key management diffie-hellman key exchange elliptic curve arithmetic

20
KEY MANAGEMENT; OTHER KEY MANAGEMENT; OTHER PUBLIC-KEY PUBLIC-KEY CRYPTOSYSTEMS CRYPTOSYSTEMS - - Chapter 10 Chapter 10 KEY MANAGEMENT DIFFIE-HELLMAN KEY EXCHANGE ELLIPTIC CURVE ARITHMETIC ELLIPTIC CURVE CRYPTOGRAPHY

Upload: stacy-holmes

Post on 03-Jan-2016

37 views

Category:

Documents


3 download

DESCRIPTION

KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10. KEY MANAGEMENT DIFFIE-HELLMAN KEY EXCHANGE ELLIPTIC CURVE ARITHMETIC ELLIPTIC CURVE CRYPTOGRAPHY. Two Aspects: Distribution of, Public Keys Secret Keys using PKC encryption. - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

KEY MANAGEMENT; OTHER KEY MANAGEMENT; OTHER PUBLIC-KEY PUBLIC-KEY CRYPTOSYSTEMSCRYPTOSYSTEMS - Chapter 10 - Chapter 10

• KEY MANAGEMENT

• DIFFIE-HELLMAN KEY EXCHANGE

• ELLIPTIC CURVE ARITHMETIC

• ELLIPTIC CURVE CRYPTOGRAPHY

Page 2: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

KEY MANAGEMENTKEY MANAGEMENT

Two Aspects:

Distribution of,

• Public Keys

• Secret Keys using PKC encryption

Page 3: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

DISTRIBUTION OF PUBLIC KEYSDISTRIBUTION OF PUBLIC KEYS

• PUBLIC ANNOUNCEMENT - easy to forge (e.g. append public key to email)

• PUBLICLY AVAILABLE DIRECTORY - [name,public-key], secure registration/access

• PUBLIC-KEY AUTHORITY - shared public/private key pair with each user

• PUBLIC-KEY CERTIFICATES - exchange authentic keys without contacting authority

Page 4: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

UNCONTROLLEDPUBLIC-KEY DISTRIBUTION

F igur e 10.1 U ncontrolled P ublic K ey D istr ibution

¥¥¥

K U a

K U a

K U a

K U a

K U b

K U b

K U b

K U b

¥¥¥

A B

Page 5: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

PUBLIC-KEY PUBLICATION

F igur e 10.2 P ublic K ey P ublication

P ublic-K eyD irector y

K U a K U b

A B

Page 6: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

PUBLIC-KEY DISTRIBUTION SCENARIO

(1) R equest || T ime 1

(3) E K U b [ID A || N 1]

(7) E K U b [ N 2 ]

F igur e 10.3 P ublic-K ey D istr ibution Scenar io

(6) E K U a [N 1 || N 2]

(4) R equest || T ime 2

I nitiatorA

P ublic-k eyA uthor ity

R esponderB

(5) E K R auth [K U a || Request || T ime2]

(2) E K R auth [K U b || Request || T ime1]

Page 7: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

7

EXCHANGE OF PUBLIC-KEY CERTIFICATES

C A = E K R auth [ T ime 1, ID A , K U a ]

(1) C A

F igur e 10.4 E xchange of P ublic-K ey C er tificates

(2) C B

C B = E K Rauth [ T ime 2, ID B , K U b ]

KU a KU b

A B

C er tificateA uthor ity

Page 8: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

88

EXCHANGE OF PUBLIC-KEY EXCHANGE OF PUBLIC-KEY CERTIFICATES CERTIFICATES

Any participant can Any participant can readread certificate to certificate to

determine name and public key of cert. ownerdetermine name and public key of cert. owner Any participant can Any participant can verify verify that cert. is notthat cert. is not

counterfeit.counterfeit. Only the Only the certificate authoritycertificate authority can create can create

and update certs.and update certs. Any participant can Any participant can verify currencyverify currency of of

certificate.certificate.

Page 9: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

99

EXCHANGE OF PUBLIC-KEY EXCHANGE OF PUBLIC-KEY CERTIFICATES CERTIFICATES

To read and verify:To read and verify:

DDKUKUauthauth[C[CAA] = D] = DKUKUauthauth

[E[EKRKRauthauth[T,ID[T,IDAA,K,KUUaa

]] = (T,ID]] = (T,IDAA,K,KUUaa))

TimestampTimestamp counteracts: counteracts:

A’s private key learned by opponentA’s private key learned by opponent

A updates private/public key pairA updates private/public key pair

Opponent replays old cert. to BOpponent replays old cert. to B

B encrypts using old public keyB encrypts using old public key

Page 10: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

10

PKC TO ESTABLISH SESSION KEY

(1) K U a || ID A

(2) E K U a [K s ]

A B

F igur e 10.5 Simple U se of P ublic-K ey E ncr yption to E stablish a Session K ey

