欢迎来到天天文库
浏览记录
ID:41324844
大小:270.31 KB
页数:30页
时间:2019-08-22
《KeyDistribution-SouthernMethodistUniversity-World密钥分配-南卫理公会大学-世界》由会员上传分享,免费在线阅读,更多相关内容在教育资源-天天文库。
1、KeyDistributionSMUCSE5349/7349WheretoPutEncryption?LinklevelVulnerablelinksequippedwithencryptiondevicesonbothsidesNeedslargenumberofdevicesNeedsdecryptiontoperformroutingEnd-to-endCarriedoutattheendsystemsCanencryptonlythedataportionandnottheheaderSMUCSE5349/7349Linkvs.End-to
2、-EndKeyDistributionLinkkeysmustbedistributedtoeachpairoflinkendpointsinadvanceRelativelyeasytodistributesecurelyFore-t-e,mustgenerateanddistributemanykeys,ofteninrealtimeSMUCSE5349/7349LogicalPlacementApplicationlayerTransportlayerNetworklayerLinklayerSMUCSE5349/7349TrafficAna
3、lysisBothtechniqueshideuserdata(payload)LinkencryptionHidesaddressinformationBufferscleardataineachnodeE-T-EencryptionLeavesaddressesintheclearNoneedtobufferdecryptedpayloadUsebothtechniques?SMUCSE5349/7349TrafficAnalysisIdentitiesofcommunicatingpartnersFrequencyofcommunicatio
4、nMessagepatterns,e.g.,length,quantity,(encrypted)contentCorrelationbetweenmessagesandrealworldeventsCan(sometimes)bedefeatedthroughtrafficpaddingSMUCSE5349/7349CovertChannelsEssentially,thedualoftrafficanalysisUsuallyintendedtoviolateordefeatasecuritypolicyExamplesMessagelengt
5、hMessagecontentMessagepresenceSMUCSE5349/7349KeyDistributionMostimportantcomponentinsecuretransmission.Options:(betweenAandB).AselectsakeyandphysicallydeliversittoB.Atrustedthirdpartykeydistributioncenter(KDC)selectsakeyandphysicallydeliversittoAandB.IfAandBalreadyhavehaveavia
6、blekey,itcanbeusedtodistributeanewkey.IfAandBhaveasecurelinktoKDC,canreceivethekeythroughthatchannel.SMUCSE5349/7349KeyDistribution(cont’d)Manualdeliveryisstraightforwardforlinkencryption,challengingforE-T-EThenumberofkeysgrowsquadraticallywiththenumberofendpoints(n*(n-1)/2)Fu
7、rthercomplexityforapplication/userlevelencryptionKDCagoodalternativeOnlynmasterkeysrequiredSMUCSE5349/7349DecentralizedDistributionNoneedforKDCtobetrustedandprotectedAnytwonodescanestablishasessionkeyNeedsn(n-1)/2masterkeysCangenerateanynumberofsessionkeysKeydistributionprotoc
8、olSMUCSE5349/7349PublicKeyManagementDistributionofpublickeysP
此文档下载收益归作者所有