Key Distribution and User Authentication

1.     List ways in which secret keys can be distributed to two communicating parties.

Ans: For two parties A and B, there are the following options:

·      A key could be selected by A and physically delivered to B.

·      A third party could select the key and physically deliver it to A and B.

·      If A and B have previously and recently used a key, one party could transmit the new key to the other, using the old key to encrypt the new key.

If A and B each have an encrypted connection to a third party C, C could deliver a key on the encrypted links to A and B.

2.     What is the difference between a session key and a master key?

Ans: A session key is a temporary encryption key used between two principals. 

A master key is a long-lasting key that is used between a key distribution center and a principal for the purpose of encoding the transmission of session keys. Typically, the master keys are distributed by non-cryptographic means.

3.     What is a key distribution center?

Ans: A key distribution center is a system that is authorized to transmit temporary session keys to principals. Each session key is transmitted in encrypted form, using a master key that the key distribution center shares with the target principal.

4.     What entities constitute a full-service Kerberos environment?

Ans: A full-service Kerberos environment consists of a Kerberos server, a number of clients, and a number of application servers.

5.     In the context of Kerberos, what is a realm?

Ans: A realm is an environment in which

·      The Kerberos server must have the user ID and hashed password of all participating users in its database. All users are registered with Kerberos server.

·      The Kerberos server must share a secret key with each server. All servers are registered with the Kerberos server.

6.     What are the principal differences between version 4 and version 5 of Kerberos?

Ans: V5 overcomes some environmental shortcomings and some technical deficiencies in V4.

7.     What is a nonce?

Ans: A nonce is a value that is used only once, such as a timestamp, a counter, or a random number, the minimum requirement is that it differs with each transaction.

8.     What do you mean by statistical randomness and unpredictable sequence?

Ans: Statistical randomness refers to a property of a sequence of number or letters such that the sequence appears random and passes certain statistical tests that indicate that the sequence has the properties of randomness. If a statistically random sequence is generated by an algorithm, then the sequence is predictable by anyone knowing the algorithm and the starting point of the sequence. An unpredictable sequence is one in which knowledge of the sequence generation method is insufficient to determine the sequence.

9.     What are two different uses of public-key cryptography related to key distribution?

10.  What are the essential ingredients of a public-key directory?

11.  What is a public-key certificate?

12.  What are the requirements for the use of a public-key certificate scheme?

13.  What is the purpose of the X.509 standard?

Ans: X.509 defines a framework for the provision of authentication services by the X.500 directory to its users. The directory may serve as a repository of public-key certificates. Each certificate contains the public key of a user and is signed with the private key of a trusted certification authority. In addition, X.509 defines alternative authentication protocols based on the use of public-key certificates.

14.  What is a chain of certificates?

Ans: A chain of certificates consists of a sequences of certificates created by different certification authorities (CAs) in which successive certificate is a certificate by one CA that certifies the public key of the next CA in the chain.

15.  How is an X.509 certificate revoked?

Ans: The owner of a public-key can issue a certificate revocation list that revokes one or more certificates.

16.  Characteristics of Kerberos.

Ans:  

• Secure: A network eavesdropper should not be able to obtain the necessary information to impersonate a user. More generally, Kerberos should be strong enough that a potential opponent does not find it to be the weak link.  
• Reliable: For all services that rely on Kerberos for access control, lack of availability of the Kerberos service means lack of availability of the supported services. Hence, Kerberos should be highly reliable and should employ a distributed server architecture, with one system able to back up another.  
• Transparent: Ideally, the user should not be aware that authentication is taking place, beyond the requirement to enter a password.  
• Scalable: The system should be capable of supporting large numbers of clients and servers. This suggests a modular, distributed architecture.