Key Distribution for Symmetric Key Cryptography: A Review

To read the full-text of this research, you can request a copy directly from the author.


In today’s digital communication era sharing of information is increasing significantly. The information being transmitted is vulnerable to various passive and active attacks. Therefore, the information security is one of the most challenging aspects of communication. Cryptography plays an integral role in secure communication and it provides an excellent solution to offer the necessary protection against the data intruders. One of the cryptographic technique is a symmetric cryptography; In this technique the sender and receiver use the same key to do encryption and decryption of the data. This secret key must be shared between the sender and the receiver. Therefore this paper presents a study on distribution of key among the sender and receiver in symmetric cryptography and also it gives the study on authentication of the clients in distributed network. Many protocols are used to make key distribution among the clients and authentication of the clients in distributed network. The main two are Needham-Schroeder key distribution protocol and Kerberos protocol

No full-text available

Request Full-text Paper PDF

To read the full-text of this research,
you can request a copy directly from the author.

... Yashaswini [7] key distribution for symmetric key cryptography is studied. Many protocols are used to make key distribution among the clients and authentication of the clients in distributed network. ...
... Experimental results show that execution time for data retrieval process. (2) and figure (7) and the results show the retrieving by using the first key management method faster than retrieving by using other key management method, but the first key management method caused load on the server site so it was not proper to be used when dealing with big databases. In this work the row store database or column store database was used according to user request if the user wants to retrieve from the original database the row store database was used and if the user wants to retrieve from the file that was included only query relevant data the column store database was used; the column store database will be more faster in the query processing time because the searching operation was done on only relevant data instead of whole data. ...
... Pada masa yang sama, ini akan menjadikannya sukar untuk menukar kunci sekiranya ia jatuh ke tangan penceroboh. Pengagihan kunci melalui rangkaian akan memberikan lebih fleksibiliti kerana kunci boleh ditukar dan tidak perlu dihasilkan semasa pembuatan dan disembunyi secara fizikal semasa penghantaran (Wini J 2015). Tetapi ini bermakna bahawa rangkaian yang digunakan untuk pengagihan kekunci perlu dilindungi semasa proses pemindahan. ...
Full-text available
This chapter discusses about the Industrial Revolution 4.0 (4IR) which is a topic that is being talked about all over the world nowadays and Malaysia is not exempted from the development of this revolution. Industrial Revolution 4.0 leads to a paradigm shift in the economy, social life, health, education, lifestyle, employment and skill development (Kamaruzaman et al. 2019). This Industrial Revolution 4.0 is driven by three main domains namely physical, digital and biological supported by nine main pillars namely Internet of Things, computer simulation, virtual reality, system integration, cyber security, cloud computing, manufacturing, three-dimensional printing and robotic automation.
... Therefore, the use of the symmetric key for origin authentication needs to support a mechanism for managing and distributing secure keys between a pair of CAN nodes. When performing origin authentication using symmetric keys, many studies employ different methods to periodically distribute new secret keys [36][37][38]. Designing a sophisticated key distribution mechanism, however, may require the sacrifice of real-time transmission to CAN nodes. For instance, if the secret key used between the sending and receiving nodes is newly distributed for every transmission, the transmission of a CAN frame that should be transmitted at a predefined schedule can be delayed due to the time that it takes to distribute the secret key between CAN nodes. ...
Full-text available
Automotive cyber-physical systems are in transition from the closed-systems to open-networking systems. As a result, in-vehicle networks such as the controller area network (CAN) have become essential to connect to inter-vehicle networks through the various rich interfaces. Newly exposed security concerns derived from this requirement may cause in-vehicle networks to pose threats to automotive security and driver’s safety. In this paper, to ensure a high level of security of the in-vehicle network for automotive CPS, we propose a novel lightweight and practical cyber defense platform, referred to as CANon (CAN with origin authentication and non-repudiation), to be enabled to detect cyber-attacks in real-time. CANon is designed based on the hierarchical approach of centralized-session management and distributed-origin authentication. In the former, a gateway node manages each initialization vector and session of origin-centric groups consisting of two more sending and receiving nodes. In the latter, the receiving nodes belonging to the given origin-centric group individually perform the symmetric key-based detection against cyber-attacks by verifying each message received from the sending node, namely origin authentication, in real-time. To improve the control security, CANon employs a one-time local key selected from a sequential hash chain (SHC) for authentication of an origin node in a distributed mode and exploits the iterative hash operations with randomness. Since the SHC can constantly generate and consume hash values regardless of their memory capacities, it is very effective for resource-limited nodes for in-vehicle networks. In addition, through implicit key synchronization within a given group, CANon addresses the challenges of a key exposure problem and a complex key distribution mechanism when performing symmetric key-based authentication. To achieve lightweight cyber-attack detection without imposing an additive load on CAN, CANon uses a keyed-message authentication code (KMAC) activated within a given group. The detection performance of CANon is evaluated under an actual node of Freescale S12XF and virtual nodes operating on the well-known CANoe tool. It is seen that the detection rate of CANon against brute-force and replay attacks reaches 100% when the length of KMAC is over 16 bits. It demonstrates that CANon ensures high security and is sufficient to operate in real-time even on low-performance ECUs. Moreover, CANon based on several software modules operates without an additive hardware security module at an upper layer of the CAN protocol and can be directly ported to CAN-FD (CAN with Flexible Data rate) so that it achieves the practical cyber defense platform.
... In encryption systems over the network, manual key distribution is confusing, especially in distributed systems over a wide area network [3]. A better way to distribute keys for both sender and recipient to have a thirdparty encrypted connection, which in turn delivers the key through encrypted links to both sender and recipient [4]. Many biometric-based authentication approaches are proposed some of these are based on smart cards for multi-server environment [3], others integrated passwords with biometric for multi-server environment, authentication [5]. ...
Full-text available
The authentication is one of the main objectives of cryptographic systems, through which two parties sharing encrypted communication could authenticate each other. To achieve this goal, many approaches and protocols have been proposed, some of which are based on passwords and others based on smart cards. Those approaches have many drawbacks, including passwords, are prone to forgetfulness, divulged, or hacking as well as smart cards might be lost, stolen, or shared. If these approaches are compared with biometric approaches such as fingerprint and iris, it found that biometric approaches have no such defects; biometric systems have therefore gained considerable attention. This research presents a robust scheme based on the fingerprint biometrics to share confidential key of symmetric cryptography between two parties through the Keys Sharing Center (KSC) as a third party which activated on secure and trusted server. The client/server architecture was used to implement the proposed scheme. The proposed scheme was implemented in a way similar to the e-mail service, so it required the use of the ID account for each user, through which any two parties could share the encrypted confidential key through KSC. The proposed scheme is implemented in local area network. The security and performance are discussed to show that the proposed scheme is highly secure, practical and robust.
Full-text available
Any communication in the language that youand I speak—that is the human language, takesthe form of plain text or clear text. That is, amessage in plain text can be understood byanybody knowing the language as long as themessage is not codified in any manner. So, nowwe have to use coding scheme to ensure thatinformation is hidden from anyone for whom itis not intended, even those who can see thecoded data.