Managing the Encryption Keys
Regardless of the encryption type (symmetrical or asymmetrical), key management is an important issue. It is perhaps the most difficult part of implementing a cryptographic solution. Key management refers to how keys are generated, exchanged, and stored.
Some keys are intended for short-term use only (session keys) and are discarded after a communications session is concluded. Session keys are usually generated automatically and the process is transparent to users.
Other keys are generated by an act of the user and are intended for more long-term use. These keys may be used for authentication or for encrypting data.
The problems involved in key management include
How to store keys securely so that unauthorized parties can't obtain them.
How to securely share secret keys with another party, while ensuring that no one else can obtain them.
How to distribute your public key or obtain someone else's public key for asymmetrical cryptography.
How to revoke a public key that has been distributed if the key pair becomes compromised.
Management of Secret Keys (Shared Secrets)
Secret key (symmetrical) encryption depends on the ability of both parties to the communication to have the same shared key, while keeping that key secret from everyone else. Secure key management is difficult because, unless the parties are in the same physical location, they must find a way to securely transmit the shared key.
Management of Public/Private Key Pairs
Public key encryption was designed to solve the key management problems inherent in secret key cryptography. Because different keys are used for encryption and decryption, the private key never has to travel across the network and risk interception by unauthorized persons.
Secure Key Generation and Key Exchange
Key generation is the creation of encryption keys of a specified size, using a specified key generation algorithm. The key should be resistant to brute-force attacks.
A key exchange protocol must provide a way to securely transmit keys over a nonsecure network (such as the Internet).
Internet Key Exchange (IKE)
The Internet Key Exchange (IKE) protocol was developed as a “hybrid” protocol that implements the Oakley and Skeme key exchange methods within ISAKMP. IKE can dynamically create keys and IPSec security associations.
IKE operates in three modes:
Main mode. Protects the identities of both parties to the communication.
Aggressive mode. Does not protect the identities of the parties; faster than Main mode.
Quick mode. Generates security rules and creates new keys in subsequent key exchanges.
Secure Key Exchange Mechanism (SKEME)
SKEME is a compact protocol that supports a number of security models over the Internet, supporting key exchange based on public key cryptography, key distribution centers, or manual installation. SKEME was developed through the IPSec working group of the IETF, with the intention of providing key management for both IP layer security and for other Internet security applications.
Oakley Key Determination Protocol
The Oakley key determination protocol defines the method for acquiring authenticated keying material. Oakley uses the Diffie-Hellman algorithm.
Diffie-Hellman Key Exchange Algorithm
The Diffie-Hellman algorithm was the first to use asymmetrical cryptography. It actually combines symmetrical and asymmetrical encryption in a two-step process.
A symmetric key is created to encrypt the data, and asymmetrical encryption is used to encrypt the symmetric key.
First, each of the parties to the communication generates a private key, and then each party generates a public key that is derived from the private key. The two parties exchange public keys. The Diffie-Hellman protocol generates a shared secret. This is done by each party applying the algorithm to its own private key and the other party's public key. The result is the shared key, which is the same for both parties. This way, neither the shared secret nor the private keys ever have to be transmitted across the network.
In practice, the shared key is then used to encrypt a symmetric key, which can be sent securely to the other party. This symmetric key, which has been exchanged securely, can now be used to encrypt and decrypt data on both sides.
Diffie-Hellman allows you to benefit from the faster performance of symmetrical encryption, while enjoying the increased security of asymmetrical encryption.
Key Length
The longer a key is, the more difficult it is to break the key. An increase of one bit in key length doubles the number of possible keys that can be created. Thus, security is increased by using longer keys. However, the tradeoff is that performance is decreased because it takes longer to process the lengthier keys.
Because the cryptography methods are different, public and private (secret) keys of the same length do not provide the same security. Public key encryption provides more security relative to the number of bits in the key. Table 9.1 shows the equivalences.
| Key Length | Public Key (Asymmetric) |
|---|---|
| 56 bits | 384 bits |
| 64 bits | 512 bits |
| 80 bits | 768 bits |
| 128 bits | 2,304 bits |
Key Lifetime
The longer a particular key exists and is in use, the more likely it can be compromised. Dynamic key generation, as implemented in IPSec, addresses this problem by generating new keys at specified intervals.
For example, if the key lifetime is set to five minutes, a new key is generated every five minutes during the communications session. Using multiple keys in this manner adds security because even if an unauthorized person obtained the key, he could decrypt only part of the communication. This is appropriate for short-term keys (session keys) and increases security during the transaction.
Some keys, such as the public key distributed for others to use to encrypt messages to you, have long lifetimes. These keys are not kept secret, so there is no need for frequent change. Public keys can remain the same for years.
If a private key is compromised, it should be revoked.
Distribution of Public Keys
Public keys can be distributed manually; that is, you can send your public key to the persons you want to send encrypted messages to you. The danger of this is that someone else could intercept the communication and substitute his own public key, representing it as yours. Then, when the party with whom you wanted to communicate securely encrypts messages with that substituted key, the intercepting party can decrypt the messages (intended for you) with his own private key.
A more secure way to distribute public keys is through a Public Key Infrastructure (described in detail later in the chapter), which uses certification authorities to validate the authenticity of a public key.
Backup of Private Keys
The loss of or damage to a private key can be a problem, so you may want to back up long-term keys (session keys and other short-term keys do not ever need to be backed up, as new keys can be generated quickly and easily).
Backups of private keys should be stored in a physically secure location so they cannot be compromised. The more copies of a key that exist, the greater the chance of compromise.
The most secure way to back up a key is to divide it into shares, each of which is stored in a different place.