?
Solved

cant understand this cryptographic scenario

Posted on 2006-10-30
5
Medium Priority
?
213 Views
Last Modified: 2010-04-11
Assume that two parties already have access to a shared secret andthat they have each other’s public key. Why is it still good practice toregularly re-negotiate new session keys for continued negotiation under such circumstances? What are the several potential attacks and conditions that are mitigated by this approach.
0
Comment
Question by:shairan
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 32

Accepted Solution

by:
rsivanandan earned 172 total points
ID: 17835333
Any cryptographic algorithm is a sequence of mathematical relationships which is known to everybody. So theoritically speaking you can still break them, only time matter. Now if a long conversation uses a same key, there is a chance that the intruder might be *lucky* to break 'em while the data's importance is still valid.

On the other hand if the actual keys are not used but they are used only to *create* session keys which renegotiates at a fixed interval, then cracking this becomes difficult.

For example, if I speak for 4 hours using 1 key, all I need to crack is the full traffic and find out this one key.

If I speak for 4 hours using 4 keys renegotiated at 1 hour interval, then it becomes full traffic and find out 4 keys.

Hope this helps.

Cheers,
Rajesh
0
 
LVL 38

Assisted Solution

by:Rich Rumble
Rich Rumble earned 164 total points
ID: 17836957
That pretty much sums it up. There is also the possibility for man-in-the-middle attack and key replay, it defiantly helps with key replay, but not so much with MTM.
  http://en.wikipedia.org/wiki/Anti-replay http://en.wikipedia.org/wiki/Replay_attack (man in the middle isn't always a key replay)
http://en.wikipedia.org/wiki/Anti-replay
-rich
0
 
LVL 3

Assisted Solution

by:mahe2000
mahe2000 earned 164 total points
ID: 17842941
because you use your session key (shared secret is just for authentication) to encrypt traffic. if it is compromissed in some way your encryption is useless. having the same key for a long time let people sniffing you have a lot of packets encrypted with the same key which gives him a lot of information to statistically try to get the key. if you change the key in short periods of time, he has to start again and again...
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

There is a lot to be said for protecting yourself and your accounts with 2 factor authentication.  I found to my own chagrin, that there is a big downside as well.
With the rising number of cyber attacks in recent years, keeping your personal data safe has become more important than ever. The tips outlined in this article will help you keep your identitfy safe.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
This video Micro Tutorial shows how to password-protect PDF files with free software. Many software products can do this, such as Adobe Acrobat (but not Adobe Reader), Nuance PaperPort, and Nuance Power PDF, but they are not free products. This vide…
Suggested Courses

771 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question