11-06-2014, 11:27 AM
Key Management Techniques for Controlling the Distribution and Update of Cryptographic keys
Key Management Techniques.pdf (Size: 140.46 KB / Downloads: 95)
Abstract
Key management plays a fundamental role in
cryptography as the basis for securing cryptographic techniques
providing confidentiality, entity authentication, data origin
authentication, data integrity, and digital signatures. The goal of
a good cryptographic design is to reduce more complex problems
to the proper management and safe-keeping of a small number of
cryptographic keys, ultimately secured through trust in
hardware or software by physical isolation or procedural
controls. Reliance on physical and procedural security (e.g.,
secured rooms with isolated equipment), tamper-resistant
hardware, and trust in a large number of individuals is
minimized by concentrating trust in a small number of easily
monitored, controlled, and trustworthy elements.I.
INTRODUCTION
Systems providing cryptographic services require
techniques for initialization and key distribution as well as
protocols to support on-line update of keying material, key
backup/recovery, revocation, and for managing certificates in
certificate-based systems.
Key management [1] is the set of techniques and
procedures supporting the establishment and maintenance of
keying relationships between authorized parties.
Key management encompasses techniques and procedures
supporting:
Initialization of system users within a domain
Generation, distribution, and installation of keying
material
Controlling the use of keying material.
Update, revocation, and destruction of keying
material and
Storage, backup/recovery, and archival of keying
material.
II. CLASSIFYING KEYS BY ALGORITHM TYPE AND
INTENDED USE
The terminology of Table I is used in reference to keying
material. A symmetric cryptographic system is a system
involving two transformations – one for the originator and one
for the recipient – both of which make use of either the same
secret key (symmetric key) or two keys easily computed from
each other. An asymmetric cryptographic system is a system
involving two related transformations – one defined by a
public key (the public transformation), and another defined by
a private key (the private transformation) with the property
that it is computationally infeasible to determine the private
transformation from the public transformation.
TABLE I PRIVATE, PUBLIC, SYMMETRIC AND SECRET KEYS
Term Meaning
private key, public key
paired keys in an asymmetric
cryptographic system
symmetric key key in a symmetric (single-key)
cryptographic system
secret adjective used to describe private
or symmetric key
Table II indicates various types of algorithms commonly
used to achieve the specified cryptographic objectives. Keys
associated with these algorithms may be correspondingly
classified, for the purpose of controlling key usage .The
classification given requires specification of both the type of
algorithm (e.g., encryption vs. signature) and the intended use
(e.g., confidentiality vs. entity authentication).