Code360 powered by Coding Ninjas X Naukri.com. Code360 powered by Coding Ninjas X Naukri.com
Table of contents
1.
Introduction
2.
Key Predistribution Scheme
3.
Session Keys
4.
Session Key Distribution
5.
Key Agreement
6.
Difference between Key Distribution and Key Agreement
7.
Long-lived Keys
8.
Key Agreement Scheme
9.
Attack Models and Adversarial Goals
10.
Authenticated Key Agreement Schemes
11.
Extended Attack Models
12.
Frequently Asked Questions
12.1.
What is a Public-key cryptosystem?
12.2.
What is a secret-key cryptosystem?
12.3.
What is hybrid cryptography?
12.4.
What is an Adversarial Goal?
12.5.
What is an Attack Model?
13.
Conclusion
Last Updated: Mar 27, 2024

Introduction to Key Distribution

Author RAGHAV ANUSHA
0 upvote
Master Python: Predicting weather forecasts
Speaker
Ashwin Goyal
Product Manager @

Introduction

Hello Ninja, in this article, we will provide an introduction to key distribution, discuss the various terms required to understand the topic, like key predistribution, session key distribution, and key agreement, and discuss the attack models and adversarial goals with context to key distribution. This article will also discuss the various methods that arise while establishing secret keys. 

Introduction to Key Distribution

If you're aware of the basics of security in cryptography, you would know that Public-key Cryptosystems are better than secret-key cryptosystems because to exchange a key, a secured channel is not required. Despite this advantage, public-key Cryptosystems are much slower than secret-key cryptosystems. Therefore, in actuality, secret-key cryptosystems are used for encrypting longer messages.

Also read - active and passive attacks

Key Predistribution Scheme

In a key distribution scheme, a trusted authority distributes the information related to the key before everyone is connected to the network. It should be noted that a secure channel is necessary while the keys are distributed. Network users can later use these secret keys to encrypt the messages they wish to transmit over the network.    

Get the tech career you deserve, faster!
Connect with our expert counsellors to understand how to hack your way to success
User rating 4.7/5
1:1 doubt support
95% placement record
Akash Pal
Senior Software Engineer
326% Hike After Job Bootcamp
Himanshu Gusain
Programmer Analyst
32 LPA After Job Bootcamp
After Job
Bootcamp

Session Keys

This section of the article, Introduction to Key Distribution, will discuss Session keys, also known as symmetric keys. Session keys are used for encryption and decryption and are generated randomly to ensure the privacy of data exchanged between the users. They are called session keys because they are used for only one session, after which they are discarded, and a new session key is generated. Now you may ask what session the key is being developed for. When data is exchanged between the users and the web servers, the interaction between them is called a session. There are various reasons why session keys are helpful -

  • Session keys limit the amount of ciphertext that the attacker can access. This is because session keys are changed regularly.
     
  • Session keys limit exposure if the scheme is designed well. This enables session keys to be used in risky environments with high exposure possibilities. 
     
  • Using session keys reduces the amount of long-term data that needs to be secured by each party. This is because these keys for two users are only constructed when it is required. 
Uses of Session Keys

Session Key Distribution

In session key distribution, a session key is chosen and distributed online in an encrypted format at the request of the network users. This is done by an interactive protocol called a session key distribution scheme. Session key distribution schemes encrypt data for a specified amount of time. 

Key Agreement

Key agreement is a situation where network users use an interactive protocol to construct a session key. This kind of protocol is called a key agreement scheme. They may be secret-key or public-key-based schemes and don't require a trusted authority. 

Difference between Key Distribution and Key Agreement

This section of the article, Introduction to Key Distribution, will discuss the difference between Key Distribution and Key Agreement, given as follows - 

  • Key distribution is a mechanism in which a trusted authority chooses, encrypts, and transmits session key(s) between one or more authorized parties. On the other hand, a key agreement is a protocol wherein network users collectively choose a session key by communicating through a public channel.
     
  • In the Key Agreement Scheme, the value of the key is determined as the function of secret information of users and inputs provided by the parties. There is also a protocol wherein the user chooses, encrypts, and sends the key to the other user. The situation described here is called Key transport. 
     
