Cryptography Reference
In-Depth Information
Chapter 16
Key Establishment
In this chapter, we elaborate on some cryptographic protocols that two entities can
use to establish a shared secret key. More specifically, we introduce the topic in
Section 16.1, elaborate on key distribution and key agreement protocols in Sections
16.2 and 16.3, address quantum cryptography in Section 16.4, and conclude with
some final remarks in Section 16.5. Note that this chapter is not complete in
the sense that there are many key establishment protocols that are not addressed.
A comprehensive overview is given in [1]. Also note that the problem of key
establishment can also be considered if more than two entities are involved. In
this case, however, the corresponding cryptographic key establishment protocols are
much more involved (see, for example, [2]). Again, these protocols are not addressed
in this topic.
16.1
INTRODUCTION
In Section 2.3.3, we argued that the establishment of secret keys is a major problem
and the Achilles' heel for the large-scale deployment of secret key cryptography, and
that there are basically two approaches to address the key establishment problem:
1. The use of a KDC, such as Kerberos [3];
2. The use of a key establishment protocol.
We further made a distinction between a key distribution protocol and a key
agreement protocol (both of them representing key establishment protocols).
•
A
key distribution protocol
can be used to securely transmit a secret key (that
is generated locally or otherwise obtained) from one entity to another.