Μελέτη πρωτοκόλλων ανταλλαγής και εγκαθίδρυσης κρυπτογραφικών κλειδιών

Μαντάς, Στυλιανός Η.

Master Thesis

Author

Μαντάς, Στυλιανός Η.

Date

2013-12-23

Abstract

Network based communications between open systems are generally subject to four major categories of threats: Lack of Confidentiality, Lack of Integrity, Masquare and man-in-the-middle, Non-repudiation. The basic security mechanism against these attacks is the use of cryptography. The symmetric cryptographic algorithms are very secure, fast and they have widespread use. Nevertheless, there are various limitations which are related with symmetric key schemes such as the key distribution problem, the need for a large number of keys and the fact that they do not provide protection against deniability attacks. The above problems are solved by using asymmetric algorithms or otherwise known as public key algorithms in well-designed security and key exchange protocols. In general there exist three families of public key cryptography schemes for key exchange which are of practical relevance. These can be classified by the computational problem that is characterized: Integer factorization systems, discrete logarithm systems, Elliptic curve systems. Each of these three families can provide the basic mechanisms of public key algorithms, such as key establishment, non-repudiation information through digital signatures and data encryption. The RSA cryptosystem belongs to integer factorization systems and is suitable to encrypt / decrypt data, to create digital signatures, to verify them and to securely exchange cryptographic keys. The Diffie-Hellman Key Exchange (DHKE) algorithm belongs to the descrete logarithm based systems and is an impressive application of the discrete logarithm problem. This basic technique of key agreement is implemented in many open and commercial cryptographic protocols such as SSH and IPsec. In the third category belongs the ECDH protocol which is full proportion of DHKE, except that here is performed an exchange key using elliptic curves. IPsec in combination with ΙΚΕ and SSL are the most famous protocols of security of protocols that apply key exchangement and key establishment and are currently used routinely. The main goal of every authenticated key establishment protocol is to distribute key data safely using protocols with implicit key authentication and instant key confirmation etc.