10.2 KEY DISTRIBUTION
The traditional role of cryptography is to hide the data in communications. The availability of public data networks meant that large amounts of data might be transmitted over potentially insecure channels. Methods were needed to protect the privacy of such information while at the same time providing relatively open access for users with a need to obtain the information. When the government uses cryptography it provides a secure path using couriers for the distribution of keys.
If N users are connected by a computer network as shown in Figure 10.1, where the network links are insecure, then they might be wiretapped by an opponent. If a single-key cryptosystem is used to encipher data, it is necessary that a key ki,j (i ≠ j) be specified and available for each pair of networked users. It is not feasible in a network of N users for each user to maintain a table of ≈ N2 keys {ki,j}. The problem of key exchange or key distribution is to implement a secure mechanism to make the keys available for each pair of users.
One simple solution uses a trusted authority or key server as proposed by Needham and Schroeder [1978]. Each user has a network-unique (user) identifier and secret key; ID[i] is the identifier of User_ID[i] and K(ID[i]) is User_ID[i]'s secret key. The key server maintains a table with entries (ID[i], K(ID[i])) of the N keys of the users. The key server is responsible for securely maintain this table.
User_ID[i] communicates with the key server an intention ...
Get Computer Security and Cryptography now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
