1) first let's compare that if all keys
stored in server:
a) full-meshed topology:
It's celar that the RSA public keys is much
less than the symmetric keys
in terms of number and the device/public-key
association vs. link/public-key association.
In addition, for RSA public key model,
the server in each realm can exchange the
stored id/public-key info. without compromise
any privacy
of involed devices. It is scalable that it can
incorporate as many as
servers of realms in the
internet.
[--------cliff-----] I have already said if you
just compare the number of keys, RSA wins, in the case of a full mesh. But
there are other issues in the comparison, other than just the number of
keys needed.
Without CA/cert, the public key/ID binding is
questionable. Also this binding/security topic
is off the scalability issue that my comparison focuses on,
within a single realm. If you want to expand the comparion to cross-realm,
I can do another number comparison.
b) star topology:
Appx. same number of keys stored for both
method.
However, the star topooloy Is not scable
as the full-meshed topology:
Hub-spoke topology limits the spoke have only
1 secure link.
It is difficult for a
device to join across two different spoke-hub.
Hence, it is only good for a small realm
and is not as scable as a meshed model.
The Hub-spoke is not
what internet's (IP) farvorite topology and don't mention
about
secured internet.
[------cliff------] again, you are off the topic.
We are not talking about the topology comparison, full mesh vs
hub-spoke.
On the
contrary to your claim, in our real-world deployment experience, hub-spoke
is much more popular.
The reason I
did both full mesh and hub-spoke is because they represent two ends of
spectrum.
2) what if no server is used. (this means no
3rd-party's help and
no out-of-band secure
channel)
For both the pre-share RSA and symmetric key
have same issue of
mutual authentication at
beginning...
[--------cliff-----] if you name a key delivery
scheme, we can do a number comparison, as I did
before.
Operational cost is a factor of mathematical
effeciency, there are lots of algorithms/variations
for symmetric and asymmetric
keys.
[--------cliff-----] agree. That's why you need to make your
assumption first. But key delivery cost is quite independent of
mathematics and probably the most demanding job in terms of
scalability.
Let's deal with topology first.
--- David
----- Original Message -----
Sent: Monday, December 03, 2001
2:17 PM
Subject: RE: On shared keys (was
RE: SOI: identity protection and DOS)
David,
I have been trying to convince people that RSA
public operation provides no clear scalability adavantage over symmetric
key. So let me do a orange to orange comparison again using a full mesh
and a hub-spoke case. I am only willing to agree with your
saying that RSA is better in scalability if such comparison
proves it.
Assumption:
1) No CA
2) RSA key pair generated in device. Symmetric
key generated in server.
3) Server needs to deliver either public key or
symmetric key.
case 1: Full
mesh: N*(N-1)/2 tunnels
RSA
PSK
1) total number of
keys N
key
pair
N*(N-1)/2 PSK
2) key generation
cost high
low
3) number of key
delivery
N*(N-1) N*(N-1)
4) key storage on the
box 1 private
key
N-1 PSK
N public key
5)
authentication calculation high
low
cost
6) key on
server
N public
key
N*(N-1)/2 (usually not stored)
case 2 : hub-spoke : N-1
tunnels
RSA
PSK
1) total number of
keys N
key
pair N-1
PSK
2) key generation
cost high
low
3) number of key
delivery
(N-1)*2 (N-1)*2
4) key storage on the
box
hub
N public key
N-1 PSK
spoke 2
public
key 1
PSK
5)
authentication calculation high
low
cost
6) key on
server
N public
key
N-1 (usually not stored)
So if you are only considering the total number
of keys, RSA wins. If you look at overall operation cost, the comparison
speaks itself. Unfortunately, there is a lack of scalability
adavantage for RSA.
>