Cryptography Reference
In-Depth Information
16 .
It is sometimes suggested that a cryptographic key should not be used
unnecessarily, since each use of a key 'exposes' its use to an attacker. Suppose
that a cryptosystem is being used for encryption purposes.
(a) What does an attacker potentially learn each time an encryption key is used?
(b) Our standard assumptions about a cryptosystem suggest that an attacker
knows corresponding pairs of plaintexts and ciphertexts, so do our
standard assumptions contradict in any way this 'principle' of minimising
key exposure?
(c) To what extent do you think that key exposure is a real risk if the
cryptosystem is using AES?
(d) Provide some examples of key management techniques that reduce key
exposure.
17 . There are many different reasons why cryptographic keys need to be changed
from time to time. This can be particularly problematic for long-term keys such
as master keys. Suggest different ways in which an organisation could manage
the process of changing (migrating) from the use of one master key to another.
18 . It will be increasingly important in the future to use resources, including com-
puting resources, as efficiently as possible. Explain what role key management
can play in the 'greening' of information technology.
19 . A 128-bit block cipher can be thought of as a family of 2 128 different
'codebooks' (see Section 1.4.4), each of which defines how to convert any block
of plaintext into a block of ciphertext under one specific key. One way to appear
to avoid having to deal with some 'key management' issues for a particular
hardware device might be to directly implement the 'codebook' corresponding
to a particular key onto the device. Thus the hardware cannot be used with any
block cipher key, but instead has an implementation of the unique version of
the 'block cipher' that arises from one specific key.
(a) In what types of application environment might this be an attractive idea?
(b) What are the disadvantages of such an approach?
(c) Does this approach make 'key management' any easier?
Search WWH ::




Custom Search