SlideShare a Scribd company logo

Key management.ppt

Download as PPT, PDF
S
Sou Jana

Key management and distribution are complex due to cryptographic, protocol, and management issues. Symmetric schemes require parties to share a secret key, while public key schemes require parties to acquire valid public keys. This document discusses several methods for distributing keys, including using symmetric encryption, public key encryption, public announcements, directories, authorities, and certificates signed by certificate authorities.

Engineering
1 of 23
CS8792 – Cryptography and Network Security Unit III - Key Management and Distribution ~ S. Janani, AP/CSE, KCET
Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman he would fear that some devil might take advantage of his weak state to slip into his body. —The Golden Bough, Sir James George Frazer
Introduction  topics of cryptographic key management / key distribution are complex  cryptographic, protocol & management issues  symmetric schemes require both parties to share a common secret key  public key schemes require parties to acquire valid public keys  have concerns with doing both
Contents  symmetric key distribution using symmetric encryption  symmetric key distribution using public-key encryption  distribution of public keys • announcement, directory, authority, CA  X.509 authentication and certificates  public key infrastructure (PKIX)
Key Distribution
Key Distribution  symmetric schemes require both parties to share a common secret key  issue is how to securely distribute this key  whilst protecting it from others  frequent key changes can be desirable  often secure system failure due to a break in the key distribution scheme
Key Distribution  given parties A and B have various key distribution alternatives: • A can select key and physically deliver to B • third party can select & deliver key to A & B • if A & B have communicated previously can use previous key to encrypt a new key • if A & B have secure communications with a third party C, C can relay key between A & B
Key Distribution Task
Key Hierarchy  typically have a hierarchy of keys  session key  temporary key  used for encryption of data between users  for one logical session then discarded  master key  used to encrypt session keys  shared by user & key distribution center
Key Hierarchy
Key Distribution Scenario
Key Distribution Issues  hierarchies of KDC’s required for large networks, but must trust each other  session key lifetimes should be limited for greater security  use of automatic key distribution on behalf of users, but must trust system  use of decentralized key distribution  controlling key usage
Symmetric Key Distribution Using Public Keys  public key cryptosystems are inefficient  so almost never use for direct data encryption  rather use to encrypt secret keys for distribution
Simple Secret Key Distribution  Merkle proposed this very simple scheme  allows secure communications  no keys before/after exist
Man-in-the-Middle Attack  this very simple scheme is vulnerable to an active man-in-the-middle attack
Distribution of Public Keys  can be considered as using one of:  public announcement  publicly available directory  public-key authority  public-key certificates
Public Announcement users distribute public keys to recipients or broadcast to community at large  eg. append PGP keys to email messages or post to news groups or email list major weakness is forgery  anyone can create a key claiming to be someone else and broadcast it  until forgery is discovered can masquerade as claimed user
Publicly Available Directory  can obtain greater security by registering keys with a public directory  directory must be trusted with properties:  contains {name,public-key} entries  participants register securely with directory  participants can replace key at any time  directory is periodically published  directory can be accessed electronically  still vulnerable to tampering or forgery
Public-Key Authority  improve security by tightening control over distribution of keys from directory  has properties of directory  and requires users to know public key for the directory  then users interact with directory to obtain any desired public key securely  does require real-time access to directory when keys are needed  may be vulnerable to tampering
Public-Key Authority
Public-Key Certificates  certificates allow key exchange without real-time access to public- key authority  a certificate binds identity to public key  usually with other info such as period of validity, rights of use etc  with all contents signed by a trusted Public-Key or Certificate Authority (CA)  can be verified by anyone who knows the public-key authorities public-key
Public-Key Certificates
Summary  have considered:  symmetric key distribution using symmetric encryption  symmetric key distribution using public-key encryption  distribution of public keys • announcement, directory, authrority, CA

Recommended

Diffie Hellman.pptx
Diffie Hellman.pptxDiffie Hellman.pptx
Diffie Hellman.pptxSou Jana
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptxSou Jana
 
Kerberos
KerberosKerberos
KerberosSou Jana
 
Block Cipher
Block CipherBlock Cipher
Block CipherBrandon Byungyong Jo
 
Cryptography
CryptographyCryptography
CryptographyIGZ Software house
 
Number theory and cryptography
Number theory and cryptographyNumber theory and cryptography
Number theory and cryptographyYasser Ali
 
Symmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptographySymmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptographyMONIRUL ISLAM
 
