Embed Size (px)
Citation preview
Practices in Security Practices in Security
Bruhadeshwar BezawadaBruhadeshwar Bezawada
Key ManagementKey Management
Set of techniques and procedures supporting Set of techniques and procedures supporting the establishment and maintenance of keying the establishment and maintenance of keying relationships between authorized partiesrelationships between authorized parties Initialization of system users within a domainInitialization of system users within a domain Generation, distribution, and installation of keying Generation, distribution, and installation of keying
materialmaterial Controlling the use of keying materialControlling the use of keying material Update, revocation and destruction of keying Update, revocation and destruction of keying
materialmaterial Storage, backup/recovery, and archival of keying Storage, backup/recovery, and archival of keying
materialmaterial
Types Key ManagementTypes Key Management
Automated Key ManagementAutomated Key Management More than N^2 KeysMore than N^2 Keys Stream cipherStream cipher Initialization vectors are usedInitialization vectors are used Large amount of data needs to be encrypted in short Large amount of data needs to be encrypted in short
amount of timeamount of time Long term session keys are used in multicast sessionsLong term session keys are used in multicast sessions Frequent change in session key is expectedFrequent change in session key is expected
Manual key managementManual key management Environment has limited bandwidth or high RTTEnvironment has limited bandwidth or high RTT Information has low valueInformation has low value Total volume of traffic is very lowTotal volume of traffic is very low Scale of each deployment is very limitedScale of each deployment is very limited
Cryptographic PrimitivesCryptographic Primitives
Hash FunctionsHash Functions Symmetric key algorithmsSymmetric key algorithms Asymmetric key algorithmsAsymmetric key algorithms
Cryptographic primitivesCryptographic primitives
Hash functions do not require keys, Hash functions do not require keys, provideprovide data authentication and integrity servicesdata authentication and integrity services compression of messages for digital compression of messages for digital
signature and verificationsignature and verification derivation of keys in key establishment derivation of keys in key establishment
algorithmsalgorithms generate deterministic random numbersgenerate deterministic random numbers
Cryptographic primitivesCryptographic primitives
Symmetric key algorithms require the Symmetric key algorithms require the same key across all operations, same key across all operations, provide provide data confidentialitydata confidentiality authentication and integrity in the form of authentication and integrity in the form of
MACsMACs key establishmentkey establishment generation of deterministic random generation of deterministic random
numbersnumbers
Cryptographic primitivesCryptographic primitives
Asymmetric key, public key algorithms, Asymmetric key, public key algorithms, enableenable digital signaturesdigital signatures establish cryptographic keying materialestablish cryptographic keying material generate random numbersgenerate random numbers
Exercise : Enumerate all hash functions, all Exercise : Enumerate all hash functions, all symmetric key ciphers and all public-key symmetric key ciphers and all public-key crypto systems available currently. crypto systems available currently. Differentiate between commercially available Differentiate between commercially available and non-commercial algorithmsand non-commercial algorithms
Types of keysTypes of keys
Private signature key (public-private Private signature key (public-private keys)keys)
Public signature verification keysPublic signature verification keys Symmetric authentication keySymmetric authentication key Private authentication keyPrivate authentication key Public authentication keysPublic authentication keys Symmetric data encryption keySymmetric data encryption key
TypesTypes
Symmetric and asymmetric random Symmetric and asymmetric random number generation keysnumber generation keys
Symmetric master keySymmetric master key Private key transport keyPrivate key transport key Public key transport keyPublic key transport key Symmetric key agreement key (also, Symmetric key agreement key (also,
key wrapping key)key wrapping key)
TypesTypes
Private ephemeral key agreement Private ephemeral key agreement keykey
Public ephemeral key agreement keyPublic ephemeral key agreement key Symmetric authorization keysSymmetric authorization keys Private authorization keyPrivate authorization key Public authorization keyPublic authorization key
General Terms in Key General Terms in Key ManagementManagement
Key registrationKey registration Key revocationKey revocation Key transportKey transport Key updateKey update Key derivationKey derivation Key confirmationKey confirmation Key establishmentKey establishment Key agreementKey agreement
TermsTerms
Registration authorityRegistration authority Security domainSecurity domain Self-signed certificateSelf-signed certificate
Valuable Information in Valuable Information in Addition to Cryptographic KeysAddition to Cryptographic Keys
Domain parametersDomain parameters Initialization vectors, shared secrets, Initialization vectors, shared secrets,
RNG seeds, nonces, random numbersRNG seeds, nonces, random numbers Intermediate resultsIntermediate results Key control informationKey control information PasswordsPasswords Audit informationAudit information
CryptoperiodsCryptoperiods
