1) first let's compare that if all keys
stored in server:
a) full-meshed topology:
It's celar that the RSA public keys is much
less than the symmetric keys
in terms of number and the
device/public-key association vs. link/public-key
association.
In addition, for RSA public key model,
the server in each realm can exchange the
stored id/public-key info. without compromise
any privacy
of involed devices. It is scalable that it can
incorporate as many as
servers of realms in the
internet.
[--------cliff-----] I have already said if you
just compare the number of keys, RSA wins, in the case of a full mesh.
But there are other issues in the comparison, other than just the number
of keys needed.
Without CA/cert, the public key/ID binding is
questionable. Also this binding/security topic
is off the scalability issue that my comparison focuses
on, within a single realm. If you want to expand the comparion to
cross-realm, I can do another number comparison.
b) star topology:
Appx. same number of keys stored for both
method.
However, the star topooloy Is not
scable as the full-meshed topology:
Hub-spoke topology limits the spoke have
only 1 secure link.
It is difficult
for a device to join across two different spoke-hub.
Hence, it is only good for a small
realm and is not as scable as a meshed model.
The Hub-spoke is not
what internet's (IP) farvorite topology and don't mention
about
secured internet.
[------cliff------] again, you are off the
topic. We are not talking about the topology comparison, full mesh vs
hub-spoke.
On the
contrary to your claim, in our real-world deployment experience,
hub-spoke is much more popular.
The reason I
did both full mesh and hub-spoke is because they represent two ends of
spectrum.
2) what if no server is used. (this means
no 3rd-party's help and
no out-of-band secure
channel)
For both the pre-share RSA and symmetric
key have same issue of
mutual authentication at
beginning...
[--------cliff-----] if you name a key delivery
scheme, we can do a number comparison, as I did
before.
Operational cost is a factor of
mathematical effeciency, there are lots of
algorithms/variations
for symmetric and asymmetric
keys.
[--------cliff-----] agree. That's why you need to make your
assumption first. But key delivery cost is quite independent of
mathematics and probably the most demanding job in terms of
scalability.
Let's deal with topology
first.
--- David
----- Original Message -----
Sent: Monday, December 03, 2001
2:17 PM
Subject: RE: On shared keys (was
RE: SOI: identity protection and DOS)
David,
I have been trying to convince people that
RSA public operation provides no clear scalability adavantage over
symmetric key. So let me do a orange to orange comparison again using
a full mesh and a hub-spoke case. I am only willing to agree with your
saying that RSA is better in scalability if such comparison
proves it.
Assumption:
1) No CA
2) RSA key pair generated in device.
Symmetric key generated in server.
3) Server needs to deliver either public key
or symmetric key.
case 1: Full
mesh: N*(N-1)/2 tunnels
RSA
PSK
1) total number of
keys N
key
pair
N*(N-1)/2 PSK
2) key generation
cost high
low
3) number of key
delivery
N*(N-1) N*(N-1)
4) key storage on the
box 1 private
key
N-1 PSK
N public key
5)
authentication calculation high
low
cost
6) key on
server
N public
key
N*(N-1)/2 (usually not stored)
case 2 : hub-spoke : N-1
tunnels
RSA
PSK
1) total number of
keys N
key
pair N-1
PSK
2) key generation
cost high
low
3) number of key
delivery
(N-1)*2 (N-1)*2
4) key storage on the
box
hub
N public
key
N-1 PSK
spoke 2
public
key 1
PSK
5)
authentication calculation high
low
cost
6) key on
server
N public
key
N-1 (usually not stored)
So if you are only considering the total
number of keys, RSA wins. If you look at overall operation cost, the
comparison speaks itself. Unfortunately, there is a lack
of scalability adavantage for RSA.
>