Elgamal Digital Signature
Elgamal Digital SignatureElgamal Digital Signature
Elgamal Digital SignatureSou Jana
 

Recommended

Diffie Hellman.pptx
Diffie Hellman.pptxDiffie Hellman.pptx
Diffie Hellman.pptxSou Jana
 
RSA Algm.pptx
RSA Algm.pptxRSA Algm.pptx
RSA Algm.pptxSou Jana
 
Kerberos
KerberosKerberos
KerberosSou Jana
 
Block Cipher
Block CipherBlock Cipher
Block CipherBrandon Byungyong Jo
 
Cryptography
CryptographyCryptography
CryptographyIGZ Software house
 
Number theory and cryptography
Number theory and cryptographyNumber theory and cryptography
Number theory and cryptographyYasser Ali
 
Symmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptographySymmetric and asymmetric key cryptography
Symmetric and asymmetric key cryptographyMONIRUL ISLAM
 
Elgamal Digital Signature
Elgamal Digital SignatureElgamal Digital Signature
Elgamal Digital SignatureSou Jana
 
Cryptography
CryptographyCryptography
CryptographyDeepak Kumar
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Cryptography
CryptographyCryptography
Cryptographyamiable_indian
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701Amit Pathak
 
CONVENTIONAL ENCRYPTION
CONVENTIONAL ENCRYPTIONCONVENTIONAL ENCRYPTION
CONVENTIONAL ENCRYPTIONSHUBHA CHATURVEDI
 
Elgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copyElgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copyNorth Cap University (NCU) Formely ITM University
 
Cryptography
CryptographyCryptography
Cryptographygueste4c97e
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityJyothishmathi Institute of Technology and Science Karimnagar
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques Dr. Kapil Gupta
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
Ch02...1
Ch02...1Ch02...1
Ch02...1nathanurag
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
El Gamal Cryptosystem
El Gamal CryptosystemEl Gamal Cryptosystem
El Gamal CryptosystemAdri Jovin
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & CryptographyArun ACE
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MACSou Jana
 
Hash Function
Hash FunctionHash Function
Hash FunctionSiddharth Srivastava
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information SecurityDr Naim R Kidwai
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 
Ch14
Ch14Ch14
Ch14Francis Alamina
 
Information and data security key management and distribution
Information and data security key management and distributionInformation and data security key management and distribution
Information and data security key management and distributionMazin Alwaaly
 

More Related Content

What's hot

symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithmsRashmi Burugupalli
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701Amit Pathak
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network securityNEHA PATEL
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques Dr. Kapil Gupta
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYKathirvel Ayyaswamy
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network SecurityKathirvel Ayyaswamy
 
6. cryptography
6. cryptography6. cryptography
6. cryptography7wounders
 
El Gamal Cryptosystem
El Gamal CryptosystemEl Gamal Cryptosystem
El Gamal CryptosystemAdri Jovin
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & CryptographyArun ACE
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MACSou Jana
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information SecurityDr Naim R Kidwai
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithmSunita Kharayat
 

What's hot (20)

Cryptography
CryptographyCryptography
Cryptography
 
symmetric key encryption algorithms
symmetric key encryption algorithms symmetric key encryption algorithms
symmetric key encryption algorithms
 
Cryptography
CryptographyCryptography
Cryptography
 
Cryptography and network security Nit701
Cryptography and network security Nit701Cryptography and network security Nit701
Cryptography and network security Nit701
 
CONVENTIONAL ENCRYPTION
CONVENTIONAL ENCRYPTIONCONVENTIONAL ENCRYPTION
CONVENTIONAL ENCRYPTION
 
Elgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copyElgamal & schnorr digital signature scheme copy
Elgamal & schnorr digital signature scheme copy
 
Cryptography
CryptographyCryptography
Cryptography
 
Introduction of cryptography and network security
Introduction of cryptography and network securityIntroduction of cryptography and network security
Introduction of cryptography and network security
 
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail SecurityCRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
CRYPTOGRAPHY AND NETWORK SECURITY- E-Mail Security
 
Symmetric Encryption Techniques
Symmetric Encryption Techniques Symmetric Encryption Techniques
Symmetric Encryption Techniques
 
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITYCS6701 CRYPTOGRAPHY AND NETWORK SECURITY
CS6701 CRYPTOGRAPHY AND NETWORK SECURITY
 
