20CS17 – INFORMATION SECURITY

INTRODUCTION

Program & Semester: B.Tech & VI SEM

Section: CSE-C

Academic Year: 2023 - 24

By

Mr M. Vijay Kumar

Sr Assistant Professor

Dept. of IT, LBRCE

​

1.Background

• The requirements of information security within an organization have undergone two major changes in the last several decades.

​

• Before the introduction of data processing equipment security traditionally provided by physical (eg. rugged filing cabinets with locks) and administrative mechanisms (eg. Personnel screening procedures during hiring process)

​

• With the evolution of computers the usage of automated tools to protect files has made an impact on resource sharing. The generic name for the collection of tools designed to protect data and to thwart hackers is computer security

​

• The second major change that affected security is the introduction of distributed systems and the use of networks and communications which requires measures to protect data during transmission.

​

​

​

​

1.1 Definitions

• Computer Security - Generic name for the collection of tools designed to protect data and to thwart hackers

​

• Network Security - Measures to protect data during their transmission

​

• Internet Security - Measures to protect data during their transmission over a collection of interconnected networks

​

• Threat: A Threat is a possible security violation that might exploit the vulnerability of a system or asset. The origin of threat may be accidental, environmental (natural disaster), human negligence or human failure.

Difference types of security threats are interruption, interception, fabrication and modification.

.

• Attack: Attack is an deliberate unauthorized action on a system or asset. Attack can be classified as active and passive attack. An attack will have a motive and will follow a method when opportunity arise.

​

​

.

The difference between threat and attack are:

1.2 OSI Security Architecture

• Security Architecture for OSI defines a systematic approach useful to managers as a way to evaluate and choose various security products and policies.
• The managers are responsible for computer and network security needs.
• The OSI security architecture focuses on security attacks, mechanisms, and services.

Information security is about protecting the information from unauthorized access, misuse, disclosure, destruction, modification, or disruption by using processes and methodologies which are designed and implemented for protecting information.

​

Three key objectives that are at the heart of computer security.

• Confidentiality
• Integrity
• Availability

​

These three concepts form what is often referred to as the CIA triad.

The three concepts embody the fundamental security objectives for both data and for information and computing services.

​

To provide Information Security we should consider three aspects

a. Security Attacks

b. Security Mechanism

c. Security Services

Security attack:

Any action that compromises the security of information owned by an organization.

​

Security mechanism:

A process (or a device incorporating such a process) that is designed to detect, prevent, or recover from a security attack.

​

Security service:

A processing or communication service that enhances the

security of the data processing systems and the information transfers of an organization. The services are intended to counter security attacks, and they make use of one or more security mechanisms to provide the service.

1.3 Security Attacks

Attacks on the information can be classified into two categories

i. Passive attacks

ii. Active attacks

Passive Attacks

Passive attacks mainly focus on getting information by doing tapping or eavesdropping or monitoring etc..,

There are two types of passive attacks

a. Revealing formation

b. Traffic analysis

Passive attacks are difficult to identify.

Passive attacks are prevented rather than detecting.

Active attacks

​

Active attacks are major security threats. Unlike passive attacks these attacks mainly focus on alteration and false information. They are categorized into four

a. Masquerade

b. Replay

c. Message Modification

d. Denial of service

​

​

​

​

​

​

​

​

​

​

All attacks that are imposed on information can be of four types

Interruption

Interception

Modification

Fabrication

​

1.4 Security Services

• Enhance security of data processing systems and information transfers of an organization
• Intended to counter security attacks using one or more security mechanisms
• often replicates functions normally associated with physical documents

• X.800:

“a service provided by a protocol layer of communicating open systems, which ensures adequate security of the systems or of data transfers”

​

• RFC 2828:

“a processing or communication service provided by a system to give a specific kind of protection to system resources”

​

Security Services (X.800)

• Authentication

Assurance that the communicating entity is the one claimed

• Access Control

Prevention of the unauthorized use of a resource

• Data Confidentiality

Protection of data from unauthorized disclosure

• Data Integrity

Assurance that data received is as sent by an authorized entity

• Non-Repudiation

Protection against denial by one of the parties in a communication

​

1. 5 Security Mechanisms

• Detect, prevent, or recover from a security attack
• no single mechanism that will support all services required
• However one element underlies many of the security mechanisms in use:
• cryptographic techniques
• Hence our focus on this topic

Security Mechanisms (X.800)

