1 / 81

Public Key Infrastructure

Public Key Infrastructure. Contents. Preparing for Cryptographic Attacks Cryptography Standards and Protocols Key management and Key life cycle Introduction of PKI Trust models PKI management. Cryptographic Attacks.

leane
Download Presentation

Public Key Infrastructure

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public Key Infrastructure

  2. Contents • Preparing for Cryptographic Attacks • Cryptography Standards and Protocols • Key management and Key life cycle • Introduction of PKI • Trust models • PKI management

  3. Cryptographic Attacks • Specific attacks on cryptographic systems can be divided into three types: • Attacking the key • Attacking the algorithm • Intercepting the transmission

  4. Cryptographic Attacks: Birthday attack • A birthday attack is an example of an attack targeted at the key. • It isn’t an attack on the algorithm itself, just on the results. • If 25 people are in a room, there is some probability that two of those people will have the same birthday. • The probability increases as additional people enter the room. • It’s important to remember that probability doesn’t mean that something will occur, only that it’s more likely to occur.

  5. Cryptographic Attacks: Weak key attack • Based on the premise that many common passwords are used by lots of people. • If the key length is short, the resulting hash value will be easier to guess. • Make sure your users use passwords and encryption keys that are hard to guess. You may even want to consider a random-password generating system.

  6. Cryptographic Attacks: Mathematical attack • Mathematical attacks can be focused on the encryption algorithm itself, the key mechanism, or any potential area of weakness in the algorithm. • These attacks use mathematical modeling and statistical analysis to determine how the system operates. • These types of attacks depend on intercepting large amounts of data and methodically attempting to decrypt the messages using one of the methods previously described.

  7. Contents • Preparing for Cryptographic Attacks • Cryptography Standards and Protocols • Key management and Key life cycle • Introduction of PKI • Trust models • PKI management

  8. Public Domain Cryptography • Public domain cryptography refers to the standards and protocols that emerge from individual or corporate efforts and are released to the general public for use • PGP and RSA are two common public cryptographic initiatives.

  9. Pretty Good Privacy (PGP) • Developed by Phil Zimmerman • In 1991, he published the encryption system on the Internet • PGP has become a de facto standard for e-mail encryption. • PGP uses both symmetrical and asymmetrical encryption

  10. Pretty Good Privacy (PGP)

  11. RSA • Rivest, Shamir, and Adleman • RSA has been very involved in developing Public-Key Cryptography Standards (PKCS), and it maintains a list of standards for PKCS

  12. Public-Key Infrastructure X.509 (PKIX) • Public-Key Cryptography Standards (PKCS) is a set of voluntary standards created by RSA and security leaders. • Early members of this group included Apple, Microsoft, DEC (now HP), Lotus, Sun, and MIT.

  13. X.509 • The X.509 standard defines • Certificate formats and fields for public keys • The procedures that should be used to distribute public keys. • The X.509 version 2 certificate is still used as the primary method of issuing Certificate Revocation List (CRL) certificates. • The current version of X.509 certificates is version 3, and it comes in two basic types: • End-entity certificate • The CA certificate is issued by one CA to another CA. The second CA can, in turn, issue certificates to an end entity.

  14. So what’s in a X.509 Digital Certificate? • X.509 certificate standard • X.509 Version Number • Subject • Public Key!!! • Issuer (CA that vouched for you) • Serial Number • Validity dates • Certificate Usage • Signature Algorithm • Extensions

  15. So what’s in a X.509 Digital Certificate?

  16. SSL and TLS • Secure Sockets Layer (SSL): • Establish a secure communication connection between two TCP-based machines • Uses the handshake method of establishing a session • The number of steps is always between four and nine, inclusive, based on who is doing the documentation • http://support.microsoft.com:80/support/kb/articles/Q257/5/91.ASP

  17. SSL and TLS • Secure Sockets Layer (SSL):

  18. SSL and TLS • Transport Layer Security (TLS): • Expands upon SSL • TLS may replace SSL in the near future • The TLS protocol is also referred to as SSL 3.1, but despite its name, it doesn’t interoperate with SSL

  19. Certificate Management Protocol (CMP) • A messaging protocol used between PKI entities. • XML Key Management Specification (XKMS) is designed to allow XML-based programs access to PKI services • CMP is expected to be an area of high growth as PKI usage grows.

  20. Secure Multipurpose Internet Mail Extensions • S/MIME • A standard used for encrypting e-mail • Uses the PKCS #7 standard (Cryptographic Message Syntax Standard) and is the most widely supported standard used to secure e-mail communications.

  21. Secure ElectronicTransaction (SET) • Provides encryption for credit card numbers that can be transmitted over the Internet • Developed by Visa and MasterCard

  22. Secure Shell (SSH) • A tunneling protocol originally used on Unix systems • Now available for both Unix and Windows • SSH connections are established in two phases: • The first phase is a secure channel to negotiate the channel connection • The second phase is a secure channel used to establish the connection

  23. Secure Shell (SSH)

  24. HTTP Secure • Hypertext Transport Protocol Secure (HTTPS) is the secure version of HTTP • Uses SSL to secure the channel between the client and server • Uses port 443 by default.

