shockrah/csnotes
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
fd44e435eb
csnotes/312/key-dist.md
shockrahwow c746dd5ef9 random subjects for 312
2019-11-25 17:51:07 -08:00

1.0 KiB
Raw Blame History

Key Distribution

A wants to talk to B but securely(duh). A trusted third party steps in to provide keys

Needham-Schoeder

used to authenticate users

Say we have A & B that want to talk.

A sends (IDA, IDB) to KDC
KDC sends Enc(SessionKeyA, IDB, Nonce1, Enc(SessionKeyB, SharedKeyA, IDA)) to A
A sends Enc(SessionKeyB, SharedKeyB, IDA) // this bit came in the package from last round
...
...

Denning

Fixes step 3 with timestamps. We also shorten the overall process. Problem: both parties need to be time synchronized.

NOTE: the Sessionkey below is shared between A and B. THe SharedKeyX is shared between the Key Distribution Center and the user.

  1. A sends {IDA, NonceA} B
  2. B sends {NonceB, Enc(SharedKeyB, [IDA, NonceA, TimeB])} to KDC
  3. KDC sends {Enc(SharedKeyA, [IDB,, NonceA, SessionKey, TimeB), E(SharedKeyB, [IDA, SessionKey, TimeB]), NonceB} to A
  4. A sends {E(SharedKey, [IDA, SessionKey, TimeB]), E(SessionKey, NonceB} to B

Kerberos

The model itself can be thought of similar to