• specific security mechanisms:

​

Encipherment, digital signatures, access controls, data integrity, authentication exchange, traffic padding, routing control, notarization

​

• pervasive security mechanisms:

​

Trusted functionality, security labels, event detection, security audit trails, security recovery

​

1.6 A Model for Network Security

​

Any Security model deals mainly with two aspects

​

• A Secure Transformation of information
• Sharing of Secure information

​

There are mainly four important tasks for providing Security Service

​

• An Algorithm for secure transformation
• Generate Secret information to be used with Algorithm
• Methods for sharing the Secret information
• A procedure to be followed by the two communication parties

​

The security mechanisms that provide access control falls into two categories

Gatekeeper Function

Internal Security controls

2. Conventional Encryption Techniques

Any Conventional Encryption Algorithm should posses five qualities

​

Plain text

Encryption Algorithm

Cipher text

Secret Key

Decryption Algorithm

​

along with these it should also satisfy two requirements

​

A Strong Encryption algorithm

A Secure way to transfer the Secret key

Basic Terminology

• plaintext - original message
• ciphertext - coded message
• cipher - algorithm for transforming plaintext to ciphertext
• key - info used in cipher known only to sender/receiver
• encipher (encrypt) - converting plaintext to ciphertext
• decipher (decrypt) - recovering ciphertext from plaintext
• cryptography - study of encryption principles

​

• cryptanalysis (codebreaking) - study of principles/ methods of deciphering ciphertext without knowing key

​

• cryptology - field of both cryptography and cryptanalysis

2.1Symmetric Encryption

• It can also be called as conventional / private-key / single-key
• sender and recipient share a common key
• all classical encryption algorithms are private-key
• was only technique prior to invention of public-key in 1970’s and by far most widely used

​

• Two requirements for secure use of symmetric encryption:
• a strong encryption algorithm
• a secret key known only to sender / receiver
• mathematically have:

Y = E_K(X)

X = D_K(Y)

• assume encryption algorithm is known
• implies a secure channel to distribute key

Cryptography

Cryptography is the study of techniques related to aspects of information security. Hence cryptography is concerned with the writing (ciphering or encoding) and deciphering (decoding) of messages in secret code. Cryptographic systems are classified along three independent dimensions:

​

Cryptanalysis

​

• objective to recover key not just message
• general approaches:
• cryptanalytic attack
• brute-force attack

​

2.2 Cryptanalytic Attacks

• ciphertext only

only know algorithm & ciphertext, is statistical, know or can identify plaintext

• known plaintext

know/suspect plaintext & ciphertext

• chosen plaintext

select plaintext and obtain ciphertext

• chosen ciphertext

select ciphertext and obtain plaintext

• chosen text

select plaintext or ciphertext to en/decrypt

​

Brute Force Search

• always possible to simply try every key
• most basic attack, proportional to key size
• assume either know / recognise plaintext

​

2.3 Classical Substitution Ciphers

• where letters of plaintext are replaced by other letters or by numbers or symbols
• or if plaintext is viewed as a sequence of bits, then substitution involves replacing plaintext bit patterns with ciphertext bit patterns

​

​

2.3.1Caesar Cipher

• earliest known substitution cipher by Julius Caesar
• first attested use in military affairs
• replaces each letter by 3rd letter on
• example:

meet me after the toga party

PHHW PH DIWHU WKH WRJD SDUWB

​

​

Caesar Cipher

• can define transformation as:

a b c d e f g h i j k l m n o p q r s t u v w x y z

D E F G H I J K L M N O P Q R S T U V W X Y Z A B C

• mathematically give each letter a number

a b c d e f g h i j k l m n o p q r s t u v w x y z

0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25

• then have Caesar cipher as:

c = E(p) = (p + k) mod (26)

p = D(c) = (c – k) mod (26)

​

2.3.2 Monoalphabetic Cipher

• rather than just shifting the alphabet
• could shuffle (jumble) the letters arbitrarily
• each plaintext letter maps to a different random ciphertext letter
• hence key is 26 letters long

​

Plain: abcdefghijklmnopqrstuvwxyz

Cipher: DKVQFIBJWPESCXHTMYAUOLRGZN

​

Plaint: ifwewishtoreplaceletters

Cipher : WIRFRWAJUHYFTSDVFSFUUFYA

​

2.3.3 Playfair Cipher

• not even the large number of keys in a monoalphabetic cipher provides security
• one approach to improving security was to encrypt multiple letters
• the Playfair Cipher is an example
• invented by Charles Wheatstone in 1854, but named after his friend Baron Playfair

