introduction to public key infrastructure pki l.
Download
Skip this Video
Loading SlideShow in 5 Seconds..
Introduction to Public Key Infrastructure (PKI) PowerPoint Presentation
Download Presentation
Introduction to Public Key Infrastructure (PKI)

Loading in 2 Seconds...

play fullscreen
1 / 30

Introduction to Public Key Infrastructure (PKI) - PowerPoint PPT Presentation


  • 274 Views
  • Uploaded on

Introduction to Public Key Infrastructure (PKI). Tammy C. Hensel The University of Texas-Houston Health Science Center. Topics. Goals of Secure Messaging How Asymmetric Key Systems Meet These Goals Attacks Against Asymmetric Key Systems How PKI mitigates these attacks.

loader
I am the owner, or an agent authorized to act on behalf of the owner, of the copyrighted work described.
capcha
Download Presentation

PowerPoint Slideshow about 'Introduction to Public Key Infrastructure (PKI)' - Mia_John


Download Now An Image/Link below is provided (as is) to download presentation

Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author.While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server.


- - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript
introduction to public key infrastructure pki

Introduction to Public Key Infrastructure (PKI)

Tammy C. Hensel

The University of Texas-Houston Health Science Center

topics
Topics
  • Goals of Secure Messaging
  • How Asymmetric Key Systems Meet These Goals
  • Attacks Against Asymmetric Key Systems
  • How PKI mitigates these attacks
goals for secure messaging
Goals for Secure Messaging
  • Confidentiality
  • Integrity
  • Data Origin Authentication
  • Non-repudiation
goals for secure messaging4
Goals For Secure Messaging
  • Confidentiality: messages are kept private
  • Integrity: messages have not been altered in transit
  • Data origin authentication: recipient has assurance that the message really came from the ostensible author
  • Non-repudiation: author may not later claim that she did not write a certain message
how do we achieve these goals
How do we achieve these goals?
  • Confidentiality can be achieved via symmetric key systems or asymmetric key systems
  • Each has its benefits and drawbacks
symmetric key systems
Symmetric Key Systems
  • Same key is used for encryption and decryption
  • Alice generates a key and uses it to encrypt a message
  • Alice sends this key along with her message so that Bob can decrypt the message
asymmetric key systems
Asymmetric Key Systems
  • Uses two separate keys: one for encryption and decryption
  • Private key – kept secret and never shared
  • Public key – advertised publicly as part of your certificate
  • Symmetric/shared secret/session key - This key is generated for one-time or one-session use, and then discarded.
the keys
THE KEYS

Symmetric Key

Shared Secret Key

Session Key

Private Key

Public Key

asymmetric cryptography
Alice obtains Bob’s public key and encrypts the message using that key

Only Bob’s private key can decrypt the message, which ensures that only Bob can read the message

(Probably)

Asymmetric Cryptography
additional benefits of asymmetric key systems
Additional Benefits of Asymmetric Key Systems
  • Asymmetric key systems also provide integrity, data origin authentication, and non-repudiation
  • Alice can use her private key to “sign” a document
  • Bob knows that the message really came from Alice, and that the message has not been altered in transit (integrity)
integrity with digital signatures
Integrity with Digital Signatures
  • Digital signatures also provide integrity via a process called hashing
  • A hash also “encrypts” a message, but in this case, the goal is not confidentiality.
  • A hash is a “non-invertible” or one-way function, which means that once a hash is performed on a message, you cannot get the original message back
hashing continued
Hashing, continued
  • Hash algorithm defined: a one-way “encryption” algorithm that takes a message of any length and produces a smaller, unique output message
  • Analogy: Your fingerprint is a smaller version of you that uniquely identifies you, but you cannot be reconstructed from your fingerprint
  • Remember that hashing does not keep your data private!!!
how hashing creates a signature
How Hashing Creates a Signature
  • Alice hashes her message, then encrypts the hash with her private key
  • This process creates a “signature” that is appended to a plaintext message
  • Bob obtains Alice’s public key, decrypts the signature to uncover the plaintext hash, then runs the same hash function on the plaintext message.
signing messages alice

Signing

Message

Message

Hash

Algorithm

H

Message Digest1

Signing Messages - Alice

Encrypted Digest

(Digital Signature)

Encrypted Digest

(Digital Signature)

Alice’s private key

receiving bob

Receiving

Message

H

Hash

Algorithm

Message Digest2

Receiving - Bob

Match?

