Unit 4

Secure Hash Algorithm

 What is Hashing?

0101011100101001011 1011010
Hash Function
0010100110010101010
1001010010100111 Hash Code

Input Value

● A hash function is any function that can be used to map data of arbitrary size to
fixed-size values, though there are some hash functions that support variable length
output.
● The values returned by a hash function are called hash values, hash codes, digests,
or simply hashes.
Use of hashing

1. Data Verification
2. Password Storage
3. Digital Signatures
4. Message Authentication Codes
Example of SHA-512
good

guod
SHA-512

1. Overall Structure Diagram + 3 steps

2. F Function Explanation in Detail Diagram
3. Round Function Diagram
4. Extraction of 64 bit from 1024 bit Diagram
5. Comparison of SHA’s
SHA-512
Step 4
Step 5
Key Points about Round Function
How Wt of 64 bits translated from 1024 bit input
block?
Unit 4

TRUST: Key management and distribution – Symmetric key distribution using symmetric
and asymmetric encryption – Distribution of public keys – X.509 Certificates.
Symmetric Encryption Asymmetric Encryption

Common Key between

Sender & Receiver Public Private
Problem Statement

Receiver

Sender
1. Symmetric Key Distribution Using Symmetric
Encryption

a) Concepts
b) Key Distribution Scenario
c) Hierarchical Key Control
d) Session Key Lifetime
e) Transparent Key Control Scheme
f) Decentralized Key Control
g) Controlling Key Usage
Concepts
1. Symmetric Encryption - Same key needs to be shared with sender and receiver.
2. How long to use the key?
a. Same key for all communications between sender and receiver
b. Same key for a particular session
c. Unique key for every message
3. Key Distribution - Exchanging keys between two users without compromising the key.
a. A can select a key and physically deliver it to B.
b. A third party can select the key and physically deliver it to A and B.
c. If A and B have previously and recently used a key, one party can transmit the new key
to the other, encrypted using the old key.
d. If A and B each has an encrypted connection to a third party C, C can deliver a key on
the encrypted links to A and B.
4. Options 1 and 2 call for manual delivery of a key. For link encryption, this is a reasonable
requirement, because each link encryption device is going to be exchanging data only with
its partner on the other end of the link. However, for end-to-end encryption over a network,
manual delivery is awkward.
5. Option 3 is a possibility for either link encryption or end-to-end encryption, but if an
attacker ever succeeds in gaining access to one key, then all subsequent keys will be
revealed.
Why end to end requires more keys?
 Concepts Continued… KDC

User A User B

1. For end-to-end encryption, some variation on option 4 has been widely adopted. In this scheme, a
key distribution center is responsible for distributing keys to pairs of users (hosts, processes,
applications) as needed.
2. Each user must share a unique key with the key distribution center for purposes of key distribution.
3. Communication between end systems is encrypted using a temporary key, often referred to as a
session key. Typically, the session key is used for the duration of a logical connection, such as a
frame relay connection or transport connection, and then discarded.
4. Each session key is obtained from the key distribution center over the same networking facilities
used for end-user communication.
5. Accordingly, session keys are transmitted in encrypted form, using a master key that is shared by
the key distribution center and an end system or user. For each end system or user, there is a
unique master key that it shares with the key distribution center
Key Distribution Scenario
Key
Distribution
Points..(1)
Key
Distribution
Points..(2)
Hierarchical Key Control - Multi levels of KDC
❖ For large networks, a hierarchy of KDCs can be established.
❖ For example, there can be local KDCs, each responsible for a small domain of the overall
internetwork, such as a single LAN or a single building.
❖ For communication among entities within the same local domain, the local KDC is responsible for
key distribution.
❖ If two entities in different domains desire a shared key, then the corresponding local KDCs can
communicate through a global KDC. In this case, any one of the three KDCs involved can actually
select the key.
❖ The hierarchical concept can be extended to three or even more layers, depending on the size of
the user population and the geographic scope of the internetwork.
❖ A hierarchical scheme minimizes the effort involved in master key distribution, because most
master keys are those shared by a local KDC with its local entities. Furthermore, such a scheme
limits the damage of a faulty or subverted KDC to its local area only
Session Key Lifetime

1. More frequent key change => More security => But more delays + overhead
2. For connection-oriented protocols, one obvious choice is to use the same session key
for the length of time that the connection is open, using a new session key for each
new session.
a. If a logical connection has a very long lifetime, then it would be prudent to
change the session key periodically, perhaps every time the PDU (protocol data
unit) sequence number cycles.
3. For a connectionless protocol, such as a transaction-oriented protocol, there is no
explicit connection initiation or termination.
a. New session key for each exchange - Costly and time taking
b. use a given session key for a certain fixed period only or for a certain number of transactions.
Transparent Key Control Scheme
session security module (SSM) - end-to-end
encryption and obtains session keys on behalf
of its host or terminal.

