58662
Crypto U9 protocols (key
establishment), Authentication and
Key Establishment (AKE)
- security objectives
- need to authenticate key holders
- need to prolong authentication so
communication over time can take place
- need to authenticate key holders
- typical security goals
- mutual entity authentication
- mutual data origin authentication
- mutual key establishment
- key confidentiality
- key freshness
- mutual key confirmation
- unbiased key control
- Alice and Bob should be happy that
neither party has unduly influenced
the generation of the key
- Bob and Alice create part
of the key by each providing
some randomness
- There is a trusted 3rd
party used to
generate the key
- Bob and Alice create part
of the key by each providing
some randomness
- Alice and Bob should be happy that
neither party has unduly influenced
the generation of the key
- mutual entity authentication
- Diffie Hellman Agreement Protocol
- assumptions
- public key crypto system with the
property that public keys of differen users
can be numbers over the same modulus p
- a combination function where it
does not matter in which order the
exponentiations are conducted
- public key crypto system with the
property that public keys of differen users
can be numbers over the same modulus p
- Goals
- mutual entity authentication
- none provided
- none provided
- mutual data origin authentication
- none provided
- none provided
- key confidentiality
- do establish common symmetric key
- do establish common symmetric key
- key confidentiality
- achieved because of hardness of equation
- achieved because of hardness of equation
- key freshness
- achievable assuming Alice and
Bob choose fresh private values
- achievable assuming Alice and
Bob choose fresh private values
- mutual key confirmation
- not provided
- not provided
- unbiased key control
- both Bob and Alice contribute
- both Bob and Alice contribute
- mutual entity authentication
- cryptographic
primitives,
actions, flow
- El Gamal
- El Gamal
- open to man in
the middle attacks
- assumptions
- Station to Station protocol
- based on Diffie Hellman, uses
digital signatures & certificates
- solves Diffie Hellman protocol
authentication & mutual key
confirmation problems
- solves Diffie Hellman protocol
authentication & mutual key
confirmation problems
- based on Diffie Hellman, uses
digital signatures & certificates
- ISO 9798-2 Trusted Third
Party AKE (simplified version)
- assumptions
- Alice has a shared symmetric key with with TTP
- Bob has a shared symmetric key with TTP
- Alice & Bob can generate nonces
- Alice has a shared symmetric key with with TTP
- cryptographic primitives, actions, flow
- Goals
- mutual entity authentication
- achieved because of trust in TTP
- achieved because of trust in TTP
- mutual data origin authenication
- achieved even without a MAC
- achieved even without a MAC
- mutual key establishment
- achieved
- achieved
- key confidentiality
- achieved
- achieved
- key freshness
- achieved so long as the TTP generates fresh keys
- achieved so long as the TTP generates fresh keys
- mutual key confirmation
- achieved
- achieved
- unbiased key control
- achieved
- achieved
- mutual entity authentication
- assumptions
Want to create your own Mind Maps for free with GoConqr? Learn more.