Encrypted Digest

  • Message Digest1

(Digital Signature)

Alice’s public key

problems with asymmetric key systems
Problems with Asymmetric Key Systems
  • Computational load for encryption
  • Man-in-the-middle attacks: public key substitution and signature forging
computational overhead
Computational Overhead
  • Asymmetric systems provide better security, but symmetric systems provide better performance
  • Solution: use the symmetric key to encrypt and decrypt the data; use public and private keys to encrypt and decrypt the symmetric key
putting it all together
Putting it All Together

Message

Encrypted Message

Symmetric Key

Digital Envelope

Bob’s Public Key

Encrypted Symmetric Key

putting it all together19
Putting it All Together

Encrypted Message

Message

Symmetric Key

Digital Envelope

Bob’s Private Key

Encrypted Symmetric Key

attacks against asymmetric key systems
Attacks Against Asymmetric Key Systems

Public Key Substitution Risks

public key substitution risk
Public-Key Substitution Risk
  • Molly can remove Bob’s public key and replace it with her own. Then Alice encrypts using “Bob’s” public key.
  • Molly intercepts the message, decrypts it with her own private key, and modifies it.
  • Molly re-encrypts it with Bob’s real public key. Bob can decrypt it with his private key, so he never detects the attack.
forging signatures
Forging Signatures
  • Molly removes Alice’s public key and replaces it with her own.
  • Alice signs a message with her private key. Molly intercepts it, strips the signature, then modifies the message.
  • Molly creates a new signature for the message using her own private key.
forging signatures23
Forging Signatures
  • Bob receives the signature and decrypts it with “Alice’s” public key.
  • Bob also runs the hash over Molly’s bogus message and verifies the signature.
the problem
The Problem
  • We need a way to tie a public/private key pair to a person
  • A digital signature only ties a message to a private key, not to a person!
the solution
The Solution
  • We need a trusted third party that can authoritatively bind a key pair to a person
  • This trusted third party is called a “certification authority” (CA)
  • The CA issues a digital certificate to each user, which contains the public key for that user
certificates binds a person to a key pair
Certificates: Binds a Person to a Key Pair
  • The public key (embedded in a digital certificate) is in a public directory that is freely accessible
  • Now when you download someone’s public key, you know that it belongs to a specific person
how this binding is accomplished
How This Binding is Accomplished
  • The CA has a public and private key pair, just like people and devices
  • The CA uses its private key to sign the body of the certificate, just as people use personal private keys to sign messages
  • To verify, one must use the CA’s public key to decrypt the signature, just as one would verify a personal signature from another user!
how this binding is accomplished28
How This Binding is Accomplished
  • If the CA is a widely recognized authority, its certificate (along with its public key) will already be embedded in browsers
  • Two matching hashes ensure that the contents of the certificate have not been tampered with – certificate integrity
x 509 certificate format
X.509 Certificate Format

Serial Number

Issuer X.500 distinguished name

Validity Period

Subject X.500 distinguished name

Public key

Key/certificate usage

Extensions

CA Digital Signature

review this page will help you check your understanding of digital ids
ReviewThis page will help you check your understanding of digital IDs
  • Define confidentiality, integrity, data origin authentication, and non-repudiation
  • What does it mean when I receive a message that is digitally signed? What does it mean when I receive a message that is encrypted?
  • From a technical standpoint, how do I send a message with a digital signature? How do I send an encrypted message?
  • What could happen if someone were to obtain my private key? What security goals does this weaken? What is the most secure way to maintain the private key?