There are two approaches: Simple Secret Key Distribution and Secret key Distribution with Confidentiality and Authentication.
Simple Secret Key Distribution
If A wishes to communicate with B, the following procedure is employed: A generates a public/private key pair {PUa, PRa} and transmits a message to B consisting of PUa and an identifier of A, IDA. B generates a secret key, Ks, and transmits it to A, which is encrypted with A’s public key.
Figure: Simple Secret Key Distribution |
A decrypt message using, D (PRa, E (PUa, Ks)) to recover the secret key. Because only A can decrypt the message, only A and B will know the identity of Ks. A discards PUa and PRa and B discards PUa. A and B can now securely communicate using conventional encryption and the session key Ks. At the completion of the exchange, both A and B discard Ks.
Secret Key Distribution with Confidentiality and Authentication
A uses B’s public key to encrypt a message to B containing an identifier of A(IDA)and a nonce (N1), which is used to identify this transaction uniquely. B sends a message to user A encrypted with PUa and containing A’s nonce as (N1) well as a new nonce generated by B(N2). Because only B could have decrypted message (1), the presence of N1 in message (2) assures A that the correspondent is B. A returns N2, encrypted using B’s public key, to assure B that its correspondent is A. A selects a secret key and sends M = E (PUb, E (PRa, Ks)) to B.
Figure: Secret Key distribution with confidentiality and authentication |
Encryption
of this message with B’s public key ensures that only B can read it; encryption
with A’s private key ensures that only A could have sent it. B decrypt the message
and get secret key Ks. The result is that this scheme ensures both
confidentiality and authentication in the exchange of a secret key.
To learn more about Symmetric Key Distribution using Asymmetric Encryption, Click here
Watch more videos click here.
No comments:
Post a Comment