| Date post: | 09-Apr-2018 |
| Category: |
Documents |
| Upload: | anshu-koul |
| View: | 221 times |
| Download: | 0 times |
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 1/24
Cryptography and Key Management Basics
Erik ZennerTechnical University Denmark (DTU)
Institute for [email protected]
DTU, Oct. 23, 2007
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 1 / 24
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 2/24
Plan for Today
1 Talk 1: Cryptography and Key Management Basics(Erik Zenner)
2 Talk 2: Public Key Infrastructure(Christian D. Jensen)
3 DiscussionIdentify open questions
If you have questions, don’t hesitate to ask (anytime).
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 2 / 24
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 3/24
1Cryptographic BasicsGoals, Algorithms, and Keys
Symmetric vs. Asymmetric CryptographyImportant Examples
2 Key ManagementKey SetupKey Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 3 / 24
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 4/24
Cryptographic Basics
Outline
1 Cryptographic BasicsGoals, Algorithms, and KeysSymmetric vs. Asymmetric CryptographyImportant Examples
2 Key ManagementKey SetupKey Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 4 / 24
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 5/24
Cryptographic Basics Goals, Algorithms, and Keys
Protection Goals
Cryptography is not only about encryption. There exist many potentialprotection goals:
CondentialityData Authentication
IntegrityAuthenticityNon-Repudiation
Entity AuthenticationKey EstablishmentAnonymity...
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 5 / 24
C hi B i G l Al i h d K
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 6/24
Cryptographic Basics Goals, Algorithms, and Keys
From Algorithm to Solution
Cryptography is only about the lowest “layers” when building a securitysolution. Higher layers are typically handled bySecurity Engineers .
Layer Example
Algorithm / Primitive AES, RSAScheme AES-128-CTR, OAEPProtocol (math) Diffie-Hellman, KerberosProtocol (tech) SSL/TLS, IPSecImplementation OpenSSL (C/C++)
Deployment Portalen Single Sign-on
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 6 / 24
C t hi B i G l Al ith d K
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 7/24
Cryptographic Basics Goals, Algorithms, and Keys
Cryptographic Keys
Standard Assumption:The attacker knows everything about the security solution with theexception of the key. (Kerckhoffs’ Principle)
Why?
Protecting keys is easier than protecting whole implementations.Managing keys (generating, exchanging, storing, changing...) is easierthan managing whole implementations.If only the key is secret, all other aspects of the security solution can
be publicly scrutinised.Consequence:Protect the key by all means!
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 7 / 24
Cryptographic Basics Goals Algorithms and Keys
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 8/24
Cryptographic Basics Goals, Algorithms, and Keys
Purpose of Cryptographic Keys
The following is a categorisation of cryptographic keys according to whatthey are used for:
Data key: Directly used for the cryptographical purpose, e.g.encryption or authentication.Key-encryption key: Used to encrypt other keys, e.g. in keyexchange or key storage.Master key: Used to generate other keys, using a key derivationfunction (KDF).E.g.: Session Key := KDF(Master Key, Session Number).
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 8 / 24
Cryptographic Basics Symmetric vs Asymmetric Cryptography
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 9/24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
Symmetric Keys
Cryptographic operations typically involve a sender and a receiver (can bethe same person).
Symmetric Keys: Sender and receiver use the same key (traditional
case).Properties:
Short keys (80-256 bit)Fast algorithms
Special case: Passwords.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 9 / 24
Cryptographic Basics Symmetric vs Asymmetric Cryptography
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 10/24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
Asymmetric Keys
Asymmetric Keys: Sender and receiver use different keys:Public key: publicly available (e.g. for encryption)Private key: personal secret (e.g. for decryption)
Properties:Long keys (e.g. RSA: 768-4095 bit)Slow algorithms
Advantage: Makes key transport easy if implemented properly.Remark: Public “keys” are known to the attacker, i.e. no real keys.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 10 / 24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 11/24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
Example 1: Hybrid Encryption
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 11 / 24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 12/24
yp g p y y yp g p y
Example 2: Digital Signature
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 12 / 24
Cryptographic Basics Important Examples
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 13/24
yp g p p p
Algorithm Classication
If we organise cryptographic algorithms and protocols byprotection goals andsymmetric vs. asymmetric keys,
we obtain the following table:
Symmetric AsymmetricCondentiality Sym. Encryption Asym. EncryptionData Authentication MAC Digital SignaturesEntity Authentication Challenge/Response, Challenge/Response,
Passwords Zero KnowledgeKey Establishment var. var.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 13 / 24
Cryptographic Basics Important Examples
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 14/24
yp g p p p
Important Examples
The following are examples for such algorithms and protocols:Symmetric Encryption: AEA (AES), DEA (DES), RC4Asymmetric Encryption: RSA, ElGamal
MAC: HMAC, CBC-MACDigital Signatures: RSA, DSA (DSS), ECDSAEntity Authentication: Password, PIN, OTP, Biometrics, Kerberos,Needham-Schroeder
Key Establishment: Diffie-Hellman, IKE, Kerberos,Needham-Schroeder, TTP, Public-Key Infrastructure (PKI)
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 14 / 24
Key Management
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 15/24
Outline
1 Cryptographic BasicsGoals, Algorithms, and KeysSymmetric vs. Asymmetric CryptographyImportant Examples
2 Key ManagementKey SetupKey Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 15 / 24
Key Management Key Setup
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 16/24
Key Generation
Any secret key material has to be generated. Main options:Generated by one party, then sent to the other (key transport).Generated by all parties working together (key agreement).Generated by a trusted third party and sent to all parties.
