Key Establishment Protocols

Contents in Brief

  • 12.1 Introduction.............................489
  • 12.2 Classification and framework....................490
  • 12.3 Key transport based on symmetric encryption...........497
  • 12.4 Key agreement based on symmetric techniques..........505
  • 12.5 Key transport based on public-key encryption...........506
  • 12.6 Key agreement based on asymmetric techniques..........515
  • 12.7 Secret sharing............................524
  • 12.8 Conference keying .........................528
  • 12.9 Analysis of key establishment protocols ..............530
  • 12.10 Notes and further references....................534

Introduction

This chapter considers key establishment protocols and related cryptographic techniques which provide shared secrets between two or more parties, typically for subsequent use as symmetric keys for a variety of cryptographic purposes including encryption, message authentication, and entity authentication. The main focus is two-party key establishment, with the aid of a trusted third party in some cases. While many concepts extend naturally to multi-party key establishment including conference keying protocols, such protocols rapidly become more complex, and are considered here only briefly, as is the related area of secret sharing. Broader aspects of key management, including distribution of public keys, certificates, and key life cycle issues, are deferred to Chapter 13.

Relationships to other cryptographic techniques. Key establishment techniques known as key transport mechanisms directly employ symmetric encryption (Chapter 7) or public- key encryption (Chapter 8). Authenticated key transport may be considered a special case of message authentication (Chapter 9) with privacy, where the message includes a cryptographic key. Many key establishment protocols based on public-key techniques employ digital signatures (Chapter 11) for authentication. Others are closely related to techniques for identification (Chapter 10).

Chapter outline

The remainder of this chapter is organized as follows. §12.2 provides background material including a general classification, basic definitions and concepts, and a discussion of objectives. §12.3 and §12.4 discuss key transport and agreement protocols, respectively, based on symmetric techniques; the former includes several protocols involving an on-line trusted third party. §12.5 and §12.6 discuss key transport and agreement protocols, respectively, based on asymmetric techniques; the former includes protocols based on public-key encryption, some of which also employ digital signatures, while the latter includes selected variations of Diffie-Heilman key agreement. §12.7 and §12.8 consider secret sharing and conference keying, respectively. §12.9 addresses the analysis of key establishment protocols and standard attacks which must be countered. §12.10 contains chapter notes with references.

The particular protocols discussed provide a representative subset of the large number of practical key establishment protocols proposed to date, selected according to a number of criteria including historical significance, distinguishing merits, and practical utility, with particular emphasis on the latter.

 
Source
< Prev   CONTENTS   Source   Next >