1 / 41

PKI

PKI. CSCD434 Network Security Spring 2019 Lecture 14. Overview. Public Key Infrastructure Details. PKI Defined. What is PKI?. Public Key Infrastructure (PKI)‏. Components in General PKI is combination of software, encryption technologies, and services

martyf
Download Presentation

PKI

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. PKI CSCD434 Network Security Spring 2019 Lecture 14

  2. Overview Public Key Infrastructure Details

  3. PKI Defined What is PKI?

  4. Public Key Infrastructure (PKI)‏ Components in General PKI is combination of software, encryption technologies, and services Protects business communications and transactions on Internet PKI integrates digital certificates, public-key cryptography, and certificate authorities into Enterprise-wide Security Architecture Provides A way to verify an individual’s identity and ensure that a person’s public key is bound to that identity

  5. Background of PKI PKI as we know it began with establishment of the X.509 certificate standard in 1993 RFC 1422 , http://tools.ietf.org/html/rfc1422 This standard created concepts of certification authorities, Certificate revocation lists (CRL), and Certificate trusts that provided framework for more advanced PKI-based technologies in-use today PKI consists of: Software Encryption technologies Security services

  6. PKI Components 1. Certification Authority - Issues certificates of ownership of a public key by named entity 2. Registration Authority - Trusted by a CA to register or vouch for users of the CA 3. Repository - Database of active digital certificates for a CA - Confirms status of digital certificates for individuals and businesses 4. Archive - To store and protect sufficient information to determine if a digital signature on an "old" document should be trusted 5. Certificates - Includes public key, identity of party holding private key, operational period for certificate, and the CA's own digital signature - May contain other information about signing party or information about recommended uses for public key

  7. PKI Example Certificate A message signed by someone that vouches for someone else’s public key {Alice’s public key is 891234567} Bob Encrypted with Bob’s private key If you trust that you have Bob’s public key, and if you trust Bob, then you now trust your new knowledge of Alice’s public key Chain of certificates: {Carol’s key is 901234567} Damian {Bob’s public key is 7890123456} Carol {Alice’s public key is 891234567} Bob

  8. PKI Example If Alice signs a certificate vouching for Bob’s name and key: Alice is the Issuer Bob is the Subject Alice is verifying a chain of certificates: Alice is the verifier / relying party Anything with a public key is a principal A Trust Anchor is a public key that the verifier has decided to trust

  9. Why do we need PKI? Why is PKI needed? What problems does it solve?

  10. Overview of PKI PKI uses public key cryptographic techniques Derives its name from public key cryptography PKI identifies a Certificate Authority (CA) who provides public/private key pair CA manages keys CA is also responsible for managing Certificate Revocation List (CRL)‏ CA

  11. Digital Signatures Created by using hash functions creates a message digest Purpose Electronic identification of a person or thing created by using public key algorithm Verifies integrity of data and identity of sender

  12. Hash Functions Message Digest is generic version of one of three algorithms, all designed to create a message digest or hash from plain text. MD2 – produces hash of 128 bits, optimized for 8-bit machine MD4 – optimized for 32-bit machines, fast but not secure MD5 – created to fix security problems of MD4 and is slower SHA – algorithm modeled on MD4. Accepts an input of up to 264 bits or less and compresses down to a hash of 160 bits.

  13. Flaws of Digital Signatures Without way to verify signer is who they say they are ... following can happen

  14. Evil Without a PKI, individuals could spoof identities

  15. Certificate Authority (CA) Responsibilities of a CA CA is trusted authority for certifying individuals and creating Digital Certificates Consists of procedures and policies plus public key algorithms to create key pair Every CA outlines How identities are verified, Keys are secured, Data placed within a digital certificate, and How revocations will be handled

  16. Hierarchical PKI CA forms root of a tree and can sign any other key below them These trees can be as small as a project group, or as big as the Internet

  17. CA Examples VeriSign was one of first and was most dominant Headquartered in Mountain View, California Authentication, Validation and Payment A 2009 market share report, VeriSign and its acquisitions (which include Thawte and Geotrust) had a 47.5% share of the certification services provider market, followed by GoDaddy (23.4%), and Comodo (15.44%)‏ In 2010, Verisign sold its CA business to Symantec

  18. Top Certificate Authorities 2018 https://w3techs.com/blog/entry/identrust_has_become_the_most_popular_ssl_certificate_authority

  19. Digital Certificates Binds an individual’s identity to a public key and Contains all info needed to prove public key belongs to a legitimate owner and has not been compromised Consists of Owner’s public key Information unique to owner Digital signatures or an endorser

  20. Steps for obtaining a digital certificate

  21. Certificate Repository Once certificate is registered, Identity proven, and a key pair generated, they are placed in a public repository All certificates can be in one, large distributed database (LDAP) ‏ Each signing certificate authority can maintain its own repository and have a means of querying the other repositories for information for its users Business communities and governments are starting to create their own CA's Linking them by signing or cross-certifying and publishing all of their information in business-class repositories

