Design of a distribution protocol and administration of keys

Person in charge: Dr. Roberto Gómez Cárdenas

The computer security has stopped being preoccupation of great public and/or private organisms. The medium and small organizations, as well as the individuals look for to count on the confidence enough to be able to surely make electronic transactions of which its information is not in any danger. One of the main tools to offer confidence to everybody is the cryptography, which is derived from the cryptology.

All the modern cryptographic methods are based on the key concept. The key is the used element to cipher/decipher messages. Depending on the handling, and the number of keys used in the messages, the modern cryptography is divided in symmetrical and asymmetric. In the symmetrical cryptography the coding key is the same that the decoding one, the key must remain secret and the emitter and the receiver has been agreed previously or there is a center of distribution of keys. The asymmetric methods are characterized because the coding key is different from decoding one. In most of the cases, the coding key is known by the public, whereas the decoding key it is only known by the user. The symmetrical methods are own of the classic cryptography or cryptography of secret key whereas the asymmetric methods correspond to the cryptography of the public key, introduced by Diffie and Hellman in 1976.

The symmetrical algorithms are better and offer almost perfect confidentiality. Nevertheless each organization must assure to the other part that will maintain the key in secret. In many of the cases there is an administrator in charge of the generation, allocation and storage of the keys. This last aspect is relatively easy to implement when it is a reduced number of users, but when we are speaking of great amount of users, like hundreds, the scene changes and the difficulties increase. The objective of this project is to contribute to this area of the knowledge.

The symmetrical cryptography presents like main disadvantages, the one of the distribution of keys, the users must select a key secretly before beginning to communicate. Another problem to solve is the handling of keys, in a network of n users each pair must have its particular secret key, i.e. n(n-1)/2 keys.

The perfect security does not exist, there is only the practical security; reason why a key is somehow exposed whenever it is used. It is necessary to use keys different to different aims and to equip with different keys to different clients or groups of clients. Also it is required to annul the keys used by clients whose privileges have finished.

The primary target is to count on an algorithm of distribution and administration of keys that can cover the deficiencies of the algorithms at the moment. The end item will be the implementation of this algorithm.