Symmetric Key Distribution using Symmetric Encryption | Key Distribution using symmetric encryption

Introduction

When two parties share the same key (i.e. symmetric key) that protect from access by others, the process between two parties that exchanges that key called as symmetric key distribution. If two person wants to communicates with each other via messages or exchange data without interference of other. Two parties/person A and B achieved the key distribution in various ways:

1.  A can select a key and physically deliver it to B.

2.  A third party can select the key and physically deliver it to A and B.

3. If A and B have previously and recently used a key, one party can transmit the new key to the other, encrypted using the old key.

4. If A and B each has an encrypted connection to a third-party C, C can deliver a key on the encrypted links to A and B.

Options 1 and 2 calls for manual delivery of a key to the users. In manual delivery of key is difficult in a wide-area distributed system. Returning to our list, option 3 is a possibility for either link encryption or end-to-end encryption, but if an attacker ever succeeds in gaining access to one key, then all subsequent keys will be revealed.  For end-to-end encryption some variation on option 4 has been widely adopted. In this scheme, a key distribution centre responsible for distributing keys to pairs of users (hosts, processes, applications) as needed. Each user must share a unique key with the distribution centre for purposes of key distribution.

The use of a key distribution centre is based on the use of a hierarchy of keys. At a minimum, two levels of keys are used (show in Figure). Communication between end systems is encrypted using a temporary key, often referred to as a session key. Typically, the session key is used for the duration of a logical connection, such as a frame relay connection or transport connection, and then discarded. Each session key is obtained from the key distribution centre over the same networking facilities used for end-user communication. Accordingly, session keys are transmitted in encrypted form, using a master key that is shared by the key distribution centre and an end system or user.

 

Key distribution Scenario

The key distribution concept can be deployed in a number of ways. A typical scenario is illustrated in Figure.

Figure: Key Distribution Scenario

The scenario assumes that each user shares a unique master key with the key distribution centre (KDC). Let us assume that user A wishes to establish a logical connection with B and requires a one-time session key to protect the data transmitted over the connection. User A has a master key, Ka, known only to itself and the KDC; similarly, User B shares the master key K_b with the KDC.  Let us discuss all steps…

Step – 1: A issues a request to the KDC for a session key to protect a logical connection to B.  

ID_A || ID_B || N₁

The message includes the identity of A and B and a unique identifier, N1, for this transaction, which we refer to as a nonce.  The nonce may be a timestamp, a counter, or a random number; the minimum requirement is that it differs with each request.  Also, to prevent masquerade, it should be difficult for an opponent to guess the nonce. Thus, a random number is a good choice for a nonce.

Step – 2: The KDC responds with a message encrypted using K_a. Thus, A is the only one who can successfully read the message, and A knows that it originated at the KDC.

E (K_a, [K_s || ID_A || ID_B || N₁]) || E (K_b, [K_s || ID_A])

The message includes two items intended for A: The one-time session key, K_s, to be used for the session. The original request message, including the nonce, to enable A to match this response with the appropriate request. Thus, A can verify that its original request was not altered before reception by the KDC and, because of the nonce. In addition, the message includes two items intended for B: The one-time session key, K_s, to be used for the session. An identifier of A (e.g., its network address), ID_A These last two items are encrypted with K_b(the master key that the KDC shares with B).They are to be sent to B to establish the connection and prove A’s identity.

Step – 3: A stores the session key for use in the upcoming session and forwards to B the information that originated at the KDC for B, namely, E (K_b, [K_s || ID_A]). Because this information is encrypted with Kb, it is protected from eavesdropping. B now knows the session key (K_s), knows that the other party is A (from IDA), and knows that the information originated at the KDC (because it is encrypted using K_b). At this point, a session key has been securely delivered to A and B, and they may begin their protected exchange.

Step – 4: Using the newly minted session key for encryption, B sends a nonce, N₂, to A. E (K_s, N₂).

Step – 5: Also, using K_s, A responds with f (N₂), where f is a function that performs some transformation on N₂ (e.g., adding one). E (K_s, f (N₂)).

Now, we will discuss symmetric key distribution technique using symmetric encryption. There are 4 different methods are used: Hierarchical Key Control, Session key life time, A transperant key control scheme, Decentralized key control.

Hierarchical key control

It is not necessary to limit the key distribution function to a single KDC. Indeed, for very large networks, single KDC is not enough to distribute keys among all users. As an alternative, a hierarchy of KDCs can be established.

Figure: Hierarchical Key Control

For example, there can be local KDCs, each responsible for a small domain of the overall internetwork, such as a single LAN or a single building. For communication among entities within the same local domain, the local KDC is responsible for key distribution. If two entities in different domains desire a shared key, then the corresponding local KDCs can communicate through a global KDC. In this case, any one of the three KDCs involved can actually select the key. The hierarchical concept can be extended to three or even more layers, depending on the size of the number of users and the geographic scope of the internetwork.

 

Session key life time

The more frequently session keys are exchanged, the more secure they are, because the attacker has to capture session key every time to decrypt cipher text.  Short session key life time à Key exchange frequently & more secure. Long session key life time à Reduce Key exchange time & less network bandwidth used. For connection-oriented protocols, new session key for each new connection. Update key periodically, if the connection has long time. For connection less protocols, not to use a new key for each session but use a given session key for a fixed period of time.

 

A transparent key control scheme

The steps involved in establishing a connection are shown in figure.  When one host wants to set up a connection to another host, it transmits a connection - request packet (step 1).

Figure: A Transperant Key Control

The SSM (Session security module) saves that packet and applies to the KDC for permission to establish the connection (step 2).  The communication between the SSM and the KDC is encrypted using a master key shared only by this SSM and the KDC. If the KDC approves the connection request, it generates the session key and delivers it to the two appropriate SSMs, using a unique permanent key for each SSM (step 3). The requesting SSM can now release the connection request packet, and a connection is set up between the two end systems (step 4).  All user data exchanged between the two end systems are encrypted by their respective SSMs using the onetime session key.

Decentralized Key Control

Decentralized key control is not practical for larger networks using symmetric encryption only, it may be useful within a local context. A session key may be established with the following sequence of steps:

Figure: Decentralized Key Control

Step – 1: A issues a request to B for a session key and includes a nonce, N₁.

Step – 2: B responds with a message that is encrypted using the shared master key. The response includes the session key selected by B, an identifier of B, the value f(N₁), and another nonce, N₂.

Step – 3: Using the new session key, A returns f(N₂) to B.

To learn more about Symmetric Key Distribution using Symmetric Encryption, Click here

   Watch more videos click here.