  25. Secure HTTP • Secure Hypertext Transport Protocol (S-HTTP) is HTTP with message security (added by using RSA or a digital certificate). • Whereas HTTPS creates a secure channel, S-HTTP creates a secure message. • S-HTTP can use multiple protocols and mechanisms to protect the message. • It also provides data integrity and authentication.

  26. IP Security (IPSec) • Provides authentication and encryption across the Internet • Becoming a standard for encrypting virtual private network (VPN) channels • One of the primary uses of IPSec is to create VPNs. IPSec, in conjunction with Layer 2 Tunneling Protocol (L2TP) or Layer 2 Forwarding (L2F), creates packets that are difficult to read if intercepted by a third party. • IPSecworks at layer 3 of the OSI model.

  27. IP Security (IPSec) • Protocols used by IPSec at the bottom layer are • Authentication Header (AH) • Encapsulating Security Payload (ESP). • Both can operate in either the transport or tunnel mode. • Port 50 is used for ESP • Port 51 is used for AH.

  28. Tunneling Protocols • Point-to-Point Tunneling Protocol (PPTP) • Encapsulation in a single point-to-point environment. • PPTP encapsulates and encrypts Point-to-Point Protocol (PPP) packets • PPTP uses port 1723 and TCP for connections. • Layer 2 Forwarding (L2F) • Created by Cisco • Creating tunnels primarily for dial-up connections. • Shouldn’t be used over WANs. • Provides authentication, but doesn’t provide encryption. • L2F uses port 1701 and TCP for connections.

  29. Tunneling Protocols • Layer 2 Tunneling Protocol (L2TP) • L2TP is a hybrid of PPTP and L2F • Primarily a point-to-point protocol • Supports multiple network protocols so it can be used as a bridge across many types of systems • IPX, SNA, and IP • L2TP doesn’t provide data security: The information isn’t encrypted. (Security can be provided by protocols such as IPSec.) • L2TP uses port 1701 and UDP for connections.

  30. Wireless Transport Layer Security (WTLS) • Provides an encrypted and authenticated connection between a wireless client and a server • WTLS is similar in function to TLS, • Uses a lower bandwidth • Less processing power • It’s used to support wireless devices

  31. Contents • Preparing for Cryptographic Attacks • Cryptography Standards and Protocols • Key management and Key life cycle • Introduction of PKI • Trust models • PKI management

  32. Key Management • Centralized versus decentralized key generation • Key storage and distribution • Key escrow • Key expiration • Key revocation • Key suspension • Key recovery and archival • Key renewal • Key destruction • Key usage

  33. Key generation • Key length and the method used to create the key also affect the security of the system in use. • The security of a key is measured by how difficult it is to break the key • According to RSA, it would take 3 million years and a $10 million budget to break a key with a key length of 1,024 bits

  34. Key generation • Centralized Key Generation

  35. Key generation • Decentralized Key Generation

  36. Storing and Distributing Keys • Usually accomplished using a Key Distribution Center (KDC), as used in Kerberos, or by using a Key Exchange Algorithm (KEA), as in the case of PKI.

  37. Storing and Distributing Keys • Usually accomplished using a Key Distribution Center (KDC), as used in Kerberos, or by using a Key Exchange Algorithm (KEA), as in the case of PKI.

  38. Key Escrow • A key escrow system stores keys for the purpose of law enforcement access • Key escrow systems can also be a part of the key recovery process

  39. Key Expiration • A key expiration date identifies when a key is no longer valid. • Normally, a key is date stamped; this means that it becomes unusable after a specified date. • A new key or certificate is normally issued before the expiration date.

  40. Revoking Keys • Keys are revoked when • they are compromised • the authentication process has malfunctioned • people are transferred • other security risks occur. • Revoking a key keeps it from being misused. • A revoked key must be assumed to be invalid or possibly compromised. • PKI use a CRL to perform a check on the status of revoked keys

  41. Suspending Keys • A key suspension is a temporary situation. • If an employee were to take a leave of absence, the employee’s key could be suspended until they came back to work. • In a PKI system, a CRL would be checked to determine the status of a certificate

  42. Recovering and Archiving Keys • Key archiving

  43. Recovering and Archiving Keys • Key recovery • Current keys • Previous Keys • Archived keys

  44. Renewing Keys • Key renewal defines the process of enabling a key for use after its scheduled expiration date. • A key would be reissued for a certain time in this situation. • This process is called a key rollover

  45. Destroying Keys • Key destruction is the process of destroying keys that have become invalid. • Many symmetrically based encryption systems use a dedicated device to carry the key for the encryption. • This key would be physically delivered to the site using the encryption system. • Old keys would be recovered and destroyed.

  46. Contents • Preparing for Cryptographic Attacks • Cryptography Standards and Protocols • Key management and Key life cycle • Introduction of PKI • Trust models • PKI management

  47. MiM (normal exchange)

  48. MiM Attack! (part 1)

  49. MiM Attack! Part 2

  50. Public Key Infrastructure • Wouldn’t it be nice if some one we could distribute public keys AND be assured that the public key we received was the actual public key of the person we expect to talk to?

More Related