Encryption Keys Used to Ensure Secure Communication Sessions - Essay Example

Public key encryption is intended to use two keys; one private key and another public key. Each key is assigned to either encrypt or decrypt. On the other hand, single-key encryption only uses a single secret key for both the encryption and decryption of messages. A hybrid of the two that is single key and public key encryption is what the modern encryption model entails to help establish reliable secure sessions. According to De & Yung (2006, 127), session keys help enhance the security of a system in cases where two parties have an encrypted connection to a third party. By use of these session keys, the third party can deliver keys to the other two parties on the encrypted links.

Session keys are established by the use of Diffie-Hellman key exchange which enables the secret exchange of keys between two users on a communication channel by the use of exchange algorithms. This way of key generation does not require the presence of a central authentication server or any key distribution center. These two users maintain a secured encrypted message through a partial share of information. Some data is privately stored while some are publicly given for the other party to use. Using exchange algorithms, the two parties can use the publicly aired data to encrypt hidden messages from senders on a crowded communication channel (De & Yung 2006, 127). User 1 computes the key using the public data given by user 2 and vice vise. Both calculations will eventually yield similar results indicating a common interpretation.

Kerberos V4 uses session keys to help maintain a secured communication protocol (Bao, Deng & Zhou 2004, 30). Kerberos v4 is useful in verifying users at workplaces who would wish to access services within a network. Session keys used in Kerberos would restrict access only to identified and authorized users and would accurately authenticate requests for use. These authentication procedures make the use of session keys very relevant in Kerberos. It will be almost impossible for another side user to communicate with the server since the given session key is encrypted using the password of the authorized client.

However, there also poses a risk of an attacker replaying an old message to the server since the same ticket is used repeatedly. Despite the inherent risk of attack, in a new version of Kerberos V5, clients and users could negotiate a new session key thus reducing the risk of attack through replay messages.
In the secured socket layers, the areas that involve the use of session keys within the SSL protocol suite are the cipher suite and random exchange. The random exchange involves a random number that is sent by both parties, which will later create secret session keys. According to Oppliger (2009, 84), the sender’s DSS or RSA keys sign the exchange keys. The respondent will then authenticate the signatures using public keys. Despite the level of security from the encryption protocol, there is also a possibility of network burden as session keys delay the exchange of information.
Part 2
Application layer
Encrypting information at the application layer is advantageous because it protects sensitive information and controls access to the information in a more convenient way than cryptography at any other level. This is because this layer identifies sensitive data and offers security selectively to the sensitive data. This layer knows the user's entitlements and roles, therefore, provides protection accordingly. According to Deng & Zhou (2004, 127), this is different from cryptography at the network layer where there is no selective protection because of unknown users’ entitlements. Another advantage of encryption at this level is that the management can tailor the types of protection to suit their specific application needs.
Disadvantages of cryptography at this stage include the application requiring modifications during changes and thus may be inappropriate since changing the application requires highly technical skills which may be unavailable at a specific time. Encryption at this level affects system performance since it is CPU intensive and therefore uses the majority of system resources thus lowering the system’s performance. In addition, where different systems share common data, encryption at this level may cause the breaking down of systems when adding cryptographic protocols to another system.

Network layer
Kahate (2003, 363) states that implementation of encryption at this layer occurs at sources and destination nodes, for instance, IP addresses. The cryptographic protocols encapsulate the network packets within the IP packets. One major advantage of this encryption is that it is not concerned with the details of the data transmitted. The end user cannot witness this encryption. Besides, this level of encryption does not interfere with other cryptographic protocols.
Disadvantages include users being unaware of security breaks which affect negatively other users. In addition, selective protection is impossible because the protocols are unaware of the users’ entitlements and roles. Read More