Presentation is loading. Please wait.

Presentation is loading. Please wait.

Certificate Revocation Serge Egelman. Introduction What is revocation? Why do we need it? What is currently being done?

Published byJosie Dorton Modified over 9 years ago

Similar presentations

Presentation on theme: "Certificate Revocation Serge Egelman. Introduction What is revocation? Why do we need it? What is currently being done?"— Presentation transcript:

1 Certificate Revocation Serge Egelman

2 Introduction What is revocation? Why do we need it? What is currently being done?

3 Huh? Certificates Are:  Identity Personal Corporate  Financial  Overall Security

4 Why Revoke? Key Compromise Forgotten Passphrase Lost Private Key Stale Keys “PKI is only as secure as the revocation mechanism”

5 Current Standard Certificate Revocation Lists (CRLs)  Serial Numbers  PEM and DER  Expiration Date  Next Update Date  CA Signed  Should Be Publically Available.

6 Obtaining CRLs

7 Certificate Revocation List (CRL): Version 1 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority Last Update: Jan 22 11:00:36 2004 GMT Next Update: Feb 5 11:00:36 2004 GMT Revoked Certificates: Serial Number: 010199E0F79E9034FDD3D176DBB83A05 Revocation Date: Apr 2 15:03:51 2003 GMT Serial Number: 01048336716E434C44813CFCA5A829BF Revocation Date: Sep 17 23:48:52 2002 GMT Serial Number: 0104C6A0285798B92A015D641010279F Revocation Date: May 15 22:03:54 2003 GMT

8 What Are The Problems? CDP Not Specified! CDP Optional! Next Update in Two Weeks!

9 Among All CAs! CDP Protocols: CA NameCDP Protocol EntrustHTTP/LDAP GeoTrustHTTP GlobalSignHTTP GTE CyberTrust HTTP IPSCAHTTP Thawte VerisignHTTP

10 Among All CAs! CRL Lifecycles: CA NameCRL Lifecycle EntrustDaily GeoTrust10 Days GlobalSign30 Days GTE CyberTrust6 Months IPSCA30 Days Thawte30 Days Verisign14 Days

11 CA Market Share

12 There Must Be Another Way! Online Certificate Status Protocol (RFC 2560) Real-Time Three Responses Burden Moved to Server

13 OCSP OCSP Servers:  CA Run  CA Delegated  Trusted Third Parties Client Knows Server Address Client Sends Serial Number Server Sends Signed Response

14 The Next Problem Knowing Location of Server! System Is Useless So What Can We Do?

15 A Solution The DNS System  Referrals  Client Only Needs Address of Any Server!  Authority is Delegated The Service Locator Extension  Specifics Undefined  Not Currently Being Used Signed Response  Local Responder or CA Key

16 So What? OCSP Can Mimic DNS  Local Responders  Authoritative Responders  Root OCSP Servers  Nothing Known About Authoritative Responder!

17

18

19 Key Points Every PKI Needs Revocation! CRLs Bad! OCSP Good!

20 Conclusion Terrorist, Terrorist, Terrorist 9/11, 9/11 God Bless America

21 References Ron Rivest, Can We Eliminate Certificate Revocation Lists?, Financial Cryptography, 1998. Patrick McDaniel and Aviel Rubin, A Reponse to “Can We Eliminate Certificate Revocation Lists?,” Financial Cryptography, 2000. Serge Egelman, Josh Zaritsky, and Anita Jones, Improved Certificate Revocation with OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams, X.509 Internet Public Key Infrastructure: Online Certificate Status Protocol (OCSP), IETF RFC 2560. R. Housley, W. Polk, W. Ford, and D. Solo, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, IETF RFC 2459.

22 Questions?

Download ppt "Certificate Revocation Serge Egelman. Introduction What is revocation? Why do we need it? What is currently being done?"

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
A Framework for Distributed OCSP without Responders Certificate

A Framework for Distributed OCSP without Responders Certificate
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.

CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
CP3397 ECommerce.

CP3397 ECommerce.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.
Certificates Last Updated: Aug 29, 2013. A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.

Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
1 eID validations services Houcine Bel Mamoune Unit manager eID Technical Drill down Session 7 April 2005.

1 eID validations services Houcine Bel Mamoune Unit manager eID Technical Drill down Session 7 April 2005.
Fed/Ed PKI 2008, June Subject Unique Identifier or Equivalent William A. Weems & Mark B. Jones Academic Technology U. Texas Health Science Center at Houston.

Fed/Ed PKI 2008, June Subject Unique Identifier or Equivalent William A. Weems & Mark B. Jones Academic Technology U. Texas Health Science Center at Houston.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Session 7 – Contents Certificates Public Key Infrastructure

Session 7 – Contents Certificates Public Key Infrastructure
Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Slide 1 Many slides from Vitaly Shmatikov, UT Austin Public-Key Infrastructure CNS F2006.

Slide 1 Many slides from Vitaly Shmatikov, UT Austin Public-Key Infrastructure CNS F2006.

Similar presentations

Ads by Google