Key Management and the Public-Key Revolution

2014 ◽  
pp. 379-394
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public

Key Management

2011 ◽  
pp. 88-113
Author(s):  
Chuan-Kun Wu
Keyword(s):  
Secret Sharing ◽  
Key Management ◽  
Key Agreement ◽  
Public Key ◽  
Key Escrow ◽  
The Public ◽  
Cryptographic Algorithm ◽  
Diffie Hellman ◽  
Public Networks ◽  
Active Attacks

In secure communications, key management is not as simple as metal key management which is supposed to be in a key ring or simply put in a pocket. Suppose Alice wants to transmit some confidential information to Bob over the public networks such as the Internet, Alice could simply encrypt the message using a known cipher such as AES, and then transmit the ciphertext to Bob. However, in order to enable Bob to decrypt the ciphertext to get the original message, in traditional cipher system, Bob needs to have the encryption key. How to let Alice securely and efficiently transmit the encryption key to Bob is a problem of key management. An intuitive approach would be to use a secure channel for the key transmission; this worked in earlier years, but is not a desirable solution in today’s electronic world. Since the invention of public key cryptography, the key management problem with respect to secret key transmission has been solved, which can either employ the Diffie-Hellman key agreement scheme or to use a public key cryptographic algorithm to encrypt the encryption key (which is often known as a session key). This approach is secure against passive attacks, but is vulnerable against active attacks (more precisely the man-in-the-middle attacks). So there must be a way to authenticate the identity of the communication entities. This leads to public key management where the public key infrastructure (PKI) is a typical set of practical protocols, and there is also a set of international standards about PKI. With respect to private key management, it is to prevent keys to be lost or stolen. To prevent a key from being lost, one way is to use the secret sharing, and another is to use the key escrow technique. Both aspects have many research outcomes and practical solutions. With respect to keys being stolen, another practical solution is to use a password to encrypt the key. Hence, there are many password-based security protocols in different applications. This chapter presents a comprehensive description about how each aspect of the key management works. Topics on key management covered by this chapter include key agreement, group-based key agreement and key distribution, the PKI mechanisms, secret sharing, key escrow, password associated key management, and key management in PGP and UMTS systems.

Security of Identity-Based Encryption Algorithms

2018 ◽  
pp. 4975-4984
Author(s):  
Kannan Balasubramanian ◽  
M. Rajakani
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public ◽  
Private Key ◽  
Identity Based Encryption ◽  
Public Keys ◽  
Identity Based ◽  
Encryption Algorithms ◽  
Encrypted Communication ◽  
E Mail

The concept of Identity Based Cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP Addresses to form public keys with the corresponding private keys being created by the Trusted Authority(TA) who is in possession of a system-wide master secret. Then a party, Alice who wants to send encrypted communication to Bob need only Bob's identifier and the system-wide public parameters. Thus the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the system-wide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Security of Identity-Based Encryption Algorithms

2019 ◽  
pp. 312-325
Author(s):  
Kannan Balasubramanian ◽  
M. Rajakani
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public ◽  
Private Key ◽  
Identity Based Encryption ◽  
Public Keys ◽  
Identity Based ◽  
Encryption Algorithms ◽  
Encrypted Communication ◽  
E Mail

The concept of identity-based cryptography introduced the idea of using arbitrary strings such as e-mail addresses and IP addresses to form public keys with the corresponding private keys being created by the trusted authority (TA) who is in possession of a systemwide master secret. Then a party, Alice, who wants to send encrypted communication to Bob need only Bob's identifier and the systemwide public parameters. Thus, the receiver is able to choose and manipulate the public key of the intended recipient which has a number of advantages. While IBC removes the problem of trust in the public key, it introduces trust in the TA. As the TA uses the systemwide master secret to compute private keys for users in the system, it can effectively recompute a private key for any arbitrary string without having to archive private keys. This greatly simplifies key management as the TA simply needs to protect its master secret.

