Key Exchange

Bishop: Chapter 10 Key Management

Topics ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Notation ,[object Object],[object Object],[object Object],[object Object],[object Object]

Session, Interchange Keys ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Benefits ,[object Object],[object Object],[object Object],[object Object]

Key Exchange Algorithms ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Classical Key Exchange ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Simple Protocol 1. Alice Cathy { request for session key to Bob } k A 2. Alice Cathy { k s } k A || { k s } k B 3. Alice Bob { k s } k B ,[object Object],[object Object]

Problems ? ,[object Object],[object Object],[object Object],[object Object],[object Object]

Needham-Schroeder 1. Alice Cathy Alice || Bob || r 1 2. Alice Cathy { Alice || Bob || r 1 || k s || { Alice || k s } k B } k A 3. Alice Bob { Alice || k s } k B 4. Alice Bob { r 2 } k s 5. Alice Bob { r 2 – 1 } k s

Argument: Alice talking to Bob ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Argument: Bob talking to Alice ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Denning-Sacco Modification ,[object Object],[object Object],[object Object],a. Eve Bob { Alice || k s } k B b. Alice (intercepted by Eve) Bob { r 2 } k s c. Eve Bob { r 2 – 1 } k s

Problem & Solution ,[object Object],[object Object],[object Object],[object Object]

Needham-Schroeder with Denning-Sacco Modification 1. Alice Cathy Alice || Bob || r 1 2. Alice Cathy { Alice || Bob || r 1 || k s || { Alice || T || k s } k B } k A 3. Alice Bob { Alice || T || k s } k B 4. Alice Bob { r 2 } k s 5. Alice Bob { r 2 – 1 } k s ,[object Object]

Needham-Schroeder with Denning-Sacco Modification ,[object Object],[object Object],[object Object],[object Object]

Otway-Rees Protocol ,[object Object],[object Object],[object Object],[object Object],[object Object]

The Protocol 1. Alice Bob n || Alice || Bob || { r 1 || n || Alice || Bob } k A 2. Cathy Bob n || Alice || Bob || { r 1 || n || Alice || Bob } k A || { r 2 || n || Alice || Bob } k B 3. Cathy Bob n || { r 1 || k s } k A || { r 2 || k s } k B 4. Alice Bob n || { r 1 || k s } k A

Argument: Alice talking to Bob ,[object Object],[object Object],[object Object],[object Object]

Argument: Bob talking to Alice ,[object Object],[object Object],[object Object],[object Object]

Replay Attack against the Otway-Rees Protocol ? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Kerberos ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Idea ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Ticket ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Authenticator ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Protocol 1. user Cathy user || TGS Cathy 2. user { k u , TGS } k u || T u , TGS 3. user TGS service || A u , TGS || T u , TGS 4. user TGS user || { k u , s } k u , TGS || T u , s 5. user service A u , s || T u , s 6. user service { t + 1 } k u , s

Exercises ,[object Object],[object Object],[object Object],[object Object]

Analysis ,[object Object],[object Object],[object Object],[object Object],[object Object]

Problems ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Key Exchange using Public Key ,[object Object],[object Object],[object Object],[object Object],[object Object],Alice Bob { k s } e B

Problem and Solution ,[object Object],[object Object],[object Object],[object Object],Alice Bob { { k s } d A } e B

Notes ,[object Object],[object Object],[object Object],[object Object],[object Object]

Man-in-the-Middle Attack (in key exchange using public keys) Alice Cathy send Bob’s public key Eve Cathy send Bob’s public key Eve Cathy e B Alice e E Eve Alice Bob { k s } e E Eve Bob { k s } e B Eve intercepts request Eve intercepts message

Key Generation ,[object Object],[object Object],[object Object],[object Object],[object Object]

What is “Random”? ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

What is “Pseudorandom”? ,[object Object],[object Object],[object Object],[object Object],[object Object]

Best Pseudorandom Numbers ,[object Object],[object Object],[object Object],[object Object],[object Object]

Next ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]

Key Exchange

Recomendados

Recomendados

Más contenido relacionado

Destacado

Destacado (6)

Similar a Key Exchange

Similar a Key Exchange (12)

Más de phanleson

Más de phanleson (20)

Último

Último (20)

Key Exchange