Ch02...1
Ch02...1Ch02...1
Ch02...1
 
18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security18CS2005 Cryptography and Network Security
18CS2005 Cryptography and Network Security
 
6. cryptography
6. cryptography6. cryptography
6. cryptography
 
El Gamal Cryptosystem
El Gamal CryptosystemEl Gamal Cryptosystem
El Gamal Cryptosystem
 
Information Security & Cryptography
Information Security & CryptographyInformation Security & Cryptography
Information Security & Cryptography
 
Message Authentication Requirement-MAC
Message Authentication Requirement-MACMessage Authentication Requirement-MAC
Message Authentication Requirement-MAC
 
Hash Function
Hash FunctionHash Function
Hash Function
 
Cryptography and Information Security
Cryptography and Information SecurityCryptography and Information Security
Cryptography and Information Security
 
Diffie hellman key exchange algorithm
Diffie hellman key exchange algorithmDiffie hellman key exchange algorithm
Diffie hellman key exchange algorithm
 

Similar to Key management.ppt

Information and data security key management and distribution
Information and data security key management and distributionInformation and data security key management and distribution
Information and data security key management and distributionMazin Alwaaly
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distributionRiya Choudhary
 
key management in cryptography and network security
key management in cryptography and network securitykey management in cryptography and network security
key management in cryptography and network securitySri Latha
 
Is unit-4-part-1
Is unit-4-part-1Is unit-4-part-1
Is unit-4-part-1vmuniraja
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)inventionjournals
 
Untitled presentation (5).pptx
Untitled presentation (5).pptxUntitled presentation (5).pptx
Untitled presentation (5).pptxArchanaPandiyan
 
Untitled presentation (5).pptx
Untitled presentation (5).pptxUntitled presentation (5).pptx
Untitled presentation (5).pptxArchanaPandiyan
 
Introduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptxIntroduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptxJayaLakshmi277
 
Introduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptxIntroduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptxJayaLakshmi277
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network securitybabak danyal
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptographyRutvik Mehta
 
Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406pradip patel
 
Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406pradip patel
 
key-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storagekey-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storageswathi78
 
Module 5-Key management in security in computing
Module 5-Key management in security in computingModule 5-Key management in security in computing
Module 5-Key management in security in computingAparnaSunil24
 

Similar to Key management.ppt (20)

Ch14
Ch14Ch14
Ch14
 
Information and data security key management and distribution
Information and data security key management and distributionInformation and data security key management and distribution
Information and data security key management and distribution
 
Key management and distribution
Key management and distributionKey management and distribution
Key management and distribution
 
key management in cryptography and network security
key management in cryptography and network securitykey management in cryptography and network security
key management in cryptography and network security
 
key management
key management key management
key management
 
Is unit-4-part-1
Is unit-4-part-1Is unit-4-part-1
Is unit-4-part-1
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
 
Untitled presentation (5).pptx
Untitled presentation (5).pptxUntitled presentation (5).pptx
Untitled presentation (5).pptx
 
Untitled presentation (5).pptx
Untitled presentation (5).pptxUntitled presentation (5).pptx
Untitled presentation (5).pptx
 
Introduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptxIntroduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptx
 
Introduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptxIntroduction-to-Diffie-Hellman-Key-Exchange.pptx
Introduction-to-Diffie-Hellman-Key-Exchange.pptx
 
key distribution in network security
key distribution in network securitykey distribution in network security
key distribution in network security
 
Encryption in Cryptography
Encryption in CryptographyEncryption in Cryptography
Encryption in Cryptography
 
3 public key cryptography
3 public key cryptography3 public key cryptography
3 public key cryptography
 
H0362052056
H0362052056H0362052056
H0362052056
 
Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406
 
Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406Secured key distribution techniques in wireless sensor networks 150429171406
Secured key distribution techniques in wireless sensor networks 150429171406
 
key-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storagekey-aggregate cryptosystem for scalable data sharing in cloud storage
key-aggregate cryptosystem for scalable data sharing in cloud storage
 
Ch15
Ch15Ch15
Ch15
 
Module 5-Key management in security in computing
Module 5-Key management in security in computingModule 5-Key management in security in computing
Module 5-Key management in security in computing
 

More from Sou Jana

PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIMESou Jana
 
UHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptxUHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptxSou Jana
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 CertificatesSou Jana
 
