Key Packaging And Delivery
This document was uploaded by user and they confirmed that they have the permission to share it. If you are author or own the copyright of this book, please report to us by using this DMCA report form. Report DMCA
Overview
Download & View Key Packaging And Delivery as PDF for free.
More details
- Words: 341
- Pages: 3
Key Packaging and Delivery •
Delivery method depends on numerous factors 1. security 2. cost 3. convenient 4. schedule No third party delivery or courier service/mail should be used Key splitting can be done via independent delivery system and shipment may be done by sealing the key inside an envelope with recipient name and address by sealing the envelope with delaminating tape.
• •
Key Splitting for Safer Delivery • • •
Two keys sent instead of one key Send both the keys via same service in 2 – envelopes, possibly on two different days or else one through mail another through fax The worse way of sending the key is writing it in paper and sending through third party / the key is splitted straightaway in to two parts and sent through person
Eg. DES algorithm uses 56-bit key . If splitting is done as 28 bits + 28 bits and if one part is in the hands of attacker, then it is easy to judge the key from the quarter billion combination with few hours on a good workstation.
Key Splitting for EES • • •
EES (Escrowed encryption standard) was introduced in the year 1994 by US Govt. Mainly this algorithm is used for back door attacks. This algorithm is using two chips called CLIPPER (used for telephonic communication) and CAPSTONE (used for e-mails) using SKIPJACK blocks Two keys are prepared from different chips
Deployment Security : Requirements • • • • • •
Generate Keys Randomly Protect the key generation process from “leaks” Keep the keys’ value separate from its address Protect the keys during shipment Require positive acknowledgement before new keys are used Have a procedure of keys The keys shouldn’t known to administrators and observers. Keys should have integrity checksum
Technology :Automatic Re-Keying • • •
Individual Key Should not be reused The keys should be changed often (but manually it is not possible). This is done by atomizing it. (Automatic Re-keying) A Standard which is used for the automatic re-keying is ANSI x9.17
Delivery method depends on numerous factors 1. security 2. cost 3. convenient 4. schedule No third party delivery or courier service/mail should be used Key splitting can be done via independent delivery system and shipment may be done by sealing the key inside an envelope with recipient name and address by sealing the envelope with delaminating tape.
• •
Key Splitting for Safer Delivery • • •
Two keys sent instead of one key Send both the keys via same service in 2 – envelopes, possibly on two different days or else one through mail another through fax The worse way of sending the key is writing it in paper and sending through third party / the key is splitted straightaway in to two parts and sent through person
Eg. DES algorithm uses 56-bit key . If splitting is done as 28 bits + 28 bits and if one part is in the hands of attacker, then it is easy to judge the key from the quarter billion combination with few hours on a good workstation.
Key Splitting for EES • • •
EES (Escrowed encryption standard) was introduced in the year 1994 by US Govt. Mainly this algorithm is used for back door attacks. This algorithm is using two chips called CLIPPER (used for telephonic communication) and CAPSTONE (used for e-mails) using SKIPJACK blocks Two keys are prepared from different chips
Deployment Security : Requirements • • • • • •
Generate Keys Randomly Protect the key generation process from “leaks” Keep the keys’ value separate from its address Protect the keys during shipment Require positive acknowledgement before new keys are used Have a procedure of keys The keys shouldn’t known to administrators and observers. Keys should have integrity checksum
Technology :Automatic Re-Keying • • •
Individual Key Should not be reused The keys should be changed often (but manually it is not possible). This is done by atomizing it. (Automatic Re-keying) A Standard which is used for the automatic re-keying is ANSI x9.17
Related Documents
Key Packaging And Delivery
June 2020 2
Heaven: Packaging And Delivery Section
June 2020 1
Packaging
May 2020 14
Branding And Packaging
October 2019 23
Packaging And Labeling Decisions
May 2020 13