Authentication and key distribution
- main content
- 7.1 Authentication Protocol
- 7.1.1 Needham-Schroeder mutual authentication protocol
- NS mutual authentication and key agreement of the allocation process:
- Difficult to achieve replay attack
- 7.1.2 modified Needham-Schroeder protocol
- 7.1.3 one-way authentication protocol
- 7.2 Key Distribution Agreement
main content
-
Authentication Protocol
- Needham-Schroeder mutual authentication protocol
- Modified Needham-Schroeder protocol
- One-way authentication protocol
-
Key Distribution Agreement
- Symmetric key distribution
- Public key distribution
- Discloses the use of a symmetric key encryption algorithm assigned
Authentication and key distribution role:
-
We can identify the correct identity of the sender identification information , and detects any changes in the information content.
-
For confidential encrypted plaintext is mainly dependent on the secret key :
- Key management involves key generation, distribution, use, storage, backup, recovery and destruction ;
- How to allocate the generated key is a difficult problem in the field of cryptography;
7.1 Authentication Protocol
Identification: establish the identity authentication process between entities, including communications entity authentication and communication content identification.
Identification of vulnerable replay attacks: an attacker sends a destination host has received the package, to achieve the purpose of deceiving the destination host.
• In the worst case: posing as a legitimate party;
• In other cases: to disrupt normal operation.
Against replay attacks now (Nonce)
to identify the message to add a: current (once only):
- Random Number: unpredictable, preferably in the nature, but not for non-connection applications.
- Timestamp: the need for clock synchronization protocol must be fault-tolerant.
- SEQ ID NO: each party must remember the last sequence number of the other parties in communication with, it is difficult to achieve; also requires the system invulnerability.
- Survival
7.1.1 Needham-Schroeder mutual authentication protocol
Mutual authentication: the ability to correctly identify the identity of the communication partner, while exchange session keys used to secure the transmission of information.
Needham-Schroeder protocol for mutual authentication and key distribution :
- Using symmetric encryption system and the key distribution center KDC Technology
- Later, many authentication protocol (such as Kerberos) are based on the NS protocol
Two symmetric encryption structure: need to use a key distribution center KDC trusted
NS mutual authentication and key agreement of the allocation process:
NS protocol implementation:
Step 2: A new secure session key to obtain K S , N . 1 description is not reproduced.
Step 3: The message can only be decrypted B, A demonstrated the other be B, the decrypted packet ID A so that the other confirmed B is A.
Step B 4 described already known K S , Step 5 A B sure know K S , current F (N 2 ) to make sure that B is a new message.
Step 4 and 5 can be prevented to increase the attacker intercepts packets in step 3 and directly reproduced.
Difficult to achieve replay attack
- Suppose the attacker X has been an old session key K S .
- A X fake message reproducing step 3 to induce B using the old session key for communication.
- If X intercepts handshake message in step 4, you can mimic the response A in step 5.
- X may send a fake message to B, and B is thought that A message encrypted using the session key before transmission over distribution.
7.1.2 modified Needham-Schroeder protocol
Denning the NS improved protocol, a time stamp added to the
time stamp of the A and T B is satisfied that the session key K S just produced
An anti-replay authentication protocol
While addressing the replay attacks and "No - replay attack"
so that A may have a follow-up to the certification of B "certificate"
Teacher summary
We focus on talking about the 3.
7.1.3 one-way authentication protocol
First, using a symmetric encryption algorithm
NS can be modified protocol for email way authentication (not require the sender A and the receiver B at the same time online):
can not be an anti-replay attacks, and the time stamp added very limited role.
Second, the use of public encryption algorithm
- To ensure the confidentiality of messages
A → B: E (the PU B , K S ) || E (K S , M) - Implement authentication (digital signatures)
A → B: M || E (PR A , H (M)) (not real) - While achieving authentication and confidentiality
A → B: E (the PU B , [M || E (PR A , H (M))]) - Need to improve the efficiency of the use of digital encryption envelope
A → B: E (the PU B , K S ) || E (K S , [M || E (PR A , H (M))]) (the PGP encryption system)
7.2 Key Distribution Agreement
-
Encryption algorithm is public and international standards, security algorithms can rely on a large number of academic research.
-
Expressly relies on secret keys secret, the key privacy more difficult.
How safe and reliable, quickly and efficiently allocate and manage keys is an important research topic in the field of cryptography.
Key management issues of different nature :
- For symmetric encryption effective for communication parties must share a key, which is obtained by others but also to prevent;
- For public encryption effectively, communicating parties must publish their public key and private key to prevent its access to other people.
Key need frequent replacement, so that the attacker knows the minimum case where the leakage amount of the key data.
Four methods of key distribution :
the first two methods are not suitable for large modern communication connection
- A key selected by physically secure passed to B.
- The trusted third party selected key C, by physically secure delivery to A and B.
- If A and B are encrypted connection to a third party C, C will be transmitted through the connection key to A and B
- the key distribution center KDC, commonly assigned to the symmetric key. - If a third party C has issued the public key of A and B, they may be each other's public key to encrypt communication
- authentication center CA, commonly used in public-key distribution.
Symmetric key distribution 7.2.1
A centralized key distribution scheme
NS protocol problems:
- High traffic volume , the need for better discrimination function to identify the communication party and KDC.
- Multi-master key , single KDC easy to form the bottleneck, can not support large networks.
solution:
- There is a hierarchical relationship between multiple KDC.
- A KDC neither a bottleneck, not a single point of failure.
Second, the distributed key distribution scheme
Using the KDC Key Distribution claim KDC is trusted and should protect it from being destroyed.
solution:
- The dispersed into several single KDC KDC will reduce this risk.
- Furthermore the KDC distributed to all communication parties, namely the communicating parties also KDC, save yourself the master key with all other communication parties.
n communication network side to save [n (n-1) / 2] number of master keys. For small local area networks or large networks, this is feasible.
Public key distribution 7.2.2
Four ways to obtain the public key:
-
Publicly announced public key
PGP public key user can attach itself to a message sent out
- the public key can easily be posing. -
Publicly available directories
by a trusted organization maintains a public directory, maintains a directory entry for each participant {user name, user's public key}
- easily impersonate public key. -
Public key management mechanism
CA authentication of the communicating parties, each entity has a CA public key and obtain the public key by any other communication party CA
- each user needs to get in touch with others to help CA, CA easy to become a bottleneck. -
The public key certificate
CA issue digital certificates for users in advance, just download and verify each other to get their public key certificate user communication, no longer need to contact the CA.
The concept of digital certificates
-
As a trusted third party, CA need to verify the legitimacy of user's public key.
-
CA issuing digital certificates for each user (signed by the CA private keys follow the X.509 standard file containing the public key of the owner of information and its public key). CA's signature allows an attacker can not be forged and tampered with the certificate.
-
The role of digital certificates: user listed in the certificate to prove legally have the corresponding public key.
The use of digital certificates assigned a public key:
7.2.3 using the public encryption key distribution algorithm Symmetric
Allocation using the principles disclosed in the symmetric key encryption algorithm
Assumed that the communication parties A and B have been obtained by some way other public