Digital Signature Standard
Digital Signature StandardDigital Signature Standard
Digital Signature StandardSou Jana
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve CryptographySou Jana
 
Mathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptographyMathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptographySou Jana
 
Security Model
Security ModelSecurity Model
Security ModelSou Jana
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption TechniquesSou Jana
 
Perfect Security
Perfect SecurityPerfect Security
Perfect SecuritySou Jana
 
Cryptanalysis
CryptanalysisCryptanalysis
CryptanalysisSou Jana
 
Information Theory
Information TheoryInformation Theory
Information TheorySou Jana
 
Product Cipher
Product CipherProduct Cipher
Product CipherSou Jana
 
Multicore and shared multi processor
Multicore and shared multi processorMulticore and shared multi processor
Multicore and shared multi processorSou Jana
 

More from Sou Jana (14)

PGP S/MIME
PGP S/MIMEPGP S/MIME
PGP S/MIME
 
UHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptxUHV Self Management and Peer Pressure.pptx
UHV Self Management and Peer Pressure.pptx
 
RC4.pptx
RC4.pptxRC4.pptx
RC4.pptx
 
X.509 Certificates
X.509 CertificatesX.509 Certificates
X.509 Certificates
 
Digital Signature Standard
Digital Signature StandardDigital Signature Standard
Digital Signature Standard
 
Elliptic Curve Cryptography
Elliptic Curve CryptographyElliptic Curve Cryptography
Elliptic Curve Cryptography
 
Mathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptographyMathematics of Asymmetric cryptography
Mathematics of Asymmetric cryptography
 
Security Model
Security ModelSecurity Model
Security Model
 
Classical Encryption Techniques
Classical Encryption TechniquesClassical Encryption Techniques
Classical Encryption Techniques
 
Perfect Security
Perfect SecurityPerfect Security
Perfect Security
 
Cryptanalysis
CryptanalysisCryptanalysis
Cryptanalysis
 
Information Theory
Information TheoryInformation Theory
Information Theory
 
Product Cipher
Product CipherProduct Cipher
Product Cipher
 
Multicore and shared multi processor
Multicore and shared multi processorMulticore and shared multi processor
Multicore and shared multi processor
 

Recently uploaded

Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxupamatechverse
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZTE
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxupamatechverse
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxAsutosh Ranjan
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...Soham Mondal
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSSIVASHANKAR N
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxpranjaldaimarysona
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineeringmalavadedarshan25
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escortsranjana rawat
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Suman Mia
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...ranjana rawat
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )Tsuyoshi Horigome
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerAnamika Sarkar
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxJoão Esperancinha
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile servicerehmti665
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130Suhani Kapoor
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024hassan khalil
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Serviceranjana rawat
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Dr.Costas Sachpazis
 

Recently uploaded (20)

Introduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptxIntroduction to Multiple Access Protocol.pptx
Introduction to Multiple Access Protocol.pptx
 
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
ZXCTN 5804 / ZTE PTN / ZTE POTN / ZTE 5804 PTN / ZTE POTN 5804 ( 100/200 GE Z...
 
Introduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptxIntroduction to IEEE STANDARDS and its different types.pptx
Introduction to IEEE STANDARDS and its different types.pptx
 
Coefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptxCoefficient of Thermal Expansion and their Importance.pptx
Coefficient of Thermal Expansion and their Importance.pptx
 
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
OSVC_Meta-Data based Simulation Automation to overcome Verification Challenge...
 
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLSMANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
MANUFACTURING PROCESS-II UNIT-5 NC MACHINE TOOLS
 
Processing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptxProcessing & Properties of Floor and Wall Tiles.pptx
Processing & Properties of Floor and Wall Tiles.pptx
 
Internship report on mechanical engineering
Internship report on mechanical engineeringInternship report on mechanical engineering
Internship report on mechanical engineering
 
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur EscortsHigh Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
High Profile Call Girls Nagpur Isha Call 7001035870 Meet With Nagpur Escorts
 
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINEDJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
DJARUM4D - SLOT GACOR ONLINE | SLOT DEMO ONLINE
 
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
Software Development Life Cycle By Team Orange (Dept. of Pharmacy)
 
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
(PRIYA) Rajgurunagar Call Girls Just Call 7001035870 [ Cash on Delivery ] Pun...
 
SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )SPICE PARK APR2024 ( 6,793 SPICE Models )
SPICE PARK APR2024 ( 6,793 SPICE Models )
 
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube ExchangerStudy on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
Study on Air-Water & Water-Water Heat Exchange in a Finned Tube Exchanger
 
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptxDecoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
Decoding Kotlin - Your guide to solving the mysterious in Kotlin.pptx
 
Call Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile serviceCall Girls Delhi {Jodhpur} 9711199012 high profile service
Call Girls Delhi {Jodhpur} 9711199012 high profile service
 
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
VIP Call Girls Service Hitech City Hyderabad Call +91-8250192130
 
Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024Architect Hassan Khalil Portfolio for 2024
Architect Hassan Khalil Portfolio for 2024
 
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
(RIA) Call Girls Bhosari ( 7001035870 ) HI-Fi Pune Escorts Service
 
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
Sheet Pile Wall Design and Construction: A Practical Guide for Civil Engineer...
 

Key management.ppt

  • 1. CS8792 – Cryptography and Network Security Unit III - Key Management and Distribution ~ S. Janani, AP/CSE, KCET
  • 2. Key Management and Distribution No Singhalese, whether man or woman, would venture out of the house without a bunch of keys in his hand, for without such a talisman he would fear that some devil might take advantage of his weak state to slip into his body. —The Golden Bough, Sir James George Frazer
  • 3. Introduction  topics of cryptographic key management / key distribution are complex  cryptographic, protocol & management issues  symmetric schemes require both parties to share a common secret key  public key schemes require parties to acquire valid public keys  have concerns with doing both
  • 4. Contents  symmetric key distribution using symmetric encryption  symmetric key distribution using public-key encryption  distribution of public keys • announcement, directory, authority, CA  X.509 authentication and certificates  public key infrastructure (PKIX)
  • 6. Key Distribution  symmetric schemes require both parties to share a common secret key  issue is how to securely distribute this key  whilst protecting it from others  frequent key changes can be desirable  often secure system failure due to a break in the key distribution scheme
  • 7. Key Distribution  given parties A and B have various key distribution alternatives: • A can select key and physically deliver to B • third party can select & deliver key to A & B • if A & B have communicated previously can use previous key to encrypt a new key • if A & B have secure communications with a third party C, C can relay key between A & B
  • 9. Key Hierarchy  typically have a hierarchy of keys  session key  temporary key  used for encryption of data between users  for one logical session then discarded  master key  used to encrypt session keys  shared by user & key distribution center
  • 12. Key Distribution Issues  hierarchies of KDC’s required for large networks, but must trust each other  session key lifetimes should be limited for greater security  use of automatic key distribution on behalf of users, but must trust system  use of decentralized key distribution  controlling key usage
  • 13. Symmetric Key Distribution Using Public Keys  public key cryptosystems are inefficient  so almost never use for direct data encryption  rather use to encrypt secret keys for distribution
  • 14. Simple Secret Key Distribution  Merkle proposed this very simple scheme  allows secure communications  no keys before/after exist
  • 15. Man-in-the-Middle Attack  this very simple scheme is vulnerable to an active man-in-the-middle attack
  • 16. Distribution of Public Keys  can be considered as using one of:  public announcement  publicly available directory  public-key authority  public-key certificates
  • 17. Public Announcement users distribute public keys to recipients or broadcast to community at large  eg. append PGP keys to email messages or post to news groups or email list major weakness is forgery  anyone can create a key claiming to be someone else and broadcast it  until forgery is discovered can masquerade as claimed user
  • 18. Publicly Available Directory  can obtain greater security by registering keys with a public directory  directory must be trusted with properties:  contains {name,public-key} entries  participants register securely with directory  participants can replace key at any time  directory is periodically published  directory can be accessed electronically  still vulnerable to tampering or forgery
  • 19. Public-Key Authority  improve security by tightening control over distribution of keys from directory  has properties of directory  and requires users to know public key for the directory  then users interact with directory to obtain any desired public key securely  does require real-time access to directory when keys are needed  may be vulnerable to tampering
  • 21. Public-Key Certificates  certificates allow key exchange without real-time access to public- key authority  a certificate binds identity to public key  usually with other info such as period of validity, rights of use etc  with all contents signed by a trusted Public-Key or Certificate Authority (CA)  can be verified by anyone who knows the public-key authorities public-key
  • 23. Summary  have considered:  symmetric key distribution using symmetric encryption  symmetric key distribution using public-key encryption  distribution of public keys • announcement, directory, authrority, CA