Cryptography Reference
In-Depth Information
Chapter 13
Key Establishment
With the cryptographic mechanisms that we have learned so far, in particular sym-
metric and asymmetric encryption, digital signatures and message authentication
codes (MACs), one can relatively easily achieve the basic security services (cf.
Sect. 10.1.3):
Confidentiality (with encryption algorithms)
Integrity (with MACs or digital signatures)
Message authentication (with MACs or digital signatures)
Non-repudiation (with digital signatures)
Similarly, identification can be accomplished through protocols which make use of
standard cryptographic primitives.
However, all cryptographic mechanisms that we have introduced so far assume
that keys are properly distributed between the parties involved, e.g., between Alice
and Bob. The task of key establishment is in practice one of the most important and
often also most difficult parts of a security system. We already learned some ways
of distributing keys, in particular Diffie-Hellman key exchange. In this chapter we
will learn many more methods for establishing keys between remote parties. You
will learn about the following important issues:
How keys can be established using symmetric cryptosystems
How keys can be established using public-key cryptosystems
Why public-key techniques still have shortcomings for key distribution
What certificates are and how they are used
The role that public-key infrastructures play
Search WWH ::




Custom Search