Key Management
Key Management
October 7, 2024
Key Management 1 / 20
�Key Management
1 Key Management
Key Management 2 / 20
�Key Management
Activity 1
Figure 1: Activity 1
Key Management 3 / 20
�Key Management
1 Key Management
Symmetric Key Distribution using Symmetric Encryption
Symmetric Key Distribution using Asymmetric Encryption
Key Management 4 / 20
�Key Management
Introduction
• Key management refers to the processes and procedures in-
volved in generating, storing, distributing, and managing cryp-
tographic keys used in cryptographic algorithms to protect sen-
sitive data.
• It ensures that keys used to protect sensitive data are kept safe
from unauthorized access or loss.
• Effective key management is crucial for ensuring the confiden-
tiality, integrity, and availability of encrypted information by se-
curing cryptographic keys from unauthorized access, loss, or
compromise.
Key Management 5 / 20
�Key Management
Types of Key Management
1 Symmetric Key Distribution using Symmetric Encryption
2 Symmetric Key Distribution using Asymmetric Encryption
Key Management 6 / 20
�Key Management
1 Key Management
Symmetric Key Distribution using Symmetric Encryption
Symmetric Key Distribution using Asymmetric Encryption
Key Management 7 / 20
�Key Management
Symmetric Key Distribution using Symmetric Encryption
For two parties A and B, key distribution can be achieved in a number
of ways, as follows:
1 A can select a key and physically deliver it to B.
2 A third party can select the key and physically deliver it to A
and B.
3 If A and B have previously and recently used a key, one party
can transmit the new key to the other, encrypted using the old
key.
4 If A and B each has an encrypted connection to a third party
C, C can deliver a key on the encrypted links to A and B.
Key Management 8 / 20
�Key Management
Third-Party Key Distribution Options
Figure 2: Key Distribution Between Two Communicating Entities
Key Management 9 / 20
�Key Management
1 Key Management
Symmetric Key Distribution using Symmetric Encryption
Symmetric Key Distribution using Asymmetric Encryption
Key Management 10 / 20
�Key Management
Symmetric Key Distribution using Asymmetric Encryption
If A wishes to communicate with B, the following procedure is em-
ployed:
• A generates a public/private key pair PUa , PRa and transmits
a message to B consisting of PUa and an identifier of A, IDA .
• B generates a secret key, Ks, and transmits it to A, which is
encrypted with A’s public key.
• A computes D(PRa , E(PUa , Ks )) to recover the secret key.
Because only A can decrypt the message, only A and B will
know the identity of Ks .
• A discards PUa and PRa and B discards PUa .
Key Management 11 / 20
�Key Management
Third-Party Key Distribution Options
Figure 3: Simple Use of Public-Key Encryption to Establish a Session Key
Key Management 12 / 20
�Key Management
Man-in-the-Middle Attack in Simple Secret Key Distribution
Figure 4: Man-in-the-Middle Attac
Key Management 13 / 20
�Key Management
Secret Key Distribution with Confidentiality and Authentication
Figure 5: Public-Key Distribution of Secret Keys
Key Management 14 / 20
�Key Management
Distribution of Public Keys
1 Public announcement
2 Publicly available directory
3 Public-key authority
4 Public-key certificates.
Key Management 15 / 20
�Key Management
Public announcement
Here the public key is broadcast to everyone. The major weakness
of this method is a forgery. Anyone can create a key claiming to
be someone else and broadcast it. Until forgery is discovered can
masquerade as claimed user.
Figure 6: Uncontrolled Public-Key Distribution
Key Management 16 / 20
�Key Management
Publicly Available Directory:
• In this type, the public key is stored in a public directory.
• Directories are trusted here, with properties like Participant Reg-
istration, access and allow to modify values at any time, contains
entries like name, public-key.
• Directories can be accessed electronically still vulnerable to forgery
or tampering.
Key Management 17 / 20
�Key Management
Public Key Authority:
• It is similar to the directory but, improves security by tightening
control over the distribution of keys from the directory.
• It requires users to know the public key for the directory. When-
ever the keys are needed, real-time access to the directory is
made by the user to obtain any desired public key securely.
Key Management 18 / 20
�Key Management
Public Certification:
• This time authority provides a certificate (which binds an iden-
tity to the public key) to allow key exchange without real-time
access to the public authority each time.
• The certificate is accompanied by some other info such as period
of validity, rights of use, etc. All of this content is signed by the
private key of the certificate authority and it can be verified by
anyone possessing the authority’s public key.
• First sender and receiver both request CA for a certificate which
contains a public key and other information and then they can
exchange these certificates and can start communication.
Key Management 19 / 20
�Key Management
Thank You
Key Management 20 / 20