​

Playfair Key Matrix

• a 5X5 matrix of letters based on a keyword
• fill in letters of keyword (sans duplicates)
• fill rest of matrix with other letters
• eg. using the keyword MONARCHY

Encrypting and Decrypting

• plaintext is encrypted two letters at a time
1. if a pair is a repeated letter, insert filler like 'X’
2. if both letters fall in the same row, replace each with letter to right (wrapping back to start from end)
3. if both letters fall in the same column, replace each with the letter below it (again wrapping to top from bottom)
4. otherwise each letter is replaced by the letter in the same row and in the column of the other letter of the pair

​

2.3.4 Polyalphabetic Ciphers

polyalphabetic substitution ciphers

• improve security using multiple cipher alphabets
• make cryptanalysis harder with more alphabets to guess and flatter frequency distribution
• use a key to select which alphabet is used for each letter of the message
• use each alphabet in turn
• repeat from start after end of key is reached

​

2.3.5 Transposition Ciphers

• now consider classical transposition or permutation ciphers
• these hide the message by rearranging the letter order
• without altering the actual letters used
• can recognise these since have the same frequency distribution as the original text

​

2.3.6 Steganography

• an alternative to encryption
• hides existence of message
• using only a subset of letters/words in a longer message marked in some way
• using invisible ink
• hiding in LSB in graphic image or sound file
• has drawbacks
• high overhead to hide relatively few info bits

​

​

2.4 Block Cipher Principles

• most symmetric block ciphers are based on a Feistel Cipher Structure
• needed since must be able to decrypt ciphertext to recover messages efficiently
• block ciphers look like an extremely large substitution
• would need table of 2⁶⁴ entries for a 64-bit block
• instead create from smaller building blocks
• using idea of a product cipher

​

​

​

Ideal Block Cipher

Block vs Stream Ciphers

• block ciphers process messages in blocks, each of which is then en/decrypted
• like a substitution on very big characters
• 64-bits or more
• stream ciphers process messages a bit or byte at a time when en/decrypting
• many current ciphers are block ciphers
• broader range of applications

​

2.5 Feistel Cipher Structure

• Horst Feistel devised the feistel cipher
• based on concept of invertible product cipher
• partitions input block into two halves
• process through multiple rounds which
• perform a substitution on left data half
• based on round function of right half & subkey
• then have permutation swapping halves
• implements Shannon’s S-P net concept

​

Feistel Cipher Structure

�3. Conventional Encryption Algorithms�

• Most widely used block cipher in world
• adopted in 1977 by NBS (now NIST)
• as FIPS PUB 46
• Plain text size– 64 bit
• Cipher text size – 64 bit
• Key size – 64 bit [ 56 bit]
• No.of rounds – 16
• Round key size – 48-bit
• has widespread use

​

�3. 1 Data Encryption Standard (DES)�

DES: Data Encryption Standard

Initial Permutation IP

• first step of the data computation
• IP reorders the input data bits
• even bits to LH half, odd bits to RH half
• quite regular in structure (easy in h/w)

Substitution Boxes [S-Box]

• have eight S-boxes which map 6 to 4 bits
• each S-box is actually 4 little 4 bit boxes
• outer bits 1 & 6 (row bits) select one row of 4
• inner bits 2-5 (col bits) are substituted
• result is 8 lots of 4 bits, or 32 bits
• row selection depends on both data & key
• feature known as autoclaving (autokeying)

• 56-bit keys have 2⁵⁶ = 7.2 x 10¹⁶ values
• brute force search looks hard
• recent advances have shown is possible
• in 1997 on Internet in a few months
• in 1998 on dedicated h/w (EFF) in a few days
• in 1999 above combined in 22hrs!
• still must be able to recognize plaintext
• must now consider alternatives to DES

​

Strength of DES – Key Size

3.2 Advanced Encryption Standard (AES)

• clear a replacement for DES was needed
• have theoretical attacks that can break it
• have demonstrated exhaustive key search attacks
• can use Triple-DES – but slow, has small blocks
• US NIST issued call for ciphers in 1997
• 15 candidates accepted in Jun 98
• 5 were shortlisted in Aug-99
• Rijndael was selected as the AES in Oct-2000
• issued as FIPS PUB 197 standard in Nov-2001

