Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

Similar presentations


Presentation on theme: "1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler."— Presentation transcript:

1 1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler

2 2 Agenda Role of trust PKI concepts PKI components Management framework Passport signing requirement Deployment issues Operational Issues Guidance

3 3 Security Model Must answer the questions: –What data are we protecting? integrity of biometric information on chip in passport –Why are we protecting it? Maintain integrity of passport –Who or what are we protecting it against? Those who would seek to alter data to falsify passport –When are we protecting it? Throughout the life of the passport For passport issuers, the model revolves around TRUST

4 4 The Role of Trust Trust is usually based on some form of identity Direct Trust –Based on personal relationship, where trust is handled directly –Breaks down when too many members in trusted relationship to handle directly Third Party trust –Trust in individual changes to trust in a system –Passports represent the national identity of an individual

5 5 PKI Concept Public Key Infrastructure based on asymmetric cryptography. Relies on a key pair, one private and one public –Private key is secret –Public key is freely available, linked to identity of certificate owner –Private key cannot be computed from public key Concept is then applied into applications

6 6 Public Key Infrastructure Business uses include: –Authentication of identity for individual, organization or device (authentication) –Confirmation that data has not been tampered with (integrity) –Confirmation that transaction took place (non-repudiation) –Maintain data confidentiality (encryption) –Guarantee that transaction took place at specific time (secure time stamp)

7 7 PKI Components Mechanism to issue certificates –Certificate authority (CA) Mechanism to validate certificates –Directory services –Certificate Revocation List –Key history –Potentially, source of trusted time for stamping Controlled Process to enroll and manage certificate holders - Registration Authority (RA) Process to revoke certificates which are no longer valid (distinct from rollover of expired certificate keys) Processes defined by certificate policy (CP) and certification practice statements (CPS)

8 8 Passport PKI Requirement New passports to include biometric identifier on chip. Concerns about tampering (integrity) led to need for PKI signature to confirm data on chip unchanged since production of TD (integrity) PKI does NOT guarantee identity of passport holder – it guarantees that TD biometric is unchanged since production by a specific producer (non-repudiation) Based on DIGITAL SIGNATURE

9 9 Use of digital signature During passport print process, data chip will be loaded CA will be requested for a signature Signature and certificate will be added to chip Chip is then locked to prevent further write operations

10 10 PKI Signing Process To sign a document: –A hash is prepared derived from the document content –It is encoded with the signing algorithm from the signers PRIVATE KEY –The signature and a copy of the public key certificate is attached to the document –It is then available for validation

11 11 PKI Signing Process (2) To validate the signature: –The PUBLIC KEY is used to prepare a hash of the document using the same signing key algorithm as the private key –The new hash is compared with the original –If they are the same, it proves that the document is unchanged since it was signed –For a TD, it means that TRUST can be placed on the validity of the document

12 12 PKI Signing Process (3) If relying party wishes to further validate the certificate, a path must exist to the CA which issued the certificate –Check validity of issuer –Check certificate not revoked –Implies border crossing points must have internet facing capability linked to card readers which can go to a source and validate that the certificate presented is in fact valid –No such infrastructure is yet in place

13 13

14 14 Deployment Issues Need for international standards among TD producers for mutual acceptance of biometric, PKI-authenticated TDs Need for accreditation process to accept each new national CA into infrastructure –Complex management challenge Need to incorporate passport CA with national policy for PKI administration –Align with national trust model

15 15 Operational Issues Process for adoption of new technology standards –Essential to maintain underlying cryptographic technology current –All nations move ahead together Avoid complexity of cross certification by publishing certificates in common location –Location must be specified from outset in certificate

16 16 Key management –To reduce risk of compromise, key should roll over frequently –Need to maintain key history for lifetime of passport issued under that key –In event of compromise, publish compromised certificate data to Certificate revocation list (directory) –Secure time stamping could be used to determine when a compromise occurred, or for calculations regarding validity period of passport

17 17 Guidance Common tendency to focus on underlying technology – wrong! –PKI is 20% technology, 80% process –Key element lies in trust model –To be trusted, technology must be supported by business processes which demonstrate the integrity of the PKI Entitlement processes must match integrity levels of entitlement process – no more, no less

18 18 Questions?


Download ppt "1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler."

Similar presentations


Ads by Google