CSE4303 Introduction to Computer Security (Lecture 12)

Asymmetric Encryption

Motivation

Symmetric key exchange: TTPs

Idea: Trusted Third Party (TTP) is always-available key manager

• Assume secure channel exists between every user and TTP
  • KA = shared key between user A and TTP
• Generates/distributes keys to user pairs on demand
  • KAB = shared key between user A and user B

Symmetric-key encryption: challenges

1. Key storage: one per user pair, $O(n^2)$ total for $n$ users
2. Key exchange: how to do it over non-secure channel?

Key Exchange

Diffie-Hellman