Placement of Encryption Function

Lecture 3

v0.0 CPSC415 Biometrics and Cryptography 1

 Points of Vulnerability

• Adversary can eavesdrop from a

machine on the same LAN
• Adversary can eavesdrop by dialing
into communication server
• Adversary can eavesdrop by gaining
physical control of part of external
links
– twisted pair, coaxial cable, or optical
fiber
– radio or satellite links
v0.0 CPSC415 Biometrics and Cryptography 2
v0.0 CPSC415 Biometrics and Cryptography 3
 Confidentiality using Symmetric
Encryption
• have two major placement alternatives
• link encryption
– encryption occurs independently on every link
– All traffic over all communication links is secured
– implies must decrypt traffic between links because
the switch must read the address in the packet
header
– Each pair of nodes that share a unique key, with a
different key used on each link, many keys.
– Message is vulnerable at each switch
– If working with a public network, the user has not
control over the security of the nodes

v0.0 CPSC415 Biometrics and Cryptography 4

 Confidentiality using Symmetric
Encryption
• end-to-end encryption
– encryption occurs between original source and
final destination
– need devices at each end with shared keys
– Secure the transmission against attacks on the
network links or switches
– “end-to-end principle”
– What part of each packet will the host
encrypt? Header or user data?
– A degree of authentication, only alleged sender
shares the relevant key

v0.0 CPSC415 Biometrics and Cryptography 5

v0.0 CPSC415 Biometrics and Cryptography 6
 Placement of Encryption

• Can place encryption function at various

layers in OSI Reference Model
– link encryption occurs at layers 1 or 2
– end-to-end can occur at layers 3, 4, 6, 7
• If move encryption toward higher layer
– less information is encrypted but is more
secure
– application layer encryption is more complex,
with more entities and need more keys

v0.0 CPSC415 Biometrics and Cryptography 7

 Scope of Encryption

v0.0 CPSC415 Biometrics and Cryptography 8

 Traffic Analysis
• is monitoring of communications flows
between parties
– useful both in military & commercial spheres
– can also be used to create a covert channel
• link encryption obscures header details
– but overall traffic volumes in networks and at
end-points is still visible
• traffic padding can further obscure flows
– but at cost of continuous traffic

v0.0 CPSC415 Biometrics and Cryptography 9

 Traffic Analysis
• when using end-to-end encryption
must leave headers in clear
– so network can correctly route
information
• hence although contents protected,
traffic pattern flows are not
• ideally want both at once
– end-to-end protects data contents over
entire path and provides authentication
– link protects traffic flows from
monitoring
v0.0 CPSC415 Biometrics and Cryptography 10
 Key Distribution Center

v0.0 CPSC415 Biometrics and Cryptography 11

 Symmetric Cryptographic System
cryptanalysis M
K
Eve
M C M
encryption decryption Bob
Alice
K
Secure channel
key

• Alice: sender
• Bob: receiver
• Eve: eavesdropper / Oscar : opponent
• Alice and Bob are the celebrities in cryptography.

• Ciphertext C = EK(M); Plaintext M = EK-1(C)

• One of the greatest difficulties: key management
• Algorithms: DES, CAST, IDEA, RC2/4/5 (Rivest’s Code), AES, …

v0.0 CPSC415 Biometrics and Cryptography 12

 Symmetric Key Management
• Each pair of communicating entities needs a shared key
– Why?
– For a n-party system, there are n(n-1)/2 distinct keys in the system
and each party needs to maintain n-1 distinct keys.
• How to reduce the number of shared keys in the system
– Centralized key management
– Public keys
K1 K4
K2 K3
K5

K6
K8
K7

K9

K10

v0.0 CPSC415 Biometrics and Cryptography 13

 Centralized Key Management
Online Central Server

K1 K2

session key

Alice Bob

• Only n keys, instead of n(n-1)/2 in the system.

• Central server may become the single-point-of-failure of the
entire system and the performance bottleneck.

v0.0 CPSC415 Biometrics and Cryptography 14

 Key Distribution

• symmetric schemes require both

parties to share a common secret key
• issue is how to securely distribute
this key
• often secure system failure due to a
break in the key distribution scheme

v0.0 CPSC415 Biometrics and Cryptography 15

 Key Distribution
• given parties A and B have various
key distribution alternatives:
1. A can select key and physically deliver to B
2. third party can select & deliver key to A & B
3. if A & B have communicated previously can use
previous key to encrypt a new key
4. if A & B have secure communications with a
third party C, C can relay key between A & B

v0.0 CPSC415 Biometrics and Cryptography 16

 Key Distribution Scenario

v0.0 CPSC415 Biometrics and Cryptography 17

 Key Distribution Issues

• hierarchies of KDC’s required for

large networks, but must trust each
other
• session key lifetimes should be
limited for greater security
• controlling purposes keys are used
for
– lots of keys to keep track of
– binding management information to key
v0.0 CPSC415 Biometrics and Cryptography 18
 Key Distribution Center (KDC)

Q: How does KDC allow Bob, Alice to determine shared

symmetric secret key to communicate with each other?

KDC
generates
KA-KDC(A,B) R1

Alice KA-KDC(R1, KB-KDC(A,R1) )

Bob knows to
knows use R1 to
R1 KB-KDC(A,R1) communicate
with Alice

Alice and Bob communicate: using R1 as

session key for shared symmetric encryption
v0.0 CPSC415 Biometrics and Cryptography 19