1) first let's compare that if all keys stored
in server:
a) full-meshed topology:
It's celar that the RSA public keys is much less
than the symmetric keys
in terms of number and the device/public-key
association vs. link/public-key association.
In addition, for RSA public key model,
the server in each realm can exchange the stored
id/public-key info. without compromise
any privacy
of involed devices. It is scalable that it can
incorporate as many as
servers of realms in the
internet.
[--------cliff-----] I have already said if you just
compare the number of keys, RSA wins, in the case of a full mesh. But there
are other issues in the comparison, other than just the number of keys
needed.
Without CA/cert, the public key/ID binding is
questionable. Also this binding/security topic
is off the scalability issue that my comparison focuses on,
within a single realm. If you want to expand the comparion to cross-realm, I
can do another number comparison.
b) star topology:
Appx. same number of keys stored for both
method.
However, the star topooloy Is not scable as
the full-meshed topology:
Hub-spoke topology limits the spoke have only 1
secure link.
It is difficult for a device
to join across two different spoke-hub.
Hence, it is only good for a small realm and
is not as scable as a meshed model.
The Hub-spoke is not what internet's
(IP) farvorite topology and don't mention about
secured internet.
[------cliff------] again, you are off the topic. We
are not talking about the topology comparison, full mesh vs
hub-spoke.
On the contrary to
your claim, in our real-world deployment experience, hub-spoke is much more
popular.
The reason I did
both full mesh and hub-spoke is because they represent two ends of
spectrum.
2) what if no server is used. (this means no
3rd-party's help and
no out-of-band secure
channel)
For both the pre-share RSA and symmetric key have
same issue of
mutual authentication at
beginning...
[--------cliff-----] if you name a key delivery
scheme, we can do a number comparison, as I did before.
Operational cost is a factor of mathematical
effeciency, there are lots of algorithms/variations
for symmetric and asymmetric
keys.
[--------cliff-----] agree. That's why you need to make your assumption
first. But key delivery cost is quite independent of mathematics and probably
the most demanding job in terms of scalability.
Let's deal with topology first.
--- David
----- Original Message -----
Sent: Monday, December 03, 2001 2:17
PM
Subject: RE: On shared keys (was RE:
SOI: identity protection and DOS)
David,
I
have been trying to convince people that RSA public operation provides no
clear scalability adavantage over symmetric key. So let me do a orange to
orange comparison again using a full mesh and a hub-spoke case. I am only
willing to agree with your saying that RSA is better in
scalability if such comparison proves it.
Assumption:
1)
No CA
2)
RSA key pair generated in device. Symmetric key generated in
server.
3)
Server needs to deliver either public key or symmetric
key.
case 1: Full mesh: N*(N-1)/2
tunnels
RSA
PSK
1)
total number of
keys N
key
pair
N*(N-1)/2 PSK
2)
key generation
cost high
low
3)
number of key delivery
N*(N-1) N*(N-1)
4)
key storage on the box
1 private
key N-1
PSK
N public key
5)
authentication calculation high
low
cost
6)
key on
server
N public
key
N*(N-1)/2 (usually not stored)
case 2 : hub-spoke : N-1
tunnels
RSA
PSK
1)
total number of
keys N
key
pair N-1
PSK
2)
key generation
cost high
low
3)
number of key delivery
(N-1)*2 (N-1)*2
4)
key storage on the box
hub
N public key
N-1 PSK
spoke 2
public
key 1
PSK
5)
authentication calculation high
low
cost
6)
key on
server
N public
key
N-1 (usually not stored)
So
if you are only considering the total number of keys, RSA wins. If you look
at overall operation cost, the comparison speaks itself. Unfortunately, there is a lack of scalability
adavantage for RSA.
>