  • Some of the key distribution problems can be avoided by using key agreement protocol.
Difference between Key Distribution and Key Agreement

Long-lived Keys

Long-lived keys, also known as LL keys, are secured safely after being pre-computed. These keys can also be computed without interaction from securely stored secret information. Long-lived keys act as secret keys between the users or the trusted authority and the user and can also act as private keys corresponding to public keys stored on the user's certificates. 

The key predistribution scheme provides a method to distribute secret long-lived keys beforehand. A secure channel between the trusted authority and each network user is required to achieve this while the keys are being distributed. These users might use a key agreement scheme later to generate session keys. The amount of secret information stored in the network by the users must be considered in a key agreement scheme. 

LL-keys are meant to satisfy various requirements. The requirement for LL keys depends on the scheme used to generate session keys. The storing need of users also depends on the generated session keys. 

Key Agreement Scheme

A key agreement scheme may be a public/private-key-based or secret-key-based scheme. In this scheme, two parties are involved, but the presence of a trusted authority is not required. 

However, a set of secret LL keys might have been distributed by an offline trusted authority, let's assume in a secret-key-based scheme. If this were based on a public-key-based scheme, then the trusted authority would've been required to issue certificates and maintain a suitable public-key infrastructure. 

Note that a trusted authority doesn't take an active role in a session of a key agreement scheme. 

Attack Models and Adversarial Goals

This section of the article, Introduction to Key Distribution, will discuss Attack Models and Adversarial Goals. Cyber Crime in today's world is everyday news. The network we communicate through is insecure and needs to be secure to keep attackers from stealing confidential information. For example - a user may be active or passive during the information-gathering phase. When this user plans on an attack later, they might be a passive adversary, meaning that their actions are harmless and limited only to eavesdropping on the messages transmitted through the network channel. The attack is harmless here, but we need to protect the information against the possibility of an active attack. An active adversary can perform several kinds of malicious actions, as listed below - 

  • Breach of the authenticity of the data by altering it during transmission
     
  • Saving the messages and denying access to the statements later 
     
  • Attempt to masquerade as several users in the network channel
Attack Models and Adversarial Goals

The objectives of these active or passive adversaries are to fool the users into accepting an invalid key, to make the users believe they have exchanged a key that is not shared amongst them and to determine the information between the users.

You can know more about the difference between Active Attack and Passive Attack here.

Authenticated Key Agreement Schemes

This section of the article, Introduction to Key Distribution, will talk about Authenticated Key Agreement Schemes. In authenticated key agreement schemes, the users are first identified. Here, the users are required to possess a new secret key after the end of the session, whose value is unknown to the attacker. 

Extended Attack Models

Given below are some of the extended attack models - 

  • Known Session Key Attack: The attacker here gets access to the value of a particular session key. However, they would still need other session keys to remain secure.
     
  • Known LL-key Attack: The attacker here gets access to the LL-keys of the users. If this kind of attack happens, a new scheme must be set up immediately. We can, however, limit the damage done by this kind of attack by ensuring that the adversary does not get access to the previous session keys. This particular scheme is said to have the properties of perfect forward secrecy. 
Extended Attack Models

Frequently Asked Questions

What is a Public-key cryptosystem?

 It is a system that uses public and private keys to encrypt and decrypt the ciphertext respectfully. This concept was first introduced in the 1970s.

What is a secret-key cryptosystem?

One secret key is mutually decided between the parties in this system. This private key is used to encrypt and decrypt data.

What is hybrid cryptography?

It is a technique that combines the benefits of both secret and public-key cryptosystems.

What is an Adversarial Goal?

Adversarial Goal is the second aspect of security in cryptography. It tells us what the attacker is attempting to do and the motive behind the attacks. 

What is an Attack Model?

The first aspect of security in cryptography is the Attack Model. It tells us about the information that the attacker can access. 

Conclusion

This article provided an introduction to key distribution, explored all the concepts related to key distribution, discussed the various terms required to understand the topic, like key predistribution, session key distribution, and key agreement, and discussed the attack models and adversarial goals with context to key distribution. If you want to dig deeper, here are some related articles - 


You may refer to our Guided Path on Code Studios to enhance your skill set on DSACompetitive ProgrammingSystem Design, and many more. Check out essential interview questions, practice our available mock tests, look at the interview bundle for interview preparations, and so much more!

Next article
Diffie-Hellman Key Predistribution
Live masterclass