Abstract by anuja a sonalker on Asymmetric Key Distribution
Download 217.42 Kb. Pdf ko'rish
|
etd
- Bu sahifa navigatsiya:
- 3.10.3 Physical Break-ins and Compromising the Trusted Dealer
|
3.10.2 Key Distribution Problem
In the case of the Trusted Dealer, there exists a key distribution problem. A safe transmission of the initial private key shares is indispensable to the proper functioning of the algorithm. For the safe transmission of the initial shares, which the trusted dealer deals to all the share servers in the party, any crypto scheme can be applied. We propose one solution: each share server has its own encryption-decryption method with its own individual public and private key pairs. While its private key (used for decryption) is known only to itself, its public key is registered in a public file system with the trusted dealer. This file system is totally public in nature and the revelation of this information does not pose any threat to this scheme. When the trusted Dealer has completely computed all the shares it needs to distribute them to each share server. The TD encrypts each message using the corresponding share servers public key, Ex, and sends it out via an insecure means of communication. The 35 share server on receipt of this message, M x , uses its private key D x to decrypt the message, which contains its new keys. For example, if the TD desires to send share server S1 his set of private keys in a message M s1 , it would look into his public file and compute the following cipher text C s1 and send it over to S1. S1 would then compute M s1 using D s1 and retrieve its new set of shares. Further, all the communication channels are assumed to be created over SSL for added security. 3.10.3 Physical Break-ins and Compromising the Trusted Dealer The algorithm is believed to be computationally secure. Physical break-ins are not an immediate issue for the algorithm and it is assumed that physical security is being handled exceptionally well by the designated authorities and there is no chance for the keys to be physically leaked out of the system under consideration even by the owner. The Trusted Dealer is a single point of failure and so, a prime target for attack, as it is the sole entity in the system to possess complete knowledge of the complete private-key and the shares. The Trusted Dealer is secured from any takeover thus. As far as physical break-ins are concerned, as a continuation of our initial physical security assumption, we tend to believe that the environment of key generation is physically isolated from other entities. The possibility of the keys being physically robbed or leaked out of this environment is nil due to the security agencies at work and the fact that the trusted dealer is a temporary agent created for the sole purpose of key share generation and distribution. It then self- destructs once its assigned tasks are completed. The TD does not save the key shares on to any media or prints them for any recording purpose. Once the Trusted Dealer self- destructs, there is no place where all the private shares of all the share servers can be found together. |
