Cryptographic Key Distribution and Management

Cryptographic Key Distribution and Management

Martin Rublík (University of Economics, Slovakia)
DOI: 10.4018/978-1-4666-5808-0.ch011
OnDemand PDF Download:
$37.50

Abstract

Cryptographic key distribution and management is one of the most important steps in the process of securing data by utilizing encryption. Problems related to cryptographic key distribution and management are hard to solve and easy to exploit, and therefore, they are appealing to the attacker. The purpose of this chapter is to introduce the topics of cryptographic key distribution and management, especially with regards to asymmetric keys. The chapter describes how these topics are handled today, what the real-world problems related to cryptographic key distribution and management are, and presents existing solutions as well as future directions in their solving. The authors present the cryptographic key management and distribution problems from a multidisciplinary point of view by looking at its economic, psychological, usability, and technological aspects.
Chapter Preview
Top

General Concepts In Key Management And Distribution

In order to protect data integrity and confidentiality by using encryption the involved parties must share cryptographic keys. Modern encryption systems are designed in a way that protects the data if the encryption algorithm is known and encrypted data is available to the attacker. Many of the systems are designed to further protect the data even if the attacker knows the encryption algorithm, knows the encrypted data, and can decrypt some of the data. It is however impossible to protect the data if the attacker can gain access to the entire set of cryptographic keys. Hence, key management and distribution is crucial for cryptographic protection.

According to (NIST, 2007) cryptographic key management lifecycle consists of several phases. Their simplified illustration is expressed by Figure 1.

Figure 1.

Key management phases

Especially hard part of key management lifecycle is trust establishment and key distribution in pre-operational phase. In these processes involved parties need to prove the possession of cryptographic keys, and exchange them in a secure manner.

Complete Chapter List

Search this Book:
Reset