key management
TRANSCRIPT
Key Managementcryptography
What is Key Management?
★Key management is the management of cryptographic keys in a cryptosystem.
★This includes dealing with the generation, exchange, storage, use, and replacement of keys.
★It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.
★It deals with entire key lifecycle.
Why are we talking about key management?
★With the rise of Cybercrime, companies are investing significant amounts in Information Security in order to protect themselves, their employees and partners, but in the end that might not be enough.
★Threats:○ compromise of confidentiality of secret keys
○ compromise of authenticity of secret or public keys.
○ unauthorized use of public or secret keys
Key management techniques
a)Symmetric-key encryption:
Key management techniques
b)Public-key
encryption:
Key LifeCycle
Distribution of Public Keys
★ Public announcement
★ Publicly available directory
★ Public-key authority ★ Public-key
certificates
Public announcement
Publicly available directory
Public-key authority
Public-key certificates
Diffie Hellman key exchange algorithm
★First public key algorithm proposed by Diffie and Hellman in
1976.
★Used only for key exchange
★Used In many commercial products
All users agree on two parameters 1) large prime number q 2) primitive root a each user (eg. A) generates their key: chooses a secret key(number): xA < q
compute their public key: yA = a^xA mod q
public keys are stored in universal directory
Algorithm:
shared session key for users A & B is KAB: KAB = axA.xB mod q = yA^xB mod q (which B can compute) = yB^xA mod q (which A can compute) KAB is used as session key in private-key encryption scheme between Alice and Bob
if Alice and Bob subsequently communicate, they will have the same key as before, unless they choose new public-keys Disadvantage: 1)man in the middle attack 2) authentication is needed
Algorithm:
Digital Certificate
Digital Certificate
★A digital identity document binding a public key to a specific
person or organization
★Certification Authorities are the digital world’s equivalent to
passport offices. They issue digital certificates and validate
holders’ identity and authority
What is the Process of obtaining a certificate?
How do You Obtain An Individual’s Public Key?
How Digital Certificates are Used for Message Encryption?
X.509 Certificates
In Chrome, Settings->Advanced Setting->Manage Certificates
In Wireshark, SSL packets captured
Thank You