Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Key Infrastructure (PKI)

Published byHunter Luscomb Modified over 9 years ago

Similar presentations

Presentation on theme: "Public Key Infrastructure (PKI)"— Presentation transcript:

1 Public Key Infrastructure (PKI)
Jen-Chang Liu, 2004 Ref1: Ch.10, “Cryptography and Network Security”, Stalling, 2003. Ref2: Ch.5, “Cryptography and Network Security”, A. Kahate, McGraw Hill, 2003. Ref3: Ch. 6, “RSA Security’s Official Guide to Cryptography”, 2001

2 Outline Key management in public-key cryptosystem
Public Key Certificate (PKC) X.509 standard Public Key Infrastructure (PKI)

3 Key management (Ref1) Two issues for public-key cryptosystem
Distribution of public keys The use of public-key encryption to distribute secret keys (keys for symmetric cipher) Public announcement Public available directory Public-key authority Public-key certificates

4 1. Public announcement Drawback: the opponent can pretend to be another user Ex. post public keys to public forums, such as USENET newsgroup and Internet mailing list

5

6 2. Public available directory
Some trusted entity maintains a publicly available dynamic directory of public keys {A, KUa } {B, KUb } Register the public key Register the public key Attack: an opponent invades the public-key directory, and counterfeit public keys

7 3. Public-key authority (Fig 10.3)
Central authority: 1. Maintain directory of public keys 2. Each participant knows the public key for the authority A can confirm the message from the authority N1 :認證B的身份 N2 :認證A的身份

8 Outline Key management in public-key cryptosystem
Q: How to authenticate the association between the public key with the owner ? Public Key Certificate (PKC) X.509 standard Public Key Infrastructure (PKI)

9 Public key certificate (PKC 公開金鑰憑證)
A public key certificate signifies the association between my public key and me Ex. Like a driver license or passport Q: Who can approve the association ? A: A trusted entity – Certificate Authority (CA) Q: What is the content of a digital certificate? A: X.509 standard

10 Example: Digital certificate

11 X.509 certificate format 1988, ITU X.509 version 1

12 X.509 V2 extensions: unique identifier
Issuer unique identifier Subject unique identifier Motivation: Deal with the possibility that the issuer (CA’s name) name and the subject name (certificate holder’s name) might be duplicated over time RFC2459 specifies that these two names should never be reused, so V2 extensions are made optional

13 X. 509 V3 certificate extensions
Certificate Revocation List (CRL 憑證廢止列) Certificate policies Authority key identifier: CA may have multiple private-public key pairs. This field defines which of these key pairs is used to sign the certificate Key usage: 1. digital signature 2. Certificate signing 3. CRL signing 4. Key enciphering 5. Data enciphering 6. Diffie-Hellman key exchange

14 Certificate Authority (CA 憑證簽發機構)
CA is a trusted agency that can issue digital certificate. Ex. VeriSign, Entrust, …

15 Outline Key management in public-key cryptosystem
Public Key Certificate (PKC) X.509 standard Public Key Infrastructure (PKI) PKI components Certification creation steps Certificate hierarchies Certificate revocation * Distribution of public keys is non-trivial

16 PKI components The interaction between PKI components End user
Registration authority (RA) CA Key recovery server X.500 directory

17 Registration authority (RA)
RA: an intermediate entity between the end users and the CA Share the workload of CA Accept and verify registration info about new users Generate keys on behalf of the end users Accept and authorize requests for key backups and recovery Accept and authorize requests for certificate revocation RA does not generate certificate CA becomes an isolated entity, which makes it less susceptible to security attacks

18 Key recovery server Q: End users lose their private keys?
A: CA must revoke the corresponding PKC, a new key pair must be generated, a new corresponding PKC must be created A2: provide a key recovery server CA backs up private keys at the time of creation

19 Certificate directory
Q: where to store the certificates? A1: end user stores on his local machine A2: CAs use a certificate directory (or a central storage location) Provide a single point for certificate administration and distribution (ex. for later certificate revocation) Certificate directories need not to be trusted

20 Outline Key management in public-key cryptosystem
Public Key Certificate (PKC) X.509 standard Public Key Infrastructure (PKI) PKI components Certification creation steps (Ref2) Certificate hierarchies Certificate revocation

