Đang chuẩn bị nút TẢI XUỐNG, xin hãy chờ
Tải xuống
Lecture 10, key distribution for symmetric key cryptography and generating random numbers. The goals of this chapter are: Why might we need key distribution centers? Master key vs. session key, hierarchical and decentralized key distributions, generating pseudorandom numbers. | Lecture 10: Key Distribution for Symmetric Key Cryptography and Generating Random Numbers Lecture Notes on “Computer and Network Security” by Avi Kak (kak@purdue.edu) February 11, 2016 4:07pm c 2016 Avinash Kak, Purdue University Goals: • Why might we need key distribution centers? • Master key vs. Session key • Hierarchical and decentralized key distributions • Generating pseudorandom numbers • Generating cryptograhically secure pseudorandom numbers • Hardware and software entropy sources for truly random numbers • A word of caution regarding software entropy sources CONTENTS Section Title Page 10.1 The Need for Key Distribution Centers 3 10.2 The Needham-Schroeder Key Distribution Protocol 5 10.2.1 Some Variations on the KDC Approach to Key Distribution 10 10.3 Kerberos 12 10.4 Random Number Generation 23 10.4.1 When are Random Numbers Truly Random? 25 10.5 Pseudorandom Number Generators (PRNG): Linear Congruential Generators 27 10.6 Cryptographically Secure PRNGs: The ANSI X9.17/X9.31 Algorithm 32 10.7 Cryptographically Secure PRNGs: The Blum Blum Shub Generator (BBS) 37 10.8 Entropy Sources for Generating True Random Numbers 40 10.9 Software Entropy Sources 47 10.9.1 /dev/random and /dev/urandom as Sources of Random Bytes 49 10.9.2 EGD — Entropy Gathering Daemon 54 10.9.3 PRNGD (Pseudo Random Number Generator Daemon) 58 10.9.4 A Word of Caution Regarding Software Sources of Entropy 60 10.10 Homework Problems 63 2 Computer and Network Security by Avi Kak Lecture 10 10.1: THE NEED FOR KEY DISTRIBUTION CENTERS • Let’s say we have a large number of people, processes, or systems that want to communicate with one another in a secure fashion. Let’s further add that this group of people/processes/systems is not static, meaning that the individual entities may join or leave the group at any time. • A simple-minded solution to this problem would consist of each party physically exchanging an encryption key with .