​

The AES Cipher

• designed by Rijmen-Daemen in Belgium
• has 128/192/256 bit keys, 128 bit data with 10/12/14 rounds
• an iterative rather than feistel cipher
• processes data as block of 4 columns of 4 bytes
• operates on entire data block in every round

​

• designed to be:
• resistant against known attacks
• speed and code compactness on many CPUs
• design simplicity

​

• data block of 4 columns of 4 bytes is state
• key is expanded to array of words
• has 9/11/13 rounds in which state undergoes:
• byte substitution (1 S-box used on every byte)
• shift rows (permute bytes between groups/columns)
• mix columns (subs using matrix multipy of groups)
• add round key (XOR state with key material)
• view as alternating XOR key & scramble data bytes
• initial XOR key material & incomplete last round
• with fast XOR & table lookup implementation

​

AES

• Block size=128 bit(4words/16 bytes)
• No.of rounds=10
• Key size=128(4words/16 bytes)
• No.of subkeys=44
• Each subkey size=32bit/1word/16bytes
• Each round=use 4 subkeys(128bit/4words/16/bytes)
• Before starting
• pre round calculation-4subkeys used
• Ciphertext=128 bit(4words/16 bytes)

​

Byte Substitution

• a simple substitution of each byte
• uses one table of 16x16 bytes containing a permutation of all 256 8-bit values
• each byte of state is replaced by byte indexed by row (left 4-bits) & column (right 4-bits)
• eg. byte {95} is replaced by byte in row 9 column 5
• which has value {2A}
• S-box constructed using defined transformation of values in GF(2⁸)
• designed to be resistant to all known attacks

​

Shift Rows

• a circular byte shift in each each
• 1^st row is unchanged
• 2^nd row does 1 byte circular shift to left
• 3rd row does 2 byte circular shift to left
• 4th row does 3 byte circular shift to left
• decrypt inverts using shifts to right
• since state is processed by columns, this step permutes bytes between the columns

​

Mix Columns

• each column is processed separately
• each byte is replaced by a value dependent on all 4 bytes in the column
• effectively a matrix multiplication in GF(2⁸) using prime poly m(x) =x⁸+x⁴+x³+x+1

​

Add Round Key

AES Round

AES Key Expansion

• takes 128-bit (16-byte) key and expands into array of 44/52/60 32-bit words
• start by copying key into first 4 words
• then loop creating words that depend on values in previous & 4 places back
• in 3 of 4 cases just XOR these together
• 1^st word in 4 has rotate + S-box + XOR round constant on previous, before XOR 4^th back

​

AES Decryption

• AES decryption is not identical to encryption since steps done in reverse
• but can define an equivalent inverse cipher with steps as for encryption
• but using inverses of each step
• with a different key schedule
• works since result is unchanged when
• swap byte substitution & shift rows
• swap mix columns & add (tweaked) round key

AES Decryption

3.3 Multiple Encryption & DES

• clearly a replacement for DES was needed
• theoretical attacks that can break it
• demonstrated exhaustive key search attacks
• AES is a new cipher alternative
• prior to this alternative was to use multiple encryption with DES implementations
• Triple-DES is the chosen form

Double-DES?

• could use Double DES for encryption
• C = E_K2(E_K1(P))
• issue of reduction to single stage
• and have “meet-in-the-middle” attack
• works whenever use a cipher twice
• since X = E_K1(P) = D_K2(C)
• attack by encrypting P with all keys and store
• then decrypt C with keys and match X value
• can show takes O(2⁵⁶) steps

3.3.1 Triple-DES

• Due to the drawback of Double DES 3 encryptions are used
• would seem to need 3 distinct keys
• But can use 2 keys with E-D-E sequence
• C = E_K1(D_K2(E_K1(P)))
• encrypt & decrypt equivalent in security
• if K1=K2 then can work with single DES
• standardized in ANSI X9.17 & ISO8732
• no current known practical attacks

​

Triple-DES with Three-Keys

• although are no practical attacks on two-key Triple-DES have some indications
• can use Triple-DES with Three-Keys to avoid even these
• C = E_K3(D_K2(E_K1(P)))
• has been adopted by some Internet applications, eg PGP, S/MIME

Modes of Operation

• Encryption algorithms are divided into two categories based on the input type: block cipher and stream cipher. A block cipher is an encryption algorithm that takes a fixed-size input (e.g., b bits) and produces a ciphertext of b bits. If the input is larger than b bits, it can be divided further. There are several modes of operation for a block cipher, each suited for different applications and uses.

