Key Distribution and User Authentication
Student’s Name
University Affiliation
Course
Date
4.1 List ways in which secret keys can be distributed to two communicating parties.
For two parties such as B and C, the following are the options:
- A third party can select the specific key and deliver it physically to B and C.
- A key can be selected by party B and be physically delivered to C.
- When B and C have been recently used a given key, then one party can transmit the new key to the other by the use of the old key to encrypt the new key.
- More so, if the two parties B and C, have an encrypted connection to another third-party D, then D could deliver a key on the encrypted links to B and C.
4.2 What is the difference between a session key and a master key?
A session key- is a key that is randomly generated to safeguard the security of a session of communication between the user of one computer to another, it is, therefore, an encryption and decryption key. In contrast, a master key is a key used for encoding purposes of transmission of session key between the key distribution and a principal key.
4.3 What is a key distribution centre?
Is a component in an access control system that is responsible for servicing of the user requests in accessing resources through the supply access tickets and session keys.
4.4 What entities constitute a full-service Kerberos environment?
A full-service Kerberos environment consists of a server known as Kerberos, a number of clients and application servers.
4.5 In the context of Kerberos, what is a realm?
A realm is an environment in which the Kerberos server has to share a secret key with every server, and all of these servers are registered by the Kerberos server.
4.6 What are the principal differences between version 4 and version 5 of Kerberos?
Version 4 works on the receiver-makes-right encoding system, while version 5 works on the ASN.1 encoding system.
4.7 What is a nonce?
The nonce is a value which is only used once, such as timestamp, a counter or a random number, the minimum requirement is that differs with every transaction.
4.8 What are two different uses of public-key cryptography related to key distribution?
It can be used to encrypt the message that is, in turn, decrypted by the use of a private key.
The public key cryptography is also used as digital signatures.
4.9 What are the essential ingredients of a public-key directory?
A participant may replace the key that exists with a new one at any time.
With an entry for each participant, the authority maintains a directory.
Access can be made by the directory electronically participants.
4.10 What is a public-key certificate?
Is an electronic document which is used in proving public key ownership.
4.11 What are the requirements for the use of a public-key certificate scheme?
A participant can do the expiry of a certificate or verification of currency, but only the certificate authority can create or update the certificates.
4.12 What is the purpose of the X.509 standard?
It is a digital certificate that uses the universally accepted international X.509 public key infrastructure (PKI) standard. It is used to verify that the public indeed belongs to the said user (Feng, Sherali & Huaqun Wang, 2018). X.509 specifies a framework for the provision of authentication services by the X.500 directory to its users.
4.13 What is a chain of certificates?
It consists of a pattern of certificates that are created by different Certificate Authorities whereby the consecutive certificate by one CA which guarantees the public key of the next Certificate Authorities in the sequence.
4.14 How is an X.509 certificate revoked?
It can be revoked when the owner of a public-key can issue a certificate to revoke the list of one or more certificates.
References
Feng, Q., He, D., Zeadally, S., & Wang, H. (2018). Anonymous biometrics-based authentication scheme with key distribution for mobile multi-server environment. Future Generation Computer Systems, 84, 239-251.