  22. Trust and Certificate Verification • If CA and integrity of certificate is trusted, still need to check: • Start and stop dates of certificates (life cycles)‏ • Revocation list (CRL)‏ • Lost laptop or smart card • Improper software implementation • Social engineering attack • Employee leaves company

  23. Private Key Protection Recommendations The key size should provide the necessary level of protection for the environment The lifetime should correspond with how often it is used and the sensitivity of the data Key should be changed and not used past its lifetime Key should be properly destroyed at end of lifetime Key should never be exposed in clear text No copies of private key should be made Key should not be shared Key should be stored securely Authentication should be required before it can be used Key should be transported securely Software implementation used for storage needs to provide the necessary level of protection

  24. PKI Standards • Used in Business processes • Applications • Standards/protocols that use PKI • PKI implementation level Online banking and shopping Email, VPNs S/MIME, SSL, TLS, WTLS, IPsec, PPTP ISAKMP, CMP, SKMS, X.509, PKIX, PKCS

  25. PKI Standards • PKI Implementation relies on • PKIX -Public Key Infrastructure • PKCS - Public Key Cryptography • X.509 • ISAKMP and XKMS are key management protocols • CMP manages certificates • S/MIME manages email • SSL, TLS and WTLS for secure packet transmissions • IPSEC and PPTP for VPN Online banking and shopping Email, VPNs S/MIME, SSL, TLS, WTLS, IPsec, PPTP ISAKMP, CMP, XKMS, X.509, PKIX, PKCS

  26. PKI Standards • PKIX/PKCS based on the X.509 standard defines four components: • The user • Certificate Authority (CA)‏ • Registration authority (RA)‏ • Certificate revocation lists Online banking and shopping Email, VPNs S/MIME, SSL, TLS, WTLS, IPsec, PPTP ISAKMP, CMP, XKMS, X.509, PKIX, PKCS

  27. X.509 Certificates Late 1980, X.500 OSI directory standard was defined by ISO and the ITU X.509 addresses structure of certificates used for authentication X.509 defines a hierarchical certification structure that relies on a root certificate authority that is self-certifying To obtain a X.509, you must ask a CA to issue you one

  28. Trust Models • Techniques that establish how users validate certificates • Direct trust – not scalable • Hierarchical trust – based on number of root CA • Web of trust

  29. Hierarchical X.509 Standard used to define hierarchy of public keys Users trust top of tree, and which then filters down to trust of nodes farther down Example: Paypal.com Your computer trusts public key for a Certificate Authority such as VeriSign Verisign certifies that Paypal, Inc. owns paypal.com, and signs their certificate for that address Your computer sees Paypal.com’s certificate, and can trust its identity What is the Vulnerability or Risk in this scheme? Main RiskVery Centralized If someone were to control VeriSign’s key, they could run a fake paypal.com, and collect usernames/passwords.

  30. Hierarchical X.509

  31. Hierarchical X.509 • How is Trust Achieved? • Certificate is trusted because issued by a broadly accepted certificate authority ("CA")‏ • You and most other Internet users accept as reliable for purpose of binding identities to credentials • CA's tend to be very careful when it comes to doing what they say they're going to do • Follow Certificate Practices Statement • If they don't, people (including browser vendors!) will stop trusting them and then they'll quickly be out of business 34

  32. If you receive Borja's certificate, and don't explicitly trust CA FOO this doesn't automatically mean certificate isn't, trustworthy, you might check to see if CA FOO's certificate was issued by a CA you do trust. If it turns out that CA BAR is in your 'trusted list', then that means that Borja's certificate is trustworthy CA-FOO CA-BAR CA-BAR Self-Signed

  33. Alternative Model Web of Trust Web of Trust concept was first proposed by PGP creator Phil Zimmermann in 1992 Became OpenPGP standard Based on graph of public keys, signing each other’s keys when identities are verified Eventually, one key can ‘trust’ identity of another by tracing a path through graph of trusted keys Depends on people verifying identity before signing someone else’s key Today, there is a ‘strongly connected’ subgraph of keys which all trust each other This “Strong set” contains over 34000 keys, with an average distance between keys of ~6 people.

  34. Web of Trust Zimmerman believed that “As time goes on, you will accumulate keys from other people that you may want to designate as trusted introducers. Everyone else will each choose their own trusted introducers. And everyone will gradually accumulate and distribute with their key a collection of certifying signatures from other people, with the expectation that anyone receiving it will trust at least one or two of the signatures. This will cause the emergence of a decentralized fault-tolerant web of confidence for all public keys”

  35. Web of Trust Example

  36. How Web of Trust Works • You have 2 keys • Public key that you let people you trust know; and • Private key that only you know • Your public key will decrypt any information encrypted with your private key, and vice-versa • You also have key ring with group of people's public keys • You encrypt your information with a recipient's public key, and only their private key will decrypt it • You then digitally sign information with your private key, so when they verify it with your public key, they can confirm that it is you • Pretty much the same as PKI, but without the CA's

  37. Summary PKI used for most of the network, web cryptography used today Imperfect system Many flaws Lots of attacks against this system Only one we have ... thats widely used to date

  38. The End No Lab this Week … Work on the Midterm

More Related