Download presentation
Presentation is loading. Please wait.
Published byMarylou Harris Modified over 5 years ago
1
CSCD434 Network Security Spring 2019 Lecture 14
PKI
2
Overview Public Key Infrastructure Details
3
PKI Defined What is PKI?
4
Public Key Infrastructure (PKI)
Components in General PKI is combination of software, encryption technologies, and services Protects business communications and transactions on Internet PKI integrates digital certificates, public-key cryptography, and certificate authorities into Enterprise-wide Security Architecture Provides A way to verify an individual’s identity and ensure that a person’s public key is bound to that identity
5
Background of PKI PKI as we know it began with establishment of the X.509 certificate standard in 1993 RFC 1422 , This standard created concepts of certification authorities, Certificate revocation lists (CRL), and Certificate trusts that provided framework for more advanced PKI-based technologies in-use today PKI consists of: Software Encryption technologies Security services
6
PKI Components 1. Certification Authority
- Issues certificates of ownership of a public key by named entity 2. Registration Authority - Trusted by a CA to register or vouch for users of the CA 3. Repository - Database of active digital certificates for a CA - Confirms status of digital certificates for individuals and businesses 4. Archive - To store and protect sufficient information to determine if a digital signature on an "old" document should be trusted 5. Certificates - Includes public key, identity of party holding private key, operational period for certificate, and the CA's own digital signature - May contain other information about signing party or information about recommended uses for public key
7
PKI Example Certificate
A message signed by someone that vouches for someone else’s public key {Alice’s public key is } Bob Encrypted with Bob’s private key If you trust that you have Bob’s public key, and if you trust Bob, then you now trust your new knowledge of Alice’s public key Chain of certificates: {Carol’s key is } Damian {Bob’s public key is } Carol
8
PKI Example If Alice signs a certificate vouching for Bob’s name and key: Alice is the Issuer Bob is the Subject Alice is verifying a chain of certificates: Alice is the verifier / relying party Anything with a public key is a principal A Trust Anchor is a public key that the verifier has decided to trust
9
Why do we need PKI? Why is PKI needed? What problems does it solve?
10
Overview of PKI PKI uses public key cryptographic techniques
CA PKI uses public key cryptographic techniques Derives its name from public key cryptography PKI identifies a Certificate Authority (CA) who provides public/private key pair CA manages keys CA is also responsible for managing Certificate Revocation List (CRL)
11
Digital Signatures Created by using hash functions creates a message digest Purpose Electronic identification of a person or thing created by using public key algorithm Verifies integrity of data and identity of sender Discuss digital signatures as a security feature that provides integrity, authentication, and repudiation whereas encryption primarily provides confidentiality. Explain that digital signatures are created using hash functions, and then the message is ‘signed’ by using the user’s private key. Have students study Figure 5-2 to see how signatures are made. The receiver uses the sender’s public key to recreate the original message digest to provide nonrepudiation.
12
Hash Functions Message Digest is generic version of one of three algorithms, all designed to create a message digest or hash from plain text. MD2 – produces hash of 128 bits, optimized for 8- bit machine MD4 – optimized for 32-bit machines, fast but not secure MD5 – created to fix security problems of MD4 and is slower SHA – algorithm modeled on MD4. Accepts an input of up to 264 bits or less and compresses down to a hash of 160 bits.
14
Flaws of Digital Signatures
Without way to verify signer is who they say they are ... following can happen
15
Without a PKI, individuals could spoof identities
Evil Without a PKI, individuals could spoof identities
16
Certificate Authority (CA)
Responsibilities of a CA CA is trusted authority for certifying individuals and creating Digital Certificates Consists of procedures and policies plus public key algorithms to create key pair Every CA outlines How identities are verified, Keys are secured, Data placed within a digital certificate, and How revocations will be handled
17
Hierarchical PKI CA forms root of a tree and can sign any other key below them These trees can be as small as a project group, or as big as the Internet
18
CA Examples VeriSign was one of first and was most dominant
Headquartered in Mountain View, California Authentication, Validation and Payment A 2009 market share report, VeriSign and its acquisitions (which include Thawte and Geotrust) had a 47.5% share of the certification services provider market, followed by GoDaddy (23.4%), and Comodo (15.44%) In 2010, Verisign sold its CA business to Symantec
19
Top Certificate Authorities 2018
20
Digital Certificates Binds an individual’s identity to a public key and Contains all info needed to prove public key belongs to a legitimate owner and has not been compromised Consists of Owner’s public key Information unique to owner Digital signatures or an endorser Explain that digital certificates are similar to digital signatures in that a public key and private key are used but with digital certificates, there is an endorser, a third party that vouches for the authenticity and identity of the public key holder. Mention that digital signatures and digital certificates work together, where the digital certificate ensures that the public key holder’s identity is authentic.
