Cryptography Reference
In-Depth Information
(b) an open key management system supporting public-key (hybrid) cryptog-
raphy to provide email security.
2
. Guidance on key lengths changes over time.
(a) Name two reputable sources for key length recommendations (other than
the ECRYPT recommendations of Table 10.1) and explain why they are
credible sources.
(b) Towhat extent do their recommendations for symmetric key lengths 'match'
the recommendations shown in Table 10.1?
(c) Given a public-key cryptosystem, explain how experts might determine
which key length for this algorithm is 'equivalent' to a symmetric key length
of 128 bits.
3
. Which of the following keys do you think should be the longest:
• a key protecting the PIN of a credit card in a point-of-sale terminal;
• a transaction (session) key protecting a large money transfer between two
banks?
4
. For each of the following, give an example (with justification) of an application
of cryptography where it might make sense to deploy:
(a) a flat key hierarchy with just one level;
(b) a two-level key hierarchy;
(c) a three-level key hierarchy.
5
. UKPT schemes offer support for key management in special application
environments.
(a) Which of the phases of the key management lifecycle shown in Figure 10.1
is a UKPT scheme designed to make more straightforward?
(b) Compare the impacts on the Racal and Derived UKPT schemes in the event
that an attacker compromises a point-of-sale terminal and is able to access
any keys stored in the terminal.
(c) Compare the impacts on the Racal and Derived UKPT schemes if there is a
communication error in the middle of a transaction.
(d) Suggest some key management controls that are designed to overcome
the 'weaknesses' of these two UKPT schemes.
6
. Quantum key establishment technology is at a relatively early stage of maturity.
Explore the 'state of the art' in quantum key establishment by finding out:
(a) What is the longest distance over which a symmetric key has been
established using quantum key establishment?
(b) What are the best current data rates?
(c) Which commercial organisations are selling quantum key establishment
technology?
(d) Which applications are deploying quantum key establishment technology?
