Public Key Infrastructure (PKI) Chapter 7 Public Key Infrastructure (PKI)
PKI PKI technology has attracted significant attention, and has become the central focus of modern security mechanisms on the Internet. PKI is closely related to the ideas of asymmetric key cryptography, mainly including message digests, digital signature + encryption services.
PKI (cont.) The chief requirement to enable all these services is the technology of digital certificate. Digital certificates are termed as passports on the web. Two popular standards for digital certificates and PKI:- PKIX, PKCS.
Digital Certificates Problem:- key agreement / key exchange Answer:- Diffie-Hellman Key Exchange Asymmetric Key Cryptography pitfalls Digital Certificates Unsolved issue: man-in-the-middle attack
Digital Certificates (cont.) Example: digital certificates which compare to the document such as passport / driving licenses:- full name, nationality, date + place of birth, photograph and digital signature.
Concept of Digital Certificates A digital certificate is simply a small computer file. Example: ladda.cer (where .cer signifies the first three characters of the word “certificate”.) The file extensions can be different. Digital certificate establishes the relationship between a user and her public key. A digital certificate must contain the user name and the user’s public key to prove that a particular public key belongs to a particular user.
Concept of Digital Certificates (cont.) Figure 1 shows a simplified view of a sample digital certificate. Interesting thing in Figure 1 Subject name:- a name may be an individual, a group or an organization). Serial number Table 1 shows similarities between a passport and a digital certificate. Digital certificates must be issued by some trusted entry.
Concept of Digital Certificates (cont.) Figure 1 Example of a digital certificate
Concept of Digital Certificates (cont.) Table 1 Similarities between a passport and a digital certificate.
Certification Authority (CA) A CA is a trusted agency that can issue digital certificates. Usually, a CA is a reputed organization, such as a post office, financial institution, software company, etc. The world’s most famous CAs are Verisign and Entrust. Safescrypt Limited, a subsidiary of Satyam Infoway Limited, became the 1st Indian CA in Feb, 2002.
Technical Details of Digital Certificate X.509 is a standard that defines the structure of a digital certificate. The International Telecommunication Union (ITU) came up with this standard in 1988 and was a part of X.500 at that time. The current version of the standard is X.509V3. The IETF published the RFC2459 for X.509 standard in 1999.
Example:
Example:
Digital Certificate Creation Parties involved Three parties involved in this process Subject: end user Issuer: CA Registration Authority (RA) CA responsibilities Issue new certificates Maintain the old one. Revoke the ones that have become invalid.
Digital Certificate Creation (cont.) An RA is an intermediate entity between the end users and the CA, which assists the CA in its day-to-day activities as shown in Figure 2 RA provides the following services: Accepting and verifying registration information about new users. Generating keys on behalf of the end users. Accepting and authorizing requests for key backup and recovery.
Digital Certificate Creation (cont.) End user Registration Authority (RA) Certificate Authority (RA) Figure 2 Registration Authority (RA)
Digital Certificate Creation (cont.) Accepting and authorizing the requests for certificate revocation. RA function assists the CA in its day-to-day activities and CA becomes isolated entity, which makes it less susceptible to security attack. RA cannot issue digital certificates.
Certificate Creation Steps (cont.) Key generation Registration Verification Certificate creation Figure 3 Digital certificate creation steps.
Certificate Creation Steps Step 1. Key generation: 2 different approaches a) - The subject can create a private key and public key using some s/w. ( s/w usually a part of web browser / web server.) - The subject keeps the private key thus generated, secret. - The subject then sends herself to RA. - See Figure 4
Certificate Creation Steps (cont.) Figure 4 Subject generating its own key pair.
Certificate Creation Steps (cont.) b) The RA generates a key pair on the subject’s (user’s) behalf. See Figure 5. Disadvantage: possibility of the RA knowing the private key of the user, as well as the scope for this key to be exposed to others while in transit after it is generated and sent to the appropriate user.
Certificate Creation Steps (cont.) Figure 5 RA generating a key pair on behalf of the subject.
Certificate Creation Steps (cont.) Step 2. Registration Only required if the user generates the key pair in the 1st step. Subject sends public key and the associated registration information (e.g. subject name) and all the evidence about herself to the RA. The format for the certificate requests has been standardized, and is called as Certificate Signing Request (CSR) CSR is one of the Public Key Cryptography Standards (PKCS). Also called PKCS#10
Certificate Creation Steps (cont.) The evidence may not be in the form of computer data, and usually consists of paper-based documents Example of evidence: a copy of passport or business documents or income/tax statements, etc. See Figure 6
Certificate Creation Steps (cont.) Figure 6 Subject sends public key and evidences to the RA.
Certificate Creation Steps (cont.) Step 3. Verification The RA verifies the user’s credentials The verifications is as follows: 1) RA verifies the user’s credentials such as the evidences provided, and ensure that they are acceptable. If the user is an organization, RA may check - business records, historical documents and credibility proofs. If the user is an individual user, RA may check - postal address, email id, phone number, passport or driving license.
Certificate Creation Steps (cont.) 2) checking the Proof of Possession (POP) - RA verifies the user who is requesting for the certificate does indeed possess the private key corresponding to the public key that is sent as a part of the certificate request to the RA. - Many approaches to this check. 1. The user digitally sign her Certificate Signing Request (CSR) using her private key. If RA can verify the signature correctly (using user’s public key), RA believe that user indeed possesses the private key.
Certificate Creation Steps (cont.) 2. RA create random number challenge, encrypt it with the user’s public key and send the encrypted challenge to the user. If the user can decrypt it using her private key, the RA assume that the user possesses the right private key. 3) RA generates a dummy certificate for the user, encrypt it using the user’s public key and send it to the user. The user can decrypt it only if she can decrypt the encrypted certificate, and obtain the plain text certificate.
Certificate Creation Steps (cont.) Step 4. Certificate creation RA passes on all the details of the user to the CA. The CA does its own verification (if required) and creates a digital certificate for the user. The CA sends the certificate to the user, and also retains a copy of the certificate for its own record.