Crypto U9 protocols (key establishment), Authentication and Key Establishment (AKE)

Mind Map by , created over 6 years ago

IYM002 (Unit 9 - cryptographic protocols) Mind Map on Crypto U9 protocols (key establishment), Authentication and Key Establishment (AKE), created by jjanesko on 04/27/2013.

Created by jjanesko over 6 years ago
Crypto U4, Block Cipher, Counter Mode
Crypto U1, Basic Principles
Crypto U4, Stream Cipher
GCSE Maths: Algebra & Number Quiz
Andrea Leyden
Junior Cert Physics formulas
Sarah Egan
Crypto U9, Cryptographic Protocols
Crypto U4, Block Cipher, Cipher Feedback Mode (CFB)
Crypto U4, Block Cipher, Electronic Codebook Mode (ECB)
Crypto U3, Theoretical vs. Practical Security
Crypto U4, Block Cipher, Cipher Block Chaining Mode (CBC)
Crypto U9 protocols (key establishment), Authentication and Key Establishment (AKE)
1 security objectives
1.1 need to authenticate key holders
1.2 need to prolong authentication so communication over time can take place
2 typical security goals
2.1 mutual entity authentication
2.2 mutual data origin authentication
2.3 mutual key establishment
2.4 key confidentiality
2.5 key freshness
2.6 mutual key confirmation
2.7 unbiased key control
2.7.1 Alice and Bob should be happy that neither party has unduly influenced the generation of the key Bob and Alice create part of the key by each providing some randomness There is a trusted 3rd party used to generate the key
3 Diffie Hellman Agreement Protocol
3.1 assumptions
3.1.1 public key crypto system with the property that public keys of differen users can be numbers over the same modulus p
3.1.2 a combination function where it does not matter in which order the exponentiations are conducted
3.2 Goals
3.2.1 mutual entity authentication none provided
3.2.2 mutual data origin authentication none provided
3.2.3 key confidentiality do establish common symmetric key
3.2.4 key confidentiality achieved because of hardness of equation
3.2.5 key freshness achievable assuming Alice and Bob choose fresh private values
3.2.6 mutual key confirmation not provided
3.2.7 unbiased key control both Bob and Alice contribute
3.3 cryptographic primitives, actions, flow
3.3.1 El Gamal
3.4 open to man in the middle attacks
4 Station to Station protocol
4.1 based on Diffie Hellman, uses digital signatures & certificates
4.1.1 solves Diffie Hellman protocol authentication & mutual key confirmation problems
5 ISO 9798-2 Trusted Third Party AKE (simplified version)
5.1 assumptions
5.1.1 Alice has a shared symmetric key with with TTP
5.1.2 Bob has a shared symmetric key with TTP
5.1.3 Alice & Bob can generate nonces
5.2 cryptographic primitives, actions, flow
5.3 Goals
5.3.1 mutual entity authentication achieved because of trust in TTP
5.3.2 mutual data origin authenication achieved even without a MAC
5.3.3 mutual key establishment achieved
5.3.4 key confidentiality achieved
5.3.5 key freshness achieved so long as the TTP generates fresh keys
5.3.6 mutual key confirmation achieved
5.3.7 unbiased key control achieved

Media attachments