Solved

cant understand this cryptographic scenario

Posted on 2006-10-30
5
209 Views
Last Modified: 2010-04-11
Assume that two parties already have access to a shared secret andthat they have each other’s public key. Why is it still good practice toregularly re-negotiate new session keys for continued negotiation under such circumstances? What are the several potential attacks and conditions that are mitigated by this approach.
0
Comment
Question by:shairan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 43 total points
ID: 17835333
Any cryptographic algorithm is a sequence of mathematical relationships which is known to everybody. So theoritically speaking you can still break them, only time matter. Now if a long conversation uses a same key, there is a chance that the intruder might be *lucky* to break 'em while the data's importance is still valid.

On the other hand if the actual keys are not used but they are used only to *create* session keys which renegotiates at a fixed interval, then cracking this becomes difficult.

For example, if I speak for 4 hours using 1 key, all I need to crack is the full traffic and find out this one key.

If I speak for 4 hours using 4 keys renegotiated at 1 hour interval, then it becomes full traffic and find out 4 keys.

Hope this helps.

Cheers,
Rajesh
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 41 total points
ID: 17836957
That pretty much sums it up. There is also the possibility for man-in-the-middle attack and key replay, it defiantly helps with key replay, but not so much with MTM.
  http://en.wikipedia.org/wiki/Anti-replay http://en.wikipedia.org/wiki/Replay_attack (man in the middle isn't always a key replay)
http://en.wikipedia.org/wiki/Anti-replay
-rich
0
 
LVL 3

Assisted Solution

by:mahe2000
mahe2000 earned 41 total points
ID: 17842941
because you use your session key (shared secret is just for authentication) to encrypt traffic. if it is compromissed in some way your encryption is useless. having the same key for a long time let people sniffing you have a lot of packets encrypted with the same key which gives him a lot of information to statistically try to get the key. if you change the key in short periods of time, he has to start again and again...
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Smart phones, smart watches, Bluetooth-connected devices—the IoT is all around us. In this article, we take a look at the security implications of our highly connected world.
Recently, Microsoft released a best-practice guide for securing Active Directory. It's a whopping 300+ pages long. Those of us tasked with securing our company’s databases and systems would, ideally, have time to devote to learning the ins and outs…
Nobody understands Phishing better than an anti-spam company. That’s why we are providing Phishing Awareness Training to our customers. According to a report by Verizon, only 3% of targeted users report malicious emails to management. With compan…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

749 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question