Key Management in Cryptography

advertisement
Key Management in Cryptography
What is key management?
 Why are we talking about key
management?
 Key management techniques
 Key management life cycle

What is key management?


Definition: Key management is the set of techniques
and procedures supporting the establishment and
maintenance of keying relationships between
authorized parties.
A keying relationship is the state wherein
communicating entities share common data(keying
material) to facilitate cryptography techniques. This
data may include public or secret keys, initialization
values, and additional non-secret parameters.
What is key management (cont.)?

Key management encompasses techniques
and procedures supporting:
1. initialization of systems users within a domain;
2. generation, distribution, and installation of keying
material;
3. controlling the use of keying material;
4. update, revocation, and destruction of keying material;
and
5. storage, backup/recovery, and archival of keying
material.
Why are we talking about key management?

Most attacks aimed at key management
level rather than cryptographic algorithm
itself?

Key management objectives, threats, and
policy
Why are we talking about key management?
 Objectives
The objective of key management is to maintain
keying relationships and keying material in a
manner that counters relevant threats
In practice an additional objective is conformance to
a relevant security policy
Why are we talking about key management?
 Threats
1. compromise of confidentiality of secret keys
2. compromise of authenticity of secret or public keys.
3. unauthorized use of public or secret keys
Why are we talking about key management?
 Security policy
Security policy explicitly or implicitly defines the
threats a system is intended to address
Security policy may affect the stringency of
cryptographic requirements, depending on the
susceptibility of the environment in questions to
various types of attack.
Why are we talking about key management?
Security policies also typically specify:
1. practices and procedures to followed in carrying out
technical and administrative aspects of key
management, both automated and manual;
2. The responsibilities and accountability of each party
involved; and
3. The types of tecords to be kept, to support subsequent
reports or reviews of security-related events.
Key management techniques

Public-key vs. symmetric-key techniques
Primary advantages offered by public-key (vs.
symmetric-key) techniques for applications related to
key management include:
1. simplified key management
2. on-line trusted server not required
3. enhanced functionality
Key management techniques

a)
Key management
Symmetric-key encryption
plaintext
ciphertext
encryption
secret key
symmetric
key generator
decryption
plaintext
secret key
Key management techniques
b) public-key encryption
plaintext
plaintext
ciphertext
encryption
decryption
public key
private key
asymmetric key pair
generation
secure channel (private and authentication)
secure channel (authentication only)
unsecured channel (no protection)
Key management techniques

Techniques for distributing confidential keys
- Key layering and symmetric-key certificates
Key layering:
1. master keys – keys at the highest level in the hierarchy
2. key-encrypting keys – symmetric keys or encryption public
keys used for key transport or storage of other keys
3. data keys – used to provide cryptographic operations on user
data
Key management techniques
symmetric-key certificates:
Symmetric-key certificates provide a means for a KTC(Key
Translation Center) to avoid the requirement of either maintaining
a secure database of user secrets (or duplicating such a database
for multiple servers), or retrieving such keys from a database upon
translation requests.
Key management techniques

Techniques for distributing public keys
- Authentication trees
Authentication trees provide a method for making public data
available with verifiable authenticity, by using a tree structure in
conjunction with a suitable hash function, and authenticating the
root value.
- Public-key certificates
Public-key certificates are a vehicle by which public keys may be
stored, distributed or forwarded over unsecured media without
danger of undetectable manipulation
Key management techniques
- Two public-key systems
a) Identity-based system
b) asymmetric system with implicitly-certified public
keys
Key management techniques

Techniques for controlling key usage
- Key separation and constraints on key usage
Information that may be associated with cryptographic keys includes
both attributes which restrict their use, and other information of
operational use.These include:
1. owner of key
2. validity period
3. key identifier
4. intended use
5. specific algorithm
6. system or environment of intended use, or authorized users of key
7. names of entries associated with key generation, registration, and
certification
8. integrity checksum on key
Key management techniques
- Key

separation and threat of key misuse
The principle of key separation is that keys for different purposes
should be cryptographically separated. The threat of key misuse
may be addressed by techniques which ensure that keys are
used only for those purposes pre-authorized at the time of key
creation.
Techniques for controlling use of symmetric keys
The main technique is the use of control vectors:
Control vectors provide a method for controlling the use of keys,
by combing the idea of key tags with the mechanism of simple key
notarization.
Key management techniques

Key management involving multiple domains
- Definition A security domain is defined as a (sub)system
under the control of a single authority which the entities therein
trust.
Trusted between two domains
Two parties A and B, belonging to distinct security domains DA
and DB with respectively authorities TA and TB, may wish to
communicate securely. This can be reduced to the requirement
that A and B either:
a) Share a symmetric key b) share trusted public keys
Key management life cycle

Key management life cycle
Key management is simplest when all cryptographic
keys are fixed for all time. Cryptoperiods necessitate
the update of keys.
Key update necessitates additional procedures and
protocols, often including communications with third
parties in public-key systems. The sequence of states
which keying material progresses through overt its
lifetime is called the key management life cycle. Life
cycle stages may include:
Key management life cycle
1. user registration
2. user initialization
3. key generation
4. key installation
5. key registration
6. normal use
7. key backup
8. key update
9. archival
10. key de-registration and destruction
11. key recovery
12. key revocation
Download