Key Management and Distribution

Lecturer: Dr. Makarem Bamatraf

1
 key distribution
– key distribution technique:
• a term that refers to the means of delivering a
key to two parties who wish to exchange data
without allowing others to see the key.

– Frequent key changes

• usually desirable in order to limit the amount of
data compromised if an attacker learns the key.

2
 Symmetric Key Distribution
using Symmetric Encryption
For two parties A and B, key distribution can be achieved in a
number of ways, as follows:

1. A can select a key and physically deliver it to B.

2. A third party can select the key and physically deliver it to A

and B.

3. If A and B have previously and recently used a key, one

party can transmit the new key to the other, encrypted using
the old key.

4. If A and B each has an encrypted connection to a third

party C, C can deliver a key on the encrypted links to A and B.
3
 key Distribution
– There is a scale problem depends on the number of communicating
pairs that must be supported:
• If there are N hosts, the number of required keys is [N(N - 1)]/2.

– To solve the scale problem a key distribution center (KDC) is adopted.

– The KDC is responsible for distributing keys to pairs of users as needed.

– Each registered user will get a master key (in some secure fashion such
as physical handling) to communicate securely with the KDC.

– Thus the number of keys for N users will be N Keys. Moreover, each user
will maintain only one key . Each user will get a session key from the KDC
to communicate with one registered user to be used for one time only.

4
key Distribution Scenario

5
key Distribution Scenario cont.
– IDA is the identity of the source.
– IDB is the identity of the destination.
– Nonce = may be a timestamp, a counter, or a
random number; it should be different with each
request and is used to prevent masquerade.
– Ka is the master key between the source and
KDC.
– Kb is the master key between the destination and
KDC.
– N2 is a nonce between B and A.
6
 Hierarchical Key Control
– The key distribution is not limited to one KDC.

– A hierarchical KDC’s are used: local and global.

– Local KDC is responsible for a small domain of the

overall internetwork, such as a single LAN or a single
building.

– If two entities in different domains desire a shared

key, then the corresponding local KDCs can
communicate through a global KDC.
7
 Session Key Lifetime
– Session keys are frequently changed in
order to maintain a high level of security.

– On the other hand, frequent key exchange

forms more overhead on the network.

– A security manager must try to balance these

two issues (key change and Key distribution).

8
 Session Key Lifetime Cont.
– For connection-oriented protocols the choices
are:
• Using the same session key for the length of time that
the connection is open.
• using a new session key for each new session.
• If the connection has a very long lifetime, then it better
to change the session key periodically.
– For connectionless protocols the choices are:
• Use a new session key for each exchange.
• Use a session key for a certain fixed period.
• Use a session key for a certain number of
transactions
9
 Symmetric Key Distribution Using
Asymmetric Encryption
– Simple Secret Key Distribution
• 1. A generates a public/private key pair {PUa, PRa} and transmits a
message to B consisting of PUa and an identifier of A, IDA.

• 2. B generates a secret key, Ks, and transmits it to A, which is

encrypted with A’s public key.

• 3. A computes D(PRa, E(PUa, Ks)) to recover the secret key.

Because only A can decrypt the message, only A and B will know the
identity of Ks.

• 4. A discards PUa and PRa and B discards PUa.

– The Secret Key Distribution above is insecure against man-in-
the-middle attack because the public key PUa is sent to B
insecurely.
10
 Symmetric Key Distribution Using
Asymmetric Encryption Cont.
– The Secret Key Distribution in the previous slide is
insecure against man-in-the-middle attack because
the public key PUa is sent to B insecurely.

– Then the man-in-the-middle could intercept PUa

and creates its own public/private keys to be used
instead of the source A. See the next slide.

– Therefore, the exchange of public keys have to be

done using the subsequent schemes in the next
slides.

11
12
 Distribution of Public Keys
– Public Keys distribution techniques can be
grouped into the following schemes:

• Public announcement
• Publicly available directory
• Public-key authority
• Public-key certificates

13
Distribution of Public-Keys cont.
Public announcement
– In this scheme of distribution the public key
is simply sent to public forums and Internet
mailing lists.

– The weakness of the scheme is that Anyone

can forge such a public announcement.

14
Distribution of Public-Keys cont.
Publicly available directory
– More security would be achieved by maintaining a
publicly available dynamic directory of public keys.

– Maintenance and distribution of the public directory

would have to be the responsibility of some
trusted entity or organization.

– The weakness of this scheme is that when the

adversary accessed the record he can tamper the
public keys stored in the database.
15
Distribution of Public-Keys cont.
Publicly available directory
1. The authority maintains a directory with a {name, public
key} entry for each participant.
2. Each participant registers a public key with the directory
authority. Registration would have to be in person or by
some form of secure authenticated communication.
3. A participant may replace the existing key with a new one
at any time, because:
– the public key that has already been used for a large amount of
data.
– the participant private key has been compromised in some way.
4. Participants could also access the directory electronically
and securely.

16
Distribution of Public-Keys cont.
Publicly-key Authority
– The public-key authority maintains a dynamic directory of public
keys of all participants.

– Each participant reliably knows a public key for the authority, with
only the authority knowing the corresponding private key.

– The weakness is that the public-key authority could be a bottleneck

in the system because the user must request from the authority for a
public key for every other user that it wishes to contact.

– Another weakness as before in the directory the names and public

keys maintained by the authority is vulnerable to tampering.

17
Distribution of Public-Keys cont.

18
Distribution of Public-Keys cont.
Public-key certificates

– This scheme uses certificates issued by

certificate authority (CA).

– The certificates are used by the participants

to exchange Public keys without contacting
a public-key authority.

19
Distribution of Public-Keys cont.
Public-key certificates requirements:
1. Any participant can read a certificate to
determine the name and public key of the
certificate’s owner.
2. Any participant can verify that the certificate
originated from the certificate authority and is not
counterfeit.
3. Only the certificate authority can create and
update certificates.
4. Any participant can verify the time validity of the
certificate.
20
 X.509 Certificates
– X.509 standard has become universally
accepted for formatting public-key certificates.

– Each certificate contains the public key of a

user and is signed with the private key of a
trusted certification authority.

– X.509 was initially issued in 1988. The standard

was subsequently revised in 1993. The standard
is currently at version 7, issued in 2012.

21
X.509 Certificates Use

22
 Certificate Format
The most important fields are:
1. Period of validity that
contains the first and the
last dates the certificate is
valid.
2. User’s Public Key
Information.
3. Signature which is
signed by the CA private
key and be used to verify
the integrity and the
authentication of the
certificate.
23