[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: On shared keys (was RE: SOI: identity protection and DOS)



Title: Message
Cliff,
Let's look at this example with some further definition to show why the RSA is more
scalable than the symmetric keys.
 
1) first let's compare that if all keys stored in  server:
a) full-meshed topology:
It's celar that the RSA public keys is much less than the symmetric keys 
in terms of number and the device/public-key association vs. link/public-key association.
In addition, for RSA public key model,
the server in each realm can exchange the stored id/public-key info. without compromise
any privacy of involed devices.  It is scalable that it can incorporate as many as
servers of realms in the internet. 
 
b) star topology:
Appx. same number of keys stored for both method.
However, the star topooloy Is not scable as the full-meshed topology:
Hub-spoke topology limits the spoke have only 1 secure link.
It is difficult for a device to join across two different spoke-hub.
Hence, it is only good for a small realm and is not as scable as a meshed model.
The Hub-spoke is not what internet's (IP) farvorite topology and don't mention about
secured internet. 
 
2) what if no server is used. (this means no 3rd-party's help and
    no out-of-band secure channel)
For both the pre-share RSA and symmetric key have same issue of
mutual authentication at beginning...
 
 
Operational cost is a factor of mathematical effeciency, there are lots of algorithms/variations
 for symmetric and asymmetric keys.  
 
Let's deal with topology first.
 
--- David
 
 
 
 
----- Original Message -----
From: Wang, Cliff
To: 'david chen' ; Sandy Harris ; 'IPsec WG'
Sent: Monday, December 03, 2001 2:17 PM
Subject: RE: On shared keys (was RE: SOI: identity protection and DOS)

David,
 
I have been trying to convince people that RSA public operation provides no clear scalability adavantage over symmetric key. So let me do a orange to orange comparison again using a full mesh and a hub-spoke case. I am only willing to agree with your saying that RSA is better in scalability if such comparison proves it.
 
Assumption:
1) No CA
2) RSA key pair generated in device. Symmetric key generated in server.
3) Server needs to deliver either public key or symmetric key.
 
case 1:  Full mesh:  N*(N-1)/2  tunnels 
 
                                             RSA                        PSK                
1) total number of keys            N key pair                N*(N-1)/2 PSK
2) key generation cost             high                         low
3) number of key delivery          N*(N-1)                    N*(N-1)
4) key storage on the box         1 private key            N-1 PSK
                                              N public key   
5) authentication calculation      high                         low
    cost
6) key on server                      N public key             N*(N-1)/2  (usually not stored)
 
 
case 2 : hub-spoke :  N-1 tunnels
 
                                             RSA                        PSK                
1) total number of keys             N key pair               N-1  PSK
2) key generation cost              high                        low
3) number of key delivery          (N-1)*2                    (N-1)*2
4) key storage on the box        
    hub                                     N public key            N-1  PSK
    spoke                                 2 public key              1 PSK
5) authentication calculation      high                         low
    cost
6) key on server                      N public key             N-1 (usually not stored)
 
So if you are only considering the total number of keys, RSA wins. If you look at overall operation cost, the comparison speaks itself. Unfortunately, there is a lack of scalability adavantage for RSA.
 
 
 
>

References: