Key Management Techniques for Controlling the Distribution and Update of Cryptographic keys

Key management plays a fundamental role in cryptography as the basis for securing cryptographic techniques providing confidentiality, entity authentication, data origin authentication, data integrity, and digital signatures. The goal of a good cryptographic design is to reduce more complex problems to the proper management and safe-keeping of a small number of cryptographic keys, ultimately secured through trust in hardware or software by physical isolation or procedural controls. Reliance on physical and procedural security (e.g., secured rooms with isolated equipment), tamper-resistant hardware, and trust in a large number of individuals is minimized by concentrating trust in a small number of easily monitored, controlled, and trustworthy elements.

 Initialization of system users within a domain  Generation, distribution, and installation of keying material  Controlling the use of keying material.
 Update, revocation, and destruction of keying material and  Storage, backup/recovery, and archival of keying material.I is used in reference to keying material.A symmetric cryptographic system is a system involving two transformationsone for the originator and one for the recipientboth of which make use of either the same secret key (symmetric key) or two keys easily computed from each other.An asymmetric cryptographic system is a system involving two related transformationsone defined by a public key (the public transformation), and another defined by a private key (the private transformation) with the property that it is computationally infeasible to determine the private transformation from the public transformation.Table II indicates various types of algorithms commonly used to achieve the specified cryptographic objectives.Keys associated with these algorithms may be correspondingly classified, for the purpose of controlling key usage .The classification given requires specification of both the type of algorithm (e.g., encryption vs. signature) and the intended use (e.g., confidentiality vs. entity authentication).

III. KEY MANAGEMENT OBJECTIVES, THREATS AND POLICY
Keying relationships in a communications environment involve at least two parties (a sender and a receiver) in realtime.In a storage environment, there may be only a single party, which stores and retrieves data at distinct points in time.
The objective of key management is to maintain keying relationships and keying material in a manner which counters relevant threats, such as:  Compromise of confidentiality of secret keys.
 of authenticity of secret or public keys.
Authenticity requirements include knowledge or verifiability of the true identity of the party a key is shared or associated with.
 Unauthorized use of secret or public keys.

A. Security policy and key management
Key management is usually provided within the context of a specific security policy.A security policy explicitly or implicitly defines the threats a system is intended to address.The policy may affect the stringency of cryptographic requirements, depending on the susceptibility of the environment in question to various types of attack.Security policies typically also specify:  Practices and procedures to be followed in carrying out technical and administrative aspects of key management, both automated and manual responsibilities and accountability of each party involved and the types of records (audit trail information) to be kept, to support subsequent reports or reviews of security-related events.

IV. TRADE OFFS AMONG KEY ESTABLISHMENT PROTOCOLS
In selected key management applications, hybrid protocols involving both symmetric and asymmetric techniques offer the best alternative.More generally, the optimal use of available techniques generally involves combining symmetric techniques for bulk encryption and data integrity with publickey techniques for signatures and key management.

A. Public-key vs. symmetric-key techniques (in key
Management) Primary advantages offered by public-key (vs.symmetrickey) techniques for applications related to key management include:  Simplified key management.To encrypt data for another party, only the encryption public key of that party need be obtained.This simplifies key management as only authenticity of public keys is required, not their secrecy.
 On-line trusted server not required.Public-key techniques allow a trusted on-line server to be replaced by a trusted off-line server plus any means for delivering authentic public keys (e.g., public-key certificates and a public database provided by an entrusted on-line server).For applications where an on-line trusted server is not mandatory, this may make the system more amenable to scaling, to support very large numbers of users.
 Enhanced functionality.Public-key cryptography [2] offers functionality which typically cannot be provided cost-effectively by symmetric techniques (without additional online trusted third parties or customized secure hardware).The most notable such features are non-repudiation of digital signatures, and true (single-source) data origin authentication.
V. TECHNIQUES FOR DISTRIBUTING PUBLIC KEYS Protocols involving public-key cryptography are typically described assuming a priori possession of (authentic) public keys of appropriate parties.This allows full generality among various options for acquiring such keys.Alternatives for distributing explicit public keys with guaranteed or verifiable authenticity, including public exponentials for Diffie-Hellman key agreement (or more generally, public parameters), include the following.
 Point-to-point delivery over a trusted channel.
Authentic public keys of other users are obtained directly from the associated user by personal exchange, or over a direct channel, originating at that user, and which (procedurally) guarantees integrity and authenticity (e.g., a trusted courier or registered mail).This method is suitable if used infrequently (e.g., onetime user registration), or in small closed systems.A related method is to exchange public keys and associated information over an untrusted electronic channel, and provide authentication of this information by communicating a hash thereof (using a collisionresistant hash function) via an independent, lower bandwidth authentic channel, such as a registered mail..
 Use of an off-line server and certificates.In a one-time process, each party A contacts an off-line trusted party referred to as a certification authority (CA), to register its public key and obtain the CA's signature verification public key (allowing verification of other users' certificates).The CA certifies A's public key by binding it to a string identifying A, thereby creating a certificate.Parties obtain authentic public keys by exchanging certificates or extracting them from a public directory.
 Use of systems implicitly guaranteeing authenticity of public parameters.In such systems, including identitybased systems and those using implicitly certified keys http://ijacsa.thesai.org/by algorithmic design, modification of public parameters results in detectable, non-compromising failure of cryptographic techniques.
VI. PUBLIC KEY CERTIFICATES Public-key certificates are a vehicle by which public keys may be stored, distributed or forwarded over unsecured media without danger of undetectable manipulation.The objective is to make one entity's public key available to others such that its authenticity (i.e., its status as the true public key of that entity) and validity are verifiable.In practice, X.509 certificates are commonly used.

A. Definition
A public-key certificate [4] is a data structure consisting of a data part and a signature part.The data part contains clear text data including, as a minimum, a public key and a string identifying the party (subject entity) to be associated there with.The signature part consists of the digital signature of a certification authority over the data part, thereby binding the subject entity's identity to the specified public key.
The Certification Authority (CA) is a trusted third party whose signature on the certificate vouches for the authenticity of the public key bound to the subject entity.The significance of this binding (e.g., what the key may be used for) must be provided by additional means, such as an attribute certificate or policy statement.Within the certificate, the string which identifies the subject entity must be a unique name within the system (distinguished name), which the CA typically associates with a real-world entity.The CA requires its own signature key pair, the authentic public key of which is made available to each party upon registering as an authorized system user.

B. Creation of public-key certificates
Before creating a public-key certificate for a subject entity A, the certification authority should take appropriate measures (relative to the security level required, and customary business practices), typically non-cryptographic in nature, to verify the claimed identity of A and the fact that the public key to be certified is actually that of A. Two cases may be distinguished.
 Trusted party creates key pair.The trusted party creates a public-key pair, assigns it to a specific entity, and includes the public key and the identity of that entity in the Certificate.The entity obtains a copy of the corresponding private key over a secure (authentic and private) channel after proving its identity (e.g., by showing a passport or trusted photoid, in person).All parties subsequently using this certificate essentially delegate trust to this prior verification of identity by the trusted party.
 Entity creates own key pair.The entity creates its own public-key pair, and securely transfers the public key to the trusted party in a manner which preserves authenticity.(e.g., over a trusted channel, or in person).Upon verification of the authenticity (source) of the public key, the trusted party creates the publickey certificate the signer.

C. Use and verification of public-key certificates
The overall process whereby a party B uses a public-key certificate to obtain the authentic public key of a party A may be summarized as follows:  (One-time) acquire the authentic public key of the certification authority.
 Obtain an identifying string which uniquely identifies the intended party A.
 Acquire over some unsecured channel (e.g. from a central public database of certificates, a public-key certificate corresponding to subject entity A and agreeing with the previous identifying string.

D. Attribute certificates
Public-key certificates bind a public key and an identity, and include additional data fields necessary to clarify this binding, but are not intended for certifying additional information.Attribute certificates are similar to public-key certificates, but specifically intended to allow specification of information (attributes) other than public keys (but related to a CA, entity, or public key), such that it may also be conveyed in a trusted (verifiable) manner.Attribute certificates may be associated with a specific public key by binding the attribute information to the key by the method by which the key is identified, e.g., by the serial number of a Corresponding public-key certificate, or to a hash-value of the public key or certificate.Attribute certificates may be signed by an attribute certification authority, created in conjunction with an attribute registration authority, and distributed in conjunction with an attribute directory service More generally, any party with a signature key and appropriate recognizable authority may create an attribute certificate.

VII. KEY LIFE CYCLE ISSUES
Key management is simplest when all cryptographic keys are fixed for all time.Crypto periods [3] necessitate the update of keys.This imposes additional requirements, e.g., on certification authorities which maintain and update user keys.The set of stages through which a key progresses during its existence, referred to as the life cycle of keys, is discussed in this section.

A. Lifetime protection requirements
Controls are necessary to protect keys both during usage and storage.Regarding long-term storage of keys, the duration of protection required depends on the cryptographic function (e.g., encryption, signature, data origin authentication/integrity) and the time-sensitivity of the data in question.
Security impact of dependencies in key updates: Keying material should be updated prior to crypto period expiry.Update involves use of existing keying material to establish http://ijacsa.thesai.org/new keying material, through appropriate key establishment protocols and key layering .To limit exposure in case of compromise of either long term secret keys or past session keys, dependencies among keying material should be avoided.For example, securing a new session key by encrypting it under the old session key is not recommended (since compromise of the old key compromises the new).

B. Key management life cycle
Except in simple systems where secret keys remain fixed for all time, crypto periods associated with keys require that keys be updated periodically.Key update necessitates additional procedures and protocols, often including communications with third parties in public-key systems.The sequence of states which keying material progresses through over its lifetime is called the key management life cycle.entity authentication, data origin authentication, data integrity, and digital signatures.The goal of a good cryptographic design is to reduce more complex problems to the proper management and safe-keeping of a small number of cryptographic keys, ultimately secured through trust in hardware or software by physical isolation or procedural controls.Reliance on physical and procedural security (e.g., secured rooms with isolated equipment), tamper-resistant hardware, and trust in a large number of individuals is minimized by concentrating trust in a small number of easily monitored, controlled, and trustworthy elements.
Life cycle stages may include:  User registration  User initialization  Key generation  Key installation  Key registration  Normal use  Key backup  Key update  Archival  key de-registration and destruction  Key recovery  Key revocation VIII.CONCLUSION Key management plays a fundamental role in cryptography as the basis for securing cryptographic techniques providing confidentiality,