Key management

Key management is the management of cryptographic keys in a cryptosystem. This includes dealing with the generation, exchange, storage, use, and replacement of keys. It includes cryptographic protocol design, key servers, user procedures, and other relevant protocols.

Key management concerns keys at the user level, either between users or systems. This is in contrast to key scheduling; key scheduling typically refers to the internal handling of key material within the operation of a cipher.

Successful key management is critical to the security of a cryptosystem. In practice it is arguably the most difficult aspect of cryptography because it involves system policy, user training, organizational and departmental interactions, and coordination between all of these elements.

Contents

Types of keys

Cryptographic systems may use different types of keys, with some systems using more than one. These may include symmetric keys or asymmetric keys. In a symmetric key algorithm the keys involved are identical for both encrypting and decrypting a message. Keys must be chosen carefully, and distributed and stored securely. Asymmetric keys, in contrast, are two distinct keys that are mathematically linked. They are typically used in conjunction to communicate.

Key exchange

Prior to any secured communication, users must setup the details of the cryptography. In some instances this may require exchanging identical keys (in the case of a symmetric key system). In others it may require possessing the other party's public key. While public keys can be openly exchanged (their corresponding private key is kept secret), symmetric keys must be exchanged over a secure communication channel. Formerly, exchange of such a key was extremely troublesome, and was greatly eased by access to secure channels such as a diplomatic bag. Clear text exchange of symmetric keys would enable any interceptor will immediately learn the key, and any encrypted data.

The advance of public key cryptography in the 1970s has made the exchange of keys less troublesome. Since the Diffie-Hellman key exchange protocol was published in 1975, it has become possible to exchange a key over an insecure communications channel, which has substantially reduced the risk of key disclosure during distribution. It is possible, using something akin to a book code, to include key indicators as clear text attached to an encrypted message. The encryption technique used by Richard Sorge's code clerk was of this type, referring to a page in a statistical manual, though it was in fact a code. The German Army Enigma symmetric encryption key was a mixed type early in its use; the key was a combination of secretly distributed key schedules and a user chosen session key component for each message.

In more modern systems, such as OpenPGP compatible systems, a session key for a symmetric key algorithm is distributed encrypted by an asymmetric key algorithm. This approach avoids even the necessity for using a key exchange protocol like Diffie-Hellman key exchange.

A more complex method of key exchange involves encapsulating one key within another. It's not clear that this increase security for if one key can be securely exchanged (the encapsulating key), the encapsulated key can presumably be as well. This technique is usually termed Key Wrap. A common technique uses Block ciphers and cryptographic hash functions.[1]

A related method, also more complicated, is to exchange a master key (sometimes termed a root key), and, as needed, derive subsidiary keys, possible for each session, from that key. As with the key wrapping scheme above, this scheme also offers no obvious benefit, for if the master key can be distributed securely, so might the subsidiary keys. When the availability of secure exchange is intermittent, or when keys must be related to each other (i.e., departmental keys are tied to divisional keys, and individual keys tied to departmental keys) this technique may be useful. However, tying keys to each other increase the damage which may result from a security breach as attackers will learn something about more than one key. This reduces entropy, with regard to an attacker, for each key involved.

Key storage

However distributed, keys must be stored securely to maintain communications security. There are various techniques in use to do so. Likely the most common is that an encryption application manages keys for the user and depends on an access password to control use of the key.

Key use

The major issue is length of key use, and therefore frequency of replacement. Because it increases any attackers required effort, keys should be frequently changed. This also limits loss of information, as the number of stored encrypted messages which will become readable when a key is found will be decrease as the frequency of key change increases. Historically, symmetric keys have been used for long periods in situations in which key exchange was very difficult or only possible intermittently. Ideally, the symmetric key should change with each message or interaction, so that only that message will become readable if the key is learned (e.g., stolen, cryptanalyzed, or social engineered).

Public key infrastructure

A public key infrastructure is a type of key management system that uses hierarchical digital certificates to provide authentication, and public keys to provide encryption. PKIs are used in world wide web traffic, commonly in the form of SSL.

Multicast Group Key Management

Group Key Management means managing the keys in a group communication. Most of the group communications use multicast communication because if the message is sent once by the sender, it will be received by all the users. Main problem in multicast group communication is its security. In order to improve the security, various keys are given to the users. Using the keys the users can encrypt their messages and send secretly.

See also

References

  1. ^ http://www.crypto.rub.de/its_seminar_ws0809.html

External links