21 Certificate creation steps
Key generation Registration Verification Certificate creation

22 1. Subject generating his own key pair
RA knows private key! How to transmit it to user? 2. RA generating a key pair for subject

23 Registration (註冊、登錄) Certificate signing request (CSR)
(PKCS#10, part of the Public Key Cryptography Standard)

24 On-line registration example

25 Verification 1. RA verify the user’s credentials
2. Check the Proof of Possession of the private key Q: What if a user claims that she never possessed the private key, when a document signed with her private key causes legal problems? Sol 1: RA demands user to sign her CSR Sol 2: RA generates a random number, encrypt it with the user’s public key, then challenge the user

26 Certificate creation CA creates a digital certificate for the user
Certificates in X.509 standard format Q: Why should we trust digital certificates? Certificate goes to RA (or user) Certificate directory Backup user private key (if necessary)

27 Questions about certificate
Why should we trust digital certificate? Similar to: how do we verify a passport? How does the CA sign a digital certificate? How can we verify a digital certificate?

28 X.509 certificate format

29

30 Question about CA’s public key
How do we get CA’s public key of some certificate ? Get CA’s certificate – which approve the association between the public key with CA Who signs CA’s certificate? The organization of CAs CA hierarchies and self-signed certificate Cross-certification

31 CA hierarchy Purpose: root CA can delegate job to lower CAs
Chain of trust

32 Self-signed certificate for root CA
Who signs for root CA? Root CA is automatic considered as trusted CA 2. Software contains a pre-programmed, hard coded certificated of the root CA 3. The root CA signs its own certificate (self-signed certificate)

33 Example: Self-signed root certificate

34 Cross-certification Root CAs in different countries

35 Outline Key management in public-key cryptosystem
Public Key Certificate (PKC) X.509 standard Public Key Infrastructure (PKI) PKI components Certification creation steps (Ref2) Certificate hierarchies Certificate revocation

36 Certificate revocation 憑證廢止
Ex. lost of credit card, driver license, … Reasons for certification revocation: The private key is compromised The CA made mistakes while issuing a certificate The certificate holder leaves a job,… Before using a certificate, we check Does the certificate belong to the owner? (check certificate signature) Is the certificate valid, or is it revoked?

37 How to revoke a certificate?
Certificate has been issued, how to revoke it?

38 Certificate revocation list (CRL)
CRL is a list of revoked certificates published regularly by CA

39 Validating a certificate using CRL

40 Problems with CRL 1. CRL can be a large file -> long transmission time Sol: delta CRL 2. CRL are published Periodically => can not check online status Sol: online certificate status check

41 Online Certificate Status Protocol
(HTTP) CA setup this server

42 Key management (Ref1) Two issues for public-key cryptosystem
Distribution of public keys The use of public-key encryption to distribute secret keys (keys for symmetric cipher) Public announcement Public available directory Public-key authority Public-key certificates

43 4. Public-key certificates 憑證 (Fig 10.4)
Certificate: contain public key and other information, generate from the certificate authority 1. Anyone can read, verify 2. Only CA can create Application must be in person or by secure channel Time: verify currency of certificate

44 Simple secret key distribution
Public-key scheme has slow data rate use public key to distribute secret key use secret key scheme for data encryption session key (secret key) intercept KUe || IDA E KUe[ Ks ] E KUa[ Ks ] Ks

45 Secret key distribution with confidentiality and authentication
Against active and passive attacks Authenticate B Authenticate A Confidentiality (only B can read) authentication (only A can create it)

46 A hybrid and hierarchical scheme
MKA Use public-key scheme to distribute master key KDC MKB A B C MKA MKB Ks Ks Use master keys with KDC to distribute session key Advantage: Use master key to distribute session keys, instead of using public-key scheme => faster ! Backward compatible to old KDC scheme (master + session key)

Download ppt "Public Key Infrastructure (PKI)"

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Certificates Last Updated: Aug 29, 2013. A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Outline Review of RSA Discrete logarithms Testing for primality Key management in public-key cryptosystem Diffie-Hellman Key exchange.

Outline Review of RSA Discrete logarithms Testing for primality Key management in public-key cryptosystem Diffie-Hellman Key exchange.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

Similar presentations

Ads by Google