« Return to Previous Page

Some Key Agreement Protocols

In cryptography, a key memorandum of understanding is a protocol in which two or more parties can agree on a key in such a way that both influence the outcome. If properly implemented, it prevents unwanted third parties from imposing an important choice on the parties. Protocols that are useful in practice also do not reveal to any wiretapped party which key has been agreed. A widely used mechanism to fend off such attacks is the use of digitally signed keys, which must be secured on integrity: if Bob`s key is signed by a trusted third party vouching for her identity, Alice may have great confidence that a signed key she receives is not an attempt to be intercepted by Eve. If Alice and Bob have a public key infrastructure, they can digitally sign an agreed Diffie Hellman key or exchange public diffie-hellman keys. These signed keys, sometimes signed by a certification body, are one of the main mechanisms used for secure web traffic (including HTTPS, SSL, or Transport Layer Security protocols). Other concrete examples are MQV, YAK and ISAKMP of the IPsec protocol suite for securing Internet Protocol communications. However, these systems require special attention to ensure consistency between identity information and public keys by certification bodies in order to function properly. If you have a secure way of integrity to verify a released key through a public channel, you can perform a Diffie Hellman key exchange to deduce a short-term released key and then authenticate that the keys match. One possibility is to use an authenticated reading of the key, as in PGPfone. However, voice authentication assumes that it is not possible for a man in the middle to simulate a participant`s voice in real time, which can be an undesirable hypothesis. These protocols can be designed to work with a small public value, for example. B a password.

Variations in this regard have been proposed for Bluetooth pairing protocols. Many key exchange systems allow one party to generate the key and send that key simply to the other party – the other party has no influence on the key. Using a key-agreement protocol avoids some key distribution issues related to these systems. A large number of cryptographic authentication schemes and protocols have been developed to provide key authenticated agreements to prevent man-in-the-middle and related attacks. These methods usually mathematically link the agreed key to other agreed data, such as for example. B: Exponential key exchange does not in itself specify prior agreement or ex-post authentication between participants. It has therefore been described as an anonymous key memorandum of understanding. Authenticated key protocols require the separate setting of a password (which can be smaller than a key) in a way that is both private and integrity. These are designed to withstand man-in-the-middle attacks and other active attacks against the password and established keys. For example, DH-EKE, SPEKE, and SRP are authenticated variations of Diffie-Hellman.

Comments are closed.