Applications of Cryptography

Ensure file integrity and protect against tampering. Cryptographic techniques can be used to guarantee that only authorized personnel can modify or install certain files.

Archive important data so that it can be accessed only by authorized personnel.

Protect intellectual property.

Point-to-Point Applications

Applications that require establishing a secure link between two nodes are very common and may have different topologies. However, their similarities allow them to be treated in a comparable manner. Secure point-to-point communication is needed if:

Communication takes place between exactly two nodes.

The primary security consideration is to allow the two nodes to communicate privately and to prevent others from eavesdropping on the traffic.

Here are some applications that require secure point-to-point data communication:

Computer hardware links connecting two nodes

Satellite or cellular communications

A single transaction between two nodes in a larger network

Here is a typical scenario for implementing applications in this class, using key agreement with stream-cipher encryption.

1.Compute the Diffie-Hellman parameters for both nodes. This must be done before a communication session is established. When a link is requested, the parameters should be waiting for the nodes.

A new Diffie-Hellman parameter set is not necessary each time you generate a session key; it is safe to use one set of Diffie-Hellman parameters for many key- agreement sessions. In addition, either of the nodes can generate the parameters and transmit the values over any channel.

2.Establish an agreed-upon secret value using Phase 1 and Phase 2 of the Diffie- Hellman key-agreement protocol. See “Diffie-Hellman Public Key Agreement” on page 62 for an overview of this process.

3.Compute an RC4 key for the session using the agreed-upon secret value. The RC4 key may be shorter than a Diffie-Hellman secret value. The application must determine the procedure for extracting the required bits. A single Diffie-Hellman agreement may also be used to generate multiple RC4 keys.

8 4

R S A B S A F E C r y p t o - C D e v e l o p e r ’s G u i d e

Page 106
Image 106
RSA Security 5.2.2 manual Point-to-Point Applications