Key Management

2013 ◽  
pp. 728-753
Author(s):  
Chuan-Kun Wu
Keyword(s):  
Secret Sharing ◽  
Key Management ◽  
Key Agreement ◽  
Public Key ◽  
Key Escrow ◽  
The Public ◽  
Cryptographic Algorithm ◽  
Diffie Hellman ◽  
Public Networks ◽  
Active Attacks

In secure communications, key management is not as simple as metal key management which is supposed to be in a key ring or simply put in a pocket. Suppose Alice wants to transmit some confidential information to Bob over the public networks such as the Internet, Alice could simply encrypt the message using a known cipher such as AES, and then transmit the ciphertext to Bob. However, in order to enable Bob to decrypt the ciphertext to get the original message, in traditional cipher system, Bob needs to have the encryption key. How to let Alice securely and efficiently transmit the encryption key to Bob is a problem of key management. An intuitive approach would be to use a secure channel for the key transmission; this worked in earlier years, but is not a desirable solution in today’s electronic world. Since the invention of public key cryptography, the key management problem with respect to secret key transmission has been solved, which can either employ the Diffie-Hellman key agreement scheme or to use a public key cryptographic algorithm to encrypt the encryption key (which is often known as a session key). This approach is secure against passive attacks, but is vulnerable against active attacks (more precisely the man-in-the-middle attacks). So there must be a way to authenticate the identity of the communication entities. This leads to public key management where the public key infrastructure (PKI) is a typical set of practical protocols, and there is also a set of international standards about PKI. With respect to private key management, it is to prevent keys to be lost or stolen. To prevent a key from being lost, one way is to use the secret sharing, and another is to use the key escrow technique. Both aspects have many research outcomes and practical solutions. With respect to keys being stolen, another practical solution is to use a password to encrypt the key. Hence, there are many password-based security protocols in different applications. This chapter presents a comprehensive description about how each aspect of the key management works. Topics on key management covered by this chapter include key agreement, group-based key agreement and key distribution, the PKI mechanisms, secret sharing, key escrow, password associated key management, and key management in PGP and UMTS systems.

Key Management and the Public-Key Revolution

2020 ◽  
pp. 385-400
Author(s):  
Jonathan Katz ◽  
Yehuda Lindell
Keyword(s):  
Key Management ◽  
Public Key ◽  
The Public

Performance and Scalability Assessment for Non-Certificate-Based Public Key Management in VANETs

2012 ◽  
Vol 6 (1) ◽  
pp. 33-56 ◽  
Author(s):  
Pei-Yuan Shen ◽  
Maolin Tang ◽  
Vicky Liu ◽  
William Caelli
Keyword(s):  
Key Management ◽  
Vehicular Ad Hoc Networks ◽  
Ad Hoc ◽  
Comprehensive Evaluation ◽  
Public Key ◽  
Secure Messaging ◽  
Evaluation Of Performance ◽  
Management Regime ◽  
Verification Process ◽  
Hoc Networks

Current research in secure messaging for Vehicular Ad hoc Networks (VANETs) focuses on employing a digital certificate-based Public Key Cryptosystem (PKC) to support security. However, the security overhead of such a scheme creates a transmission delay and introduces a time-consuming verification process to VANET communications. This paper proposes a non-certificate-based public key management for VANETs. A comprehensive evaluation of performance and scalability of the proposed public key management regime is presented, which is compared with a certificate-based PKC by employing a number of quantified analyses and simulations. In this paper, the authors demonstrate that the proposal can maintain security and assert that it can improve overall performance and scalability at a lower cost, compared with certificate-based PKC. The proposed scheme adds a new dimension to key management and verification services for VANETs.

scholarly journals BESTIE: Broadcast Encryption Scheme for Tiny IoT Equipment

Electronics ◽  
2020 ◽  
Vol 9 (9) ◽  
pp. 1389
Author(s):  
Jiwon Lee ◽  
Jihye Kim ◽  
Hyunok Oh
Keyword(s):  
The Other ◽  
Public Key ◽  
Broadcast Encryption ◽  
Encryption Scheme ◽  
The Public ◽  
Private Key ◽  
Diffie Hellman ◽  
The Standard Model ◽  
Encryption Decryption ◽  
Subset Difference

In public key broadcast encryption, anyone can securely transmit a message to a group of receivers such that privileged users can decrypt it. The three important parameters of the broadcast encryption scheme are the length of the ciphertext, the size of private/public key, and the performance of encryption/decryption. It is suggested to decrease them as much as possible; however, it turns out that decreasing one increases the other in most schemes. This paper proposes a new broadcast encryption scheme for tiny Internet of Things (IoT) equipment (BESTIE), minimizing the private key size in each user. In the proposed scheme, the private key size is O(logn), the public key size is O(logn), the encryption time per subset is O(logn), the decryption time is O(logn), and the ciphertext text size is O(r), where n denotes the maximum number of users, and r indicates the number of revoked users. The proposed scheme is the first subset difference-based broadcast encryption scheme to reduce the private key size O(logn) without sacrificing the other parameters. We prove that our proposed scheme is secure under q-Simplified Multi-Exponent Bilinear Diffie-Hellman (q-SMEBDH) in the standard model.

Sign in / Sign up

Export Citation Format

Share Document