Key management: Introduction, How public key distribution done, Diffie Hellman Key Exchage Algorithm,Digital Certificate. Key Management using Digital certificate is done etc. wireshark screenshot showing digital cetificate.
2. What is Key Management?
★ Key management is the management of cryptographic keys in a
cryptosystem.
★ This includes dealing with the generation, exchange, storage, use, and
replacement of keys.
★ It includes cryptographic protocol design, key servers, user procedures,
and other relevant protocols.
★ It deals with entire key lifecycle.
3. Why are we talking about key management?
★ With the rise of Cybercrime, companies are investing significant amounts
in Information Security in order to protect themselves, their employees and
partners, but in the end that might not be enough.
★ Threats:
○ compromise of confidentiality of secret keys
○ compromise of authenticity of secret or public keys.
○ unauthorized use of public or secret keys
12. Diffie Hellman key exchange algorithm
★ First public key algorithm proposed by Diffie and Hellman in 1976.
★ Used only for key exchange
★ Used In many commercial products
13. All users agree on two parameters 1) large prime number q 2)
primitive root a
each user (eg. A) generates their key:
chooses a secret key(number):
xA < q
compute their public key:
yA = a^xA mod q
public keys are stored in universal directory
Algorithm:
14. shared session key for users A & B is KAB:
KAB = axA.xB mod q
= yA^xB mod q (which B can compute)
= yB^xA mod q (which A can compute)
KAB is used as session key in private-key encryption scheme between Alice and Bob
if Alice and Bob subsequently communicate, they will have the same key as before,
unless they choose new public-keys
Disadvantage:
1)man in the middle attack
2) authentication is needed
Algorithm:
16. Digital Certificate
★ A digital identity document binding a public key to a specific person or
organization
★ Certification Authorities are the digital world’s equivalent to passport
offices. They issue digital certificates and validate holders’ identity and
authority
17. What is the Process of obtaining a
certificate?