Time span during which a specific key is Time span during which a specific key is authorized for use by legitimate entities, or authorized for use by legitimate entities, or the keys for a given system will remain in the keys for a given system will remain in effect. A good cryptoperiodeffect. A good cryptoperiod Limits amount of information protected by a Limits amount of information protected by a
given key from disclosuregiven key from disclosure Limits amount of exposure if a single key is Limits amount of exposure if a single key is
compromisedcompromised Limits use of particular algorithm to its estimated Limits use of particular algorithm to its estimated
effective lifetimeeffective lifetime limits time available to penetrate physical, limits time available to penetrate physical,
procedural, and logical access mechanisms that procedural, and logical access mechanisms that protect a keyprotect a key
Risk Factors to Consider for Risk Factors to Consider for CryptoperiodsCryptoperiods
Strength of cryptographic implementationsStrength of cryptographic implementations Operating environment, secure limited Operating environment, secure limited
access, open office or public terminalaccess, open office or public terminal Volume of information or transactionsVolume of information or transactions Security objectiveSecurity objective Re-keying methodRe-keying method Number of nodes sharing the key/copies of Number of nodes sharing the key/copies of
the keythe key Threat to informationThreat to information
Other Factors Affecting Other Factors Affecting CryptoperiodsCryptoperiods
Communication vs StorageCommunication vs Storage E.g., keys used for online transactions are E.g., keys used for online transactions are
likely to have smaller cryptoperiodslikely to have smaller cryptoperiods Keys used for storage will have higher, as cost Keys used for storage will have higher, as cost
of re-encryption is highof re-encryption is high Cost of Key Revocation and ReplacementCost of Key Revocation and Replacement
Changing keys can be an expensive processChanging keys can be an expensive process Encryption of large databasesEncryption of large databases Revocation of large number of keysRevocation of large number of keys Expensive security measures are justified for such Expensive security measures are justified for such
cases as the cryptoperiod can be made highcases as the cryptoperiod can be made high
Factors Affecting Public Factors Affecting Public KeysKeys
Private keys may have longer cryptoperiods Private keys may have longer cryptoperiods than public-keys when used for confidentialitythan public-keys when used for confidentiality
When used for challenge (dynamic) When used for challenge (dynamic) authentication both public and private keys authentication both public and private keys can have the same cryptoperiodcan have the same cryptoperiod
When used for digital signatures public keys When used for digital signatures public keys can have longer cryptoperiods than private can have longer cryptoperiods than private keys as they will be necessary to verify keys as they will be necessary to verify certificatescertificates
Cryptoperiods for Different Cryptoperiods for Different KeysKeys
Private signature key (public-private keys)Private signature key (public-private keys) 1-3years1-3years
Public signature verification keysPublic signature verification keys Symmetric authentication keySymmetric authentication key
2-3 years2-3 years Private authentication keyPrivate authentication key
1-2years1-2years Public authentication keysPublic authentication keys
1-2years1-2years Symmetric data encryption keySymmetric data encryption key
3years3years
Cryptoperiods for Different Cryptoperiods for Different KeysKeys
Symmetric and asymmetric random Symmetric and asymmetric random number generation keysnumber generation keys Depends on the RNG techniqueDepends on the RNG technique
Symmetric master keySymmetric master key 1 year1 year
Private and Public key transport keysPrivate and Public key transport keys Private 2years, public 1-2 yearsPrivate 2years, public 1-2 years
Symmetric key agreement key (also, key Symmetric key agreement key (also, key wrapping key)wrapping key) 1-2years1-2years
Cryptoperiods for Different Cryptoperiods for Different KeysKeys
Private and public ephemeral key Private and public ephemeral key agreement keyagreement key Time required to complete the key Time required to complete the key
agreement protocolagreement protocol Symmetric authorization keysSymmetric authorization keys
2years2years Private and Public authorization keysPrivate and Public authorization keys
2years2years
Other ParametersOther Parameters
Domain parameters stay for the cryptoperiodDomain parameters stay for the cryptoperiod IV is associated with the information and IV is associated with the information and
stays as long as the information is heldstays as long as the information is held Shared secrets are destroyed as soon as the Shared secrets are destroyed as soon as the
necessary key derivations are completenecessary key derivations are complete RNG seeds are destroyed immediatelyRNG seeds are destroyed immediately Intermediate results are destroyed Intermediate results are destroyed
immediatelyimmediately
Algorithms, Key Sizes and Algorithms, Key Sizes and StrengthsStrengths
Factors to be Considered For Factors to be Considered For Design of New SystemDesign of New System
Sensitivity of information and system lifetimeSensitivity of information and system lifetime Algorithm selectionAlgorithm selection System design wrt performance and securitySystem design wrt performance and security Pre-implementation evaluationPre-implementation evaluation TestingTesting TrainingTraining System implementation and transitionSystem implementation and transition Post-implementation evaluationPost-implementation evaluation
