Introduction to Cryptographic Key Management

Outline

Context Definitions Description Principles Illustrations and Demonstrations Recommendations

Context -- Cryptography is:

use of secret codes to hide and authenticate data suited to open and hostile environments broadly applicable portable composable can emulate any media or environment control arbitrarily strong effective efficient

Context

cost of crypto is low falling with the cost of computing relative strength is rising strong as we need it to be stronger than other security mechanisms strong link in the security chain robust, resilient, not likely to break very unlikely to collapse advantage is to the cryptographer

Modern Cryptography - the great inventions

automatic encoding and decoding the large independent key variable complexity-based encryption (DES) asymmetric key automatic key management

DES DESMessage Message

Out-of -channel exchange

Symmetric Key Cryptography

Key Management

generation recording transcription distribution installation storage change disposition and control

Key Management

generation recording transcription distribution installation storage change disposition and control

Key Management

is very important must be rigorous and disciplined principal point of attack not intuitive easy to screw up

Modern Key Management

fully automated, (i.e., no manual operations) permits frequent key change (e.g., file, session, message,

transaction, or other data object) increases the effective key length or security balances the interests in the key of multiple parties application of RSA and smart cards may be integrated or stand-alone

Applications of Key Management

increase effective strength compensate for limitations of algorithm involve multiple people in sensitive duties personal security environments

Principles of Key Management

No key may ever appear in the clear All keys must be randomly generated by a crypto engine Keys must be chosen evenly from the entire key space Must not have any (visible) structure Key-encrypting keys are separate from data keys Everything encrypted under a key-encrypting key must

originate within a crypto engine Key management must be automated

Asymmetric Key Cryptography

key has two parts what is encrypted with one part may only be decrypted

with the other only one part need be kept secret requires a minimum of prearrangement

Public Key Issues

public key need not be kept secret must be the right key i.e., association between public key and legal person encapsulated in a certificate signed by someone who knows

RSAMessage MessageRSA

Digital Envelope

Bob’sPrivate Key

Bob’sPublic Key

Bob

RSAMessage MessageRSAMessage

Digital Signature

John’sPrivate Key

John’sPublic Key

Characteristic DES RSA

Relative Speed Fast Slow Functions Used Transposition Multiplication & Substitution Key - length 56 bits 400-800 bits Least Cost Attack Exhaustion Factoring Cost of Attack Centuries Centuries Time to Generate Micro-seconds Tens of Seconds a Key Key Type Symmetric Asymmetric

DESRSAMessage MessageRSA

Hybrid Cryptography

Jane’sPublic Key

Jane’sPrivate Key

JaneDESMessage

Key Management Systems and Protocols

PGP RSA Secure Kerberos KDC Secure Socket Layer (SSL) XML Key Management System X509 Certificates/PKIX BBN SafeKeyper ISAKMP and Oakley