next up previous
Next: User Oriented Goals Up: A Hierarchy of Extensional Previous: A Hierarchy of Extensional

Key Oriented Goals

As has been seen in the last section, there is broad agreement in the research community about the extensional goals in key establishment protocols. These goals may be reached by considering what may be achieved with typical message components. There are only three types of message components that are conventionally used in cryptographic protocols for key establishment and entity authentication. These are:

1.
secrets which include long-term keys and session keys.
2.
identifiers for protocol principals.
3.
nonces which may be random values, timestamps or counters.

These components are combined and processed with cryptographic mechanisms to provide confidentiality and/or authentication.

Consider key establishment. A new session key K may be associated with a nonce, or with identifiers of protocol principals. In practice a session key is not of any use unless it is known to be fresh and it is known which other entities possess it. Comparison with the definitions in section 2 shows that most authors agree that secure key establishment should require the two extensional goals that the key is known to be fresh and is known only to the other protocol participant(s), possibly including trusted third parties. This is often referred to as establishing a good key.

Good Key
for use with B . A accepts the key for use with B only if:

next up previous
Next: User Oriented Goals Up: A Hierarchy of Extensional Previous: A Hierarchy of Extensional