• Different modes of operation are used to ensure both security and efficiency. Here are a few common modes. Here are a few common modes:
• Electronic Code Book (ECB)
• Cipher Block Chaining
• Cipher Feedback Mode (CFB)
• Output Feedback Mode
• Counter Mode

​

4. Modes of Operation

• Block ciphers encrypt fixed size blocks
• eg. DES encrypts 64-bit blocks with 56-bit key
• need some way to encrypt/decrypt arbitrary amounts of data in practise
• ANSI X3.106-1983 Modes of Use (now FIPS 81) defines different modes

Initialization Vector (IV)�

• A set of bits called an initialization vector (IV) which is used to mix up encryption. It helps to make sure the outcome is different each time, even if you encrypt the same message multiple times. Unlike a key, the IV does not need to be kept under wraps.

​

4.1 Cipher Block Chaining (CBC)

• CBC Mode stands for Cipher block Mode at the sender side; the plain text is divided into blocks. In this mode, IV(Initialization Vector) is used, which can be a random block of text. IV is used to make the ciphertext of each block unique
• each previous cipher blocks is chained with current plaintext block, hence name
• use Initial Vector (IV) to start process

C_i = DES_K1(P_i XOR C_i-1)

C_-1 = IV

• uses: bulk data encryption, authentication

Cont..

• The first block of plain text and IV is combined using the XOR operation and then encrypted the resultant message using the key and form the first block of ciphertext. The first block of ciphertext is used as IV for the second block of plain text. The same procedure will be followed for all blocks of plain text.
• At the receiver side, the ciphertext is divided into blocks. The first block ciphertext is decrypted using the same key, which is used for encryption. The decrypted result will be XOR with the IV and form the first block of plain text. 

Cont..

• The second block of ciphertext is also decrypted using the same key, and the result of the decryption will be XOR with the first block of ciphertext and form the second block of plain text. The same procedure is used for all the blocks.
• CBC Mode ensures that if the block of plain text is repeated in the original message, it will produce a different ciphertext for corresponding blocks.�Note that the key which is used in CBC mode is the same; only the IV is different, which is initialized at a starting point.

​

Advantages and Limitations of CBC

• A ciphertext block depends on all blocks before it
• any change to a block affects all following ciphertext blocks
• need Initialization Vector (IV)
• which must be known to sender & receiver
• if sent in clear, attacker can change bits of first block, and change IV to compensate
• hence IV must either be a fixed value (as in EFTPOS)
• or must be sent encrypted in ECB mode before rest of message

4.2 Cipher FeedBack (CFB)

• message is treated as a stream of bits
• added to the output of the block cipher
• result is feed back for next stage (hence name)
• standard allows any number of bit (1,8, 64 or 128 etc) to be feed back
• denoted CFB-1, CFB-8, CFB-64, CFB-128 etc
• most efficient to use all bits in block (64 or 128)

C_i = P_i XOR DES_K1(C_i-1)

C_-1 = IV

• uses: stream data encryption, authentication

Cont..

• Like cipher block chaining mode, IV is initialized. The IV is kept in the shift register. It is encrypted using the key and form the ciphertext.
• Now the leftmost j bits of the encrypted IV is XOR with the plain text’s first j bits. This process will form the first part of the ciphertext, and this ciphertext will be transmitted to the receiver.
• Now the bits of IV is shifted left by j bit. Therefore the rightmost j position of the shift register now has unpredictable data. These rightmost j positions are now filed with the ciphertext. The process will be repeated for all plain text units.

​

Cipher Feedback (CFB)

Advantages and Limitations of CFB

• appropriate when data arrives in bits/bytes
• most common stream mode
• limitation is need to stall while do block encryption after every n-bits
• note that the block cipher is used in encryption mode at both ends
• errors propogate for several blocks after the error

5. Stream Ciphers

• process message bit by bit (as a stream)
• have a pseudo random keystream
• combined (XOR) with plaintext bit by bit
• randomness of stream key completely destroys statistically properties in message
• C_i = M_i XOR Stream Key_i
• but must never reuse stream key
• otherwise can recover messages (cf book cipher)

Cont..

