The Future of Key Exchanges

Previous page
Table of content
Next page
  

Most key exchanges have been around since the 1970s, many with very little change. Key exchanges have evolved that form these basic algorithms into other protocols such as Public Key Infrastructure (PKI), where Certificate Authorities (CA) manage keys that store RSA key information in an X.509 certificate. Other keys such as DH agreement are done through secure networks; for example, the Simple Key Management for Internet Protocols (SKIP) that is used in Virtual Private Networks.

Cross-Reference  

Chapter 25 describes PKI in more detail. Chapter 24 describes the X.509 specification.

Proximity cards and smart cards

Still other means of key exchanging have evolved through physical mediums like proximity cards. Proximity cards are cards that are issued to people to provide entry into an area. The proximity card provides radio frequencies to activate the entryway or door. The user holds the proximity device, like a card, to a proximity reader to be granted access. The smart card is a similar concept, which contains a modem for I/O, a microprocessor, and some RAM. These cards are very similar in size and shape to a credit card. The smart card offers computational power, where records and keys can be manufactured and stored on the card. The smart card is placed in a smart card reader that might be attached to a computer terminal or desktop. The computer may require information such as a key set or the ability to perform a computation before the computer will even turn on. When the smart card is removed, the computer may turn off.

Other techniques that may be applied using a smart card are the Java buttons and biometric cards. A biometric card uses information that is associated with the medical industry. Medical information could be in the form of a fingerprint. The smart card reader could require a fingerprint record from the card, and next to the computer is a fingerprint scanner that will scan the user's fingerprint. The fingerprint from the card must match the user's fingerprint before access is granted into the system. The Java button can be embedded in a smart card, but also in a key ring, or any other device that is similar in shape and size to a small button. The Java button can have the capability to process public keys in the form of a token. The issue with the DH key exchange is that a man-in-the-middle attack can occur if the messages are captured and resent . The device reader, while using a smart card or Java button, could be a hardware device between the desktop and connected directly to the desktop through an I/O device. Because of this direct hardware connection, there can be no man in the middle listening to the device. The device now uses a form of physical security and a close proximity to ensure that the user is authenticated.

Cross-Reference  

Chapter 14 provides a description of smart card basics.

  

Previous page
Table of content
Next page
Java Security Solutions
Java Security Solutions
ISBN: 0764549286
EAN: 2147483647
Year: 2001
Pages: 222
Authors: Rich Helton, Johennie Helton
BUY ON AMAZON
Systematic Software Testing (Artech House Computer Library)
Junos Cookbook (Cookbooks (OReilly))
Oracle SQL*Plus: The Definitive Guide (Definitive Guides)
Comparing, Designing, and Deploying VPNs
FileMaker 8 Functions and Scripts Desk Reference
Java All-In-One Desk Reference For Dummies
flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net
Privacy policy