory.
Then users interact with directory to obtain any
desired public key securely
Does require real-time access to directory when
keys are needed.
May be vulnerable to tampering.
24. 4). Public-key certificates
Certificates allow key exchange withoutreal-time
access to public-keyauthority.
A certificate binds identity to publickey
Usually with other info such as period of validity,
rights of use etc.
With all contents signedby a trusted public-key or
certificate authority (CA).
Can be verified by anyone who knows thepublic-key
authorities public-key.