Encryption

For Encryption,

• Plain Text and Keystream produces Cipher Text (Same keystream will be used for decryption.).
• The Plaintext will undergo XOR operation with keystream bit-by-bit and produces the Cipher Text.

Example:

Plain Text : 10011001

Keystream : 11000011

““““““““““`

Cipher Text : 01011010

Decryption

For Decryption,

• Cipher Text and Keystream gives the original Plain Text (Same keystream will be used for encryption.).
• The Ciphertext will undergo XOR operation with keystream bit-by-bit and produces the actual Plain Text.

Example:

Cipher Text : 01011010

Keystream : 11000011

“““““““““““

Plain Text : 10011001

�

Stream Cipher Structure

Stream Cipher Properties

• some design considerations are:
• long period with no repetitions
• statistically random
• depends on large enough key
• large linear complexity
• properly designed, can be as secure as a block cipher with same size key
• but usually simpler & faster

6. RC4

• a proprietary cipher owned by RSA DSI
• another Ron Rivest design, simple but effective
• variable key size, byte-oriented stream cipher
• widely used (web SSL/TLS, wireless WEP)
• key forms random permutation of all 8-bit values
• uses that permutation to scramble input info processed a byte at a time

RC4 Key Schedule

• starts with an array S of numbers: 0..255
• use key to well and truly shuffle
• S forms internal state of the cipher

​

for i = 0 to 255 do

S[i] = i

T[i] = K[i mod keylen])

j = 0

for i = 0 to 255 do

j = (j + S[i] + T[i]) (mod 256)

swap (S[i], S[j])

RC4 Encryption

• encryption continues shuffling array values
• sum of shuffled pair selects "stream key" value from permutation
• XOR S[t] with next byte of message to en/decrypt

i = j = 0

for each message byte M_i

i = (i + 1) (mod 256)

j = (j + S[i]) (mod 256)

swap(S[i], S[j])

t = (S[i] + S[j]) (mod 256)

C_i = M_i XOR S[t]

RC4 Overview

RC4 Security

• claimed secure against known attacks
• have some analyses, none practical
• result is very non-linear
• since RC4 is a stream cipher, must never reuse a key
• have a concern with WEP, but due to key handling rather than RC4 itself

7. Placement of Encryption

• have two major placement alternatives
• link encryption
• encryption occurs independently on every link
• implies must decrypt traffic between links
• requires many devices, but paired keys
• end-to-end encryption
• encryption occurs between original source and final destination
• need devices at each end with shared keys

Link

• With link encryption, each vulnerable communications link is equipped on both ends with an encryption device.
• Thus, all traffic over all communications links is secured.
• One disadvantage of the approach is that the message must be decrypted each time it enters a packet switch;
• description is necessary because the switch must read the address in the packet header to route the packet. Thus, the message is vulnerable at each switch. If it is a public packet-switching network, the user has no control over the security of the nodes.

Placement of Encryption

End To End

• With end to end encryption, the encryption process is carried out at the two end systems.
• The source host or terminal encrypts the data. The data is encrypted form are then transmitted unaltered across the network to the destination terminal, or host.
• The destination shares a key with the source and so is able to decrypt the data. This approach would seem to secure the transmission against attacks on the network links or switches.

Placement of Encryption

• can place encryption function at various layers in OSI Reference Model
• link encryption occurs at layers 1 or 2
• end-to-end can occur at layers 3, 4, 6, 7
• as move higher less information is encrypted but it is more secure though more complex with more entities and keys

Encryption vs Protocol Level

Traffic Analysis

• is monitoring of communications flows between parties
• useful both in military & commercial spheres
• can also be used to create a covert channel
• link encryption obscures header details
• but overall traffic volumes in networks and at end-points is still visible
• traffic padding can further obscure flows
• but at cost of continuous traffic

8. Key Distribution

• symmetric schemes require both parties to share a common secret key
• issue is how to securely distribute this key
• often secure system failure due to a break in the key distribution scheme

Key Distribution

Given parties A and B have various key distribution alternatives:

• A can select key and physically deliver to B
• third party can select & deliver key to A & B
• if A & B have communicated previously can use previous key to encrypt a new key
• if A & B have secure communications with a third party C, C can relay key between A & B

Key Hierarchy

• typically have a hierarchy of keys
• session key
• temporary key
• used for encryption of data between users
• for one logical session then discarded
• master key
• used to encrypt session keys
• shared by user & key distribution center

Key Distribution Scenario