Protocol

• An orderly sequence of steps agreed upon by two or more parties in order to accomplish a task
• Characteristics of a good protocol
• established in advance
• all parties agree on it
• easy to understand
• complete -- covers all that needs to be covered

Key Management Protocols

• Key Exchange
• done with or without a neutral third party
• Key Distribution
• uses a Centralized Key Distributor
• Key Escrow
• trusted agency holds copies of keys

Diffie-Hellman

• How to establish a secret key in public view
• 1. A and B exchange two numbers p and g
• 2. Each chooses a 512-bit number and keeps it secret
• 3. Each raises g to its secret number mod p
• 4. They exchange these values and raise them to their secret numbers
• 5. They now have the same secret key with only one exchange

The Bucket Brigade Attack

• A sends g^KA mod p to B, but it is intercepted by X who sends g^Kx mod p to B
• B sends g^KB mod p to A, but it is intercepted by X who sends g^Kx mod p to A
• X now shares a secret key with both A and B who are unaware of X
• X now intercepts the messages between A and B before passing them on

Authentication with Digital Signatures

• A and B can use digital signatures to expose X
• Properties of digital signatures
• unforgeable
• authentic
• can’t be changed once sent
• not reusable
• prevent repudiation

Key Distribution Protocols

• Key Distribution Center
• Session keys or longer term secret keys
• session keys are for one session use only
• Can use secret key or public key protocols
• can use authentication
• Kerberos
• KDC can also distribute public keys

Key Escrow

• Encryption keys are escrowed to trustworthy agencies
• Requirements for a key escrow protocol
• encrypting source must be identified
• the key is not identified
• key retrievable under the k of n protocol

Clipper Encryption Protocol

• Strong public reaction to the Clipper program expressed concerns
• loss of privacy from potential government intrusion
• unreleased algorithm
• For Clipper k = n = 2
• Skipjack algorithm uses an 80-bit key so is considered safe for at least 36 years

Using Computers to Hold Elections

• Necessary to have untraceable, but legitimate communications
• Requirements
• only authorized users
• each user can vote only once
• votes are private and secret
• Protocol uses public key encryption system