Security in Embedded Devices pp 49-73 | Cite as

# Using Keys

## Abstract

As discussed in Chap. 3, keys must remain protected from would be attackers in order to provide security. However, they must be accessed by trusted users or devices in order for security computations to be performed. These security computations include protocols not only for communicating or establishing temporary keys but also for communicating confidential messages, signatures, etc. This chapter will introduce the basic protocols which use keys to transport confidential messages, establish keys, to authenticate messages, or to create a digital signature. General protocols are introduced first for both shared key or symmetric keys and public key security. Detailed mathematics are also introduced for public key cryptography, specifically integer factorization, and discrete logarithms. Elliptic curve cryptography (ECC) is covered in a separate chapter. Implications for embedded systems will be discussed at the end of Chap. 5 so that the techniques in this chapter are compared to that of ECC.

In cryptographic theory, there are two general types of keys: symmetric keys and asymmetric keys. The symmetric key schemes utilize the same key value at both ends of the communication channel. Asymmetric key schemes are referred to as public key schemes, where a public key is paired with a private key and both are used in the application. In this case, the owner of the public and private key pair must always maintain confidentiality of the private key, but the public key can be made available to anyone. For example, in order to communicate over a channel with another party only the public key of both parties is required. There are different approaches to implementing public key schemes such as those based upon integer factorization (such as RSA), discrete logarithms (DSA, ElGamal), and elliptical curve discrete logarithms (ECC). The later will be covered in Chap. 5 since it is viewed as most efficient and thus important for embedded systems. It is assumed in all protocols covered in this chapter that an attacker is capable of seeing data transferred from one user to another user in the communication channel (such as an eavesdropper). Also an attacker is able to substitute the data being transmitted or stop a transmission or create a transmission to any user. A box with latches or a lock which can hold messages (Singh 1999) will be used in this chapter to illustrate several concepts.

Key transport refers to the secure transfer of a key from one party to another party. Key establishment or agreement refers to two or more parties separately deriving the same secret key without other parties being able to derive or obtain this key. In addition to Alice and Bob who wish to communicate, there is typically a third party involved which is known as a key distribution center, or KDC, for symmetric key operations. In general, there may also be a key translation center, or KTC, which for example receives an encrypted session key from Alice, proceeds to decrypt the session key with Alice’s key, reencrypts the session key with Bob’s key, and finally sends the reencrypted session key to Bob. There may also be “key access” servers which operate similar to a KTC by sending encrypted keys to authenticated users. In asymmetric key operations, the third party is referred to as a certificate authority (CA). This third party must be a trusted source, in other words it should never be compromised and any user should not be able to masquerade as a KDC or CA.

## Keywords

Discrete Logarithm Certificate Authority Elliptic Curve Cryptography Discrete Logarithm Problem Confidential Message## References

- Branstad DK (1987) Considerations for security in the OSI architecture. IEEE Netw Mag 1(2): 34–39Google Scholar
- Denning DE, Sacco GM (1981) Timestamps in key distribution protocols. Commun ACM 24: 533–536CrossRefGoogle Scholar
- Diffie W (1988) The first ten years of public key cryptography. Proc IEEE 76(5):560–577CrossRefGoogle Scholar
- Diffie W, Hellman ME (1976) New directions in cryptography. IEEE Trans Inform Theory IT-22 6:644–654Google Scholar
- FIPS186-3 (2009) Digital signature standard (DSS) Federal information processing standards publication. National Institute of Standards and Technology, Gaithersburg, MDGoogle Scholar
- Menezes A, van Oorschot P, Vanstone S (1996) Handbook of applied cryptography. CRC, Boca Raton, FLCrossRefGoogle Scholar
- Rabin MO (1979) Digitalized signatures and public-key functions as intractable as factorization. http://publications.csail.mit.edu/lcs/pubs/pdf/MIT-LCS-TR-212.pdf MIT/LCS/TR-212:1–16
- Rivest R, Shamir A, Adleman L (1978) A method for obtaining digital signatures and public-key cryptosystems. Commun ACM 21(2):120–126. http://people.csail.mit.edu/rivest/Rsapaper.pdf
- Schneier B (1996) Applied cryptography. Wiley, New YorkGoogle Scholar
- Singh S (1999) The code book the science of secrecy from ancient egypt to quantum cryptography. Anchor Books, New York, NYGoogle Scholar
- Smith RE (2002) Authentication from passwords to public keys. Addison-Wesley, Reading, MAGoogle Scholar