The form of the key material depends on its use (e.g., RSA keys are verydifferent from AES-128 keys). See the relevant standard for details of format and generation.
With the exception of passwords, key generation typically requires somekind of random input.⇒ Random number generation
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 16 / 24
Key Management Key Setup
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 17/24
Random Number Generation
Three types of random number generators (often confused):Statistical random number generator:Deterministic algorithm, not cryptographically secure(e.g., rand() from stdlib.h in C/C++).⇒ Never use this for cryptographic purposes!
Cryptographic random number generator:Deterministic algorithm, cryptographically secure.Be very careful to seed correctly!Be careful to protect the inner state against attacker!Real random number generator:Uses measurements of physical processes to generate “real”randomness.Too expensive for most applications.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 17 / 24
Key Management Key Setup
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 18/24
Key Exchange
In addition to being generated, the key also needs to be distributed to alllegitimate parties.
How to prevent others from seeing the key?
How to authenticate the legitimate parties (sender and receiver)?How to distribute the key to the legitimate parties?How to verify that the legitimate parties received the key?
If done remotely: Use cryptography (many different solutions).Sometimes easier: Personal key exchange.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 18 / 24
Key Management Key Life-Cycle
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 19/24
Key Storage
Keys have to be stored somehow. Problems include:How to store keys such that only legitimate parties have access?
Use more keys?Special case: Passwords (not stored in hardware)
How to make backups such that lost keys can be recovered?Prioritise: Availability or security?Backups have to be secured, too!
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 19 / 24
Key Management Key Life-Cycle
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 20/24
Key Expiration
Keys can (in fact: should) expire sometime. Problems include:How to keep track of key expiration?Inform all users.Set up new key.What happens after expiration?
Archive old key material? How?Delete old key material? How? Remember all copies!
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 20 / 24
Key Management Key Life-Cycle
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 21/24
Key Compromise
Worst case: Key has been compromised because1 an attacker has potentially had access to the key, or2 the corresponding cryptographic algorithm was broken.
What do we have to do?Key must no longer be used in the future.
Key Expiration (see above)All concerned parties have to be informed.
Key Revocation (see talk 2)
Old documents have to be protected.Re-Encryption? Re-Signing?Destruction of old documents?
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 21 / 24
Final Remarks
O li
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 22/24
Outline
1 Cryptographic BasicsGoals, Algorithms, and KeysSymmetric vs. Asymmetric CryptographyImportant Examples
2 Key ManagementKey SetupKey Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 22 / 24
Final Remarks
H P d
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 23/24
How to Proceed
No international standards on key management.Probably to come in the next years
No “one size ts all” solutions.You have to know the usage scenario.
Never build your own cryptographic solutions!Use off-the-shelf (or off-the-standard) products.If in doubt, ask cryptographers or IT security engineers.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 23 / 24
Final Remarks
R f / F th R di
8/8/2019 2007 Talk Crypto Basics
http://slidepdf.com/reader/full/2007-talk-crypto-basics 24/24
References / Further Reading
The following books and references could be useful:N. Ferguson, B. Schneier: Practical Cryptography. Wiley, 2003.A. Menezes, P.C. van Oorschot, S.A. Vanstone: Handbook of AppliedCryptography.(parts of chapters 10,12,13; available online)NIST SP 800-57: Recommendation for Key Management.(3 parts; available online)
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 24 / 24