Page 11: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

11

PKC TO ESTABLISH SESSION KEY(1) K U a || ID A

(2) E KU a [K s ]

A B

F igur e 10.5 Simple U se of P ublic-K ey E ncr yption to E stablish a Session K ey

KUa and KRa discarded afterwardsAdvantage: No keys before or after protocolBut, A [KUa,IDa] E [KUe,IDe] B B EKUe

[Ks] E EKUa[Ks] A

E learns Ks

A and B unaware

Page 12: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

12

PUBLIC-KEY DISTRIBUTION OF SECRET KEYS

(2) EK U a [N 1 || N 2]

F igur e 10.6 P ublic-K ey D istr ibution of Secr et K eys

(1) EK U b

[N 1 || ID A ]

(3) EK U b

[N 2]

I nitiatorA

R esponderB

(4) E K U b[E K R a[K s]]

Page 13: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

13

PUBLIC-KEY DISTRIBUTION OF SECRET KEYS

(2) EK U a [N 1 || N 2]

F igur e 10.6 P ublic-K ey D istr ibution of Secr et K eys

(1) EK U b

[N 1 || ID A ]

(3) EK U b

[N 2]

I nitiatorA

R esponderB

(4) E K U b[E K R a[K s]]

• N1 || N2 prevent eavesdropping• Scheme ensures confidentiality and

authentication

Page 14: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

14

DIFFIE-HELLMAN KEY EXCHANGEG lobal P ublic E lem ents

q prim e num ber

a a < q and a a prim itive root of q

User A Key Generation

S elect private X A X A < q

C alculate public Y A Y A = a X A m od q

U s er B K ey G eneration

S elect private X B X B < q

C alculate public Y B Y B = a X B m od q

Generation of Secret Key by User A

K = ( Y B )X A m od q

Generation of Secret Key by User B

K = ( Y A )X B m od q

Figure 10.7 The Diffie-Hellman Key Exchange Algorithm

Page 15: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

15

DIFFIE-HELLMAN KEY EXCHANGE

YA

YB

F igur e 10.8 D iffie-H ellman K ey E xchange

U ser A U ser B

G enerate random X A < q;C alculate Y A = a X A mod q G enerate

random X B < q;C alculate Y B = a X B mod q;C alculate K = (Y A )X B mod q C alculate

K = (Y B )X A mod q

Page 16: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

1616

ELLIPTIC CURVES INSTEADELLIPTIC CURVES INSTEAD OF RSA OF RSA

ReplaceReplace multiplication with ’addition’ multiplication with ’addition’

(a x a x a ….x a) mod n(a x a x a ….x a) mod n

replaced byreplaced by

(a + a + a … + a) mod {elliptic curve}(a + a + a … + a) mod {elliptic curve}• Multiplicative order (size of ’circle’)Multiplicative order (size of ’circle’)

replaced byreplaced by

#points#points on elliptic curve on elliptic curve• Elliptic curve defined by cubic equation:Elliptic curve defined by cubic equation:

yy22 + xy = x + xy = x33 + ax + ax22 + b + b

Page 17: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

17

EXAMPLE OF ELLIPTIC CURVES

Ð4

Ð2

0

2

4

543210Ð1Ð2

Ð4

Ð2

0

2

4

543210Ð1Ð2

(a) y2 = x 3 Ð x

(b ) y2 = x3 + x + 1

F igur e 10.9 E xample of E ll iptic C ur ves

P

P

Q

Q

Ð(P + Q)

Ð(P + Q)

(P + Q)

(P + Q)

Page 18: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

18

ELLIPTIC CURVE E23(1,1)

Ð4

Ð2

0

2

4

543210Ð1Ð2

Ð4

Ð2

0

2

4

543210Ð1Ð2

(a) y2 = x 3 Ð x

(b ) y2 = x3 + x + 1

F igur e 10.9 E xample of E ll iptic C ur ves

P

P

Q

Q

Ð(P + Q)

Ð(P + Q)

(P + Q)

(P + Q)

Page 19: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

19

ECC KEY EXCHANGEG lobal P ublic E lem ents

E q(a , b ) elliptic curve with param eters a, b, and q, where q is a prim eor an integer of the form 2 m

G point on elliptic curve whos e order is large value n

User A Key Generation

S elect private nA nA < n

C alculate public P A P A = nA ´ G

U s er B K ey G eneration

S elect private nB nA < n

C alculate public P B P B = nB ´ G

Generation of Secret Key by User A

K = nA ´ P B

Generation of Secret Key by User B

K = nB ´ P A

F igure 10.11 EC C Key Exchange

Page 20: KEY MANAGEMENT   DIFFIE-HELLMAN KEY EXCHANGE   ELLIPTIC CURVE ARITHMETIC

2020

ELLIPTIC CURVE vs RSAELLIPTIC CURVE vs RSA

TABLE 10.2TABLE 10.2