22
Steps for obtaining a digital certificate
23
Certificate Repository
Once certificate is registered, Identity proven, and a key pair generated, they are placed in a public repository All certificates can be in one, large distributed database (LDAP) Each signing certificate authority can maintain its own repository and have a means of querying the other repositories for information for its users Business communities and governments are starting to create their own CA's Linking them by signing or cross-certifying and publishing all of their information in business- class repositories
24
Trust and Certificate Verification
If CA and integrity of certificate is trusted, still need to check: Start and stop dates of certificates (life cycles) Revocation list (CRL) Lost laptop or smart card Improper software implementation Social engineering attack Employee leaves company
25
Private Key Protection Recommendations
The key size should provide the necessary level of protection for the environment The lifetime should correspond with how often it is used and the sensitivity of the data Key should be changed and not used past its lifetime Key should be properly destroyed at end of lifetime Key should never be exposed in clear text No copies of private key should be made Key should not be shared Key should be stored securely Authentication should be required before it can be used Key should be transported securely Software implementation used for storage needs to provide the necessary level of protection
26
PKI Standards Used in Business processes Applications
Standards/protocols that use PKI PKI implementation level Online banking and shopping , VPNs S/MIME, SSL, TLS, WTLS, IPsec, PPTP ISAKMP, CMP, SKMS, X.509, PKIX, PKCS
27
PKI Standards PKI Implementation relies on
PKIX -Public Key Infrastructure PKCS - Public Key Cryptography X.509 ISAKMP and XKMS are key management protocols CMP manages certificates S/MIME manages SSL, TLS and WTLS for secure packet transmissions IPSEC and PPTP for VPN Online banking and shopping , VPNs S/MIME, SSL, TLS, WTLS, IPsec, PPTP ISAKMP, CMP, XKMS, X.509, PKIX, PKCS
28
PKI Standards PKIX/PKCS based on the X.509 standard defines four components: The user Certificate Authority (CA) Registration authority (RA) Certificate revocation lists Online banking and shopping , VPNs S/MIME, SSL, TLS, WTLS, IPsec, PPTP ISAKMP, CMP, XKMS, X.509, PKIX, PKCS
29
X.509 Certificates Late 1980, X.500 OSI directory standard was defined by ISO and the ITU X.509 addresses structure of certificates used for authentication X.509 defines a hierarchical certification structure that relies on a root certificate authority that is self- certifying To obtain a X.509, you must ask a CA to issue you one Explain that S/MIME offers both authentication and privacy services. Discuss briefly the four standards upon which S/MIME is built. Explain how S/MIME is newer than PGP and supports in MIME format but the 40-bit RC2 algorithm is known to be somewhat weak. However, since S/MIME also supports 3DES, a strong algorithm, S/MIME can be used effectively and securely. Explain to students that export restrictions make S/MIME using RC2 encryption attractive when applications that use it are exported. Students should understand that the U.S. has strict restrictions over what types of encryption may be exported (for example, Windows Server versions that use 128-bit encryption cannot be exported). You provide your public key, proof that you possess the correspingin private key and some specific info about yourself. You then ditially sign the info and send the whole package to CA. CA does due diligence and generates cert with public key.
31
Trust Models Techniques that establish how users validate certificates
Direct trust – not scalable Hierarchical trust – based on number of root CA Web of trust
32
Hierarchical X.509 Standard used to define hierarchy of public keys
Users trust top of tree, and which then filters down to trust of nodes farther down Example: Paypal.com Your computer trusts public key for a Certificate Authority such as VeriSign Verisign certifies that Paypal, Inc. owns paypal.com, and signs their certificate for that address Your computer sees Paypal.com’s certificate, and can trust its identity What is the Vulnerability or Risk in this scheme? Main Risk Very Centralized If someone were to control VeriSign’s key, they could run a fake paypal.com, and collect usernames/passwords.
33
Hierarchical X.509
34
Hierarchical X.509 How is Trust Achieved?
Certificate is trusted because issued by a broadly accepted certificate authority ("CA") You and most other Internet users accept as reliable for purpose of binding identities to credentials CA's tend to be very careful when it comes to doing what they say they're going to do Follow Certificate Practices Statement If they don't, people (including browser vendors!) will stop trusting them and then they'll quickly be out of business 34
35
CA-FOO CA-BAR CA-BAR Self-Signed
If you receive Borja's certificate, and don't explicitly trust CA FOO this doesn't automatically mean certificate isn't, trustworthy, you might check to see if CA FOO's certificate was issued by a CA you do trust. If it turns out that CA BAR is in your 'trusted list', then that means that Borja's certificate is trustworthy CA-FOO CA-BAR CA-BAR Self-Signed
36
Alternative Model Web of Trust
Web of Trust concept was first proposed by PGP creator Phil Zimmermann in 1992 Became OpenPGP standard Based on graph of public keys, signing each other’s keys when identities are verified Eventually, one key can ‘trust’ identity of another by tracing a path through graph of trusted keys Depends on people verifying identity before signing someone else’s key Today, there is a ‘strongly connected’ subgraph of keys which all trust each other This “Strong set” contains over keys, with an average distance between keys of ~6 people.
37
Web of Trust Zimmerman believed that
“As time goes on, you will accumulate keys from other people that you may want to designate as trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys”
38
Web of Trust Example
39
How Web of Trust Works You have 2 keys
Public key that you let people you trust know; and Private key that only you know Your public key will decrypt any information encrypted with your private key, and vice-versa You also have key ring with group of people's public keys You encrypt your information with a recipient's public key, and only their private key will decrypt it You then digitally sign information with your private key, so when they verify it with your public key, they can confirm that it is you Pretty much the same as PKI, but without the CA's
40
Summary PKI used for most of the network, web cryptography used today
Imperfect system Many flaws Lots of attacks against this system Only one we have ... thats widely used to date
41
The End No Lab this Week … Work on the Midterm
Similar presentations
© 2024 SlidePlayer.com Inc.
All rights reserved.