Steps:

1. Sender transmits a connection request

packet.
2. The SSM saves that packet and applies
to the KDC for permission to establish
the connection.
3. The communication between the SSM
and the KDC is encrypted using a
master key shared only by this SSM
and the KDC. If the KDC approves the
connection request, it generates the
session key and delivers it to the two
appropriate SSMs, using a unique
permanent key for each SSM.
4. The requesting SSM can now release
the connection request packet, and a
connection is set up between the two
end systems
Decentralized Key Control - Every host acts as KDC
Controlling Key Usage
Need of controlling usage : —- If one key compromised=> Everything gets compromised

1. Use of different type of keys

a. Data-encrypting key, for general communication across a network
b. PIN-encrypting key, for personal identification numbers (PINs) used in electronic funds transfer and
point-of-sale applications
c. File-encrypting key, for encrypting files stored in publicly accessible locations
2. Adding tags to keys to identify type of keys
3. The proposed technique is for use with DES and makes use of the extra 8 bits in each 64-bit DES
key. That is, the eight non-key bits ordinarily reserved for parity checking form the key tag.
a. One bit indicates whether the key is a session key or a master key
b. One bit indicates whether the key can be used for encryption
c. One bit indicates whether the key can be used for decryption
d. The remaining bits are spares for future use.
Better key control : Using Control Vector
Control vector key points
Unit 4

Symmetric Key Distribution

using Asymmetric Encryption
Objective: Share common key between
sender+receiver

Decryption using
Encryption Aravind Private Key
Aravind
Public ; Encrypted Block
key

Gopal Aravind
Technique 1

Problem with this technique : Man in the Middle Attack

Attack
Attack Key Points
Technique 2
Hybrid Scheme

Retains the use of a key distribution center (KDC) that shares a secret master key with each user and distributes secret
session keys encrypted with the master key. A public-key scheme is used to distribute the master keys.

Reason for three level approach:

Performance: There are many applications, especially transaction-oriented applications, in which the session keys change
frequently. Distribution of session keys by public-key encryption could degrade overall system performance because of the
relatively high computational load of public-key encryption and decryption. With a three-level hierarchy, public-key
encryption is used only occasionally to update the master key between a user and the KDC.

Backward compatibility: The hybrid scheme is easily overlaid on an existing KDC scheme with minimal disruption or
software changes.
Distribution of Public Keys

Technique Description

Public Announcement Everyone knows each other’s keys.

Forgery is possible.

Publicly available directory Org is responsible for maintaining directory.

Everyone registered in org has access to this directory.

Public-key authority Strict controller. Gives key only on specific request

Public-key certificates Certificate from controller for each user.

Users can share among them.
1. Public Announcement

● participant can send his or her public key to any other participant or broadcast the key to the
community at large
● many PGP users have adopted the practice of appending their public key to messages that they
send to public forums, such as USENET newsgroups and Internet mailing lists.
● Anyone can forge such a public announcement.
● That is, some user could pretend to be user A and send a public key to another participant or
broadcast such a public key.
● Until such time as user A discovers the forgery and alerts other participants, the forger is able to
read all encrypted messages intended for A and can use the forged keys for authentication
2. Public Directory
3. Public Key
Authority
3. Public Key
Authority
Key points….
4. Public Key Certificates
● Use certificates that can be used by participants to exchange keys without contacting a public-key
authority, in a way that is as reliable as if the keys were obtained directly from a public-key
authority.
● In essence, a certificate consists of a public key, an identifier of the key owner, and the whole block
signed by a trusted third party.
● Typically, the third party is a certificate authority, such as a government agency or a financial
institution, that is trusted by the user community
● A user can present his or her public key to the authority in a secure manner and obtain a certificate.
The user can then publish the certificate. Anyone needing this user’s public key can obtain the
certificate and verify that it is valid by way of the attached trusted signature.
Requirements:
4. Public Key Certificates - Working