Professional Documents
Culture Documents
Erik Zenner
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 1 / 24
Plan for Today
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 2 / 24
1 Cryptographic Basics
Goals, Algorithms, and Keys
Symmetric vs. Asymmetric Cryptography
Important Examples
2 Key Management
Key Setup
Key Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 3 / 24
Cryptographic Basics
Outline
1 Cryptographic Basics
Goals, Algorithms, and Keys
Symmetric vs. Asymmetric Cryptography
Important Examples
2 Key Management
Key Setup
Key Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 4 / 24
Cryptographic Basics Goals, Algorithms, and Keys
Protection Goals
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 5 / 24
Cryptographic Basics Goals, Algorithms, and Keys
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 6 / 24
Cryptographic Basics Goals, Algorithms, and Keys
Cryptographic Keys
Standard Assumption:
The attacker knows everything about the security solution with the
exception of the key. (Kerckhoffs’ Principle)
Why?
Protecting keys is easier than protecting whole implementations.
Managing keys (generating, exchanging, storing, changing...) is easier
than managing whole implementations.
If only the key is secret, all other aspects of the security solution can
be publicly scrutinised.
Consequence:
Protect the key by all means!
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 7 / 24
Cryptographic Basics Goals, Algorithms, and Keys
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 8 / 24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
Symmetric Keys
Symmetric Keys: Sender and receiver use the same key (traditional
case).
Properties:
Short keys (80-256 bit)
Fast algorithms
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 9 / 24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
Asymmetric Keys
Properties:
Long keys (e.g. RSA: 768-4095 bit)
Slow algorithms
Remark: Public “keys” are known to the attacker, i.e. no real keys.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 10 / 24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 11 / 24
Cryptographic Basics Symmetric vs. Asymmetric Cryptography
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 12 / 24
Cryptographic Basics Important Examples
Algorithm Classification
Symmetric Asymmetric
Confidentiality Sym. Encryption Asym. Encryption
Data Authentication MAC Digital Signatures
Entity Authentication Challenge/Response, Challenge/Response,
Passwords Zero Knowledge
Key Establishment var. var.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 13 / 24
Cryptographic Basics Important Examples
Important Examples
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 14 / 24
Key Management
Outline
1 Cryptographic Basics
Goals, Algorithms, and Keys
Symmetric vs. Asymmetric Cryptography
Important Examples
2 Key Management
Key Setup
Key Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 15 / 24
Key Management Key Setup
Key Generation
The form of the key material depends on its use (e.g., RSA keys are very
different from AES-128 keys). See the relevant standard for details of
format and generation.
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 16 / 24
Key Management Key Setup
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 17 / 24
Key Management Key Setup
Key Exchange
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 18 / 24
Key Management Key Life-Cycle
Key Storage
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 19 / 24
Key Management Key Life-Cycle
Key Expiration
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 20 / 24
Key Management Key Life-Cycle
Key Compromise
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 21 / 24
Final Remarks
Outline
1 Cryptographic Basics
Goals, Algorithms, and Keys
Symmetric vs. Asymmetric Cryptography
Important Examples
2 Key Management
Key Setup
Key Life-Cycle
3 Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 22 / 24
Final Remarks
How to Proceed
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 23 / 24
Final Remarks
Erik Zenner (DTU-MAT) Cryptography and Key Management Basics DTU, Oct. 23, 2007 24 / 24