NS10-PublicKeyInfrastructure(PKI)

IT-6302-3

Network SecurityPunjab University College of Information Technology,

University of the Punjab, Pakistan.

Lecture 11 Public Key Infrastructure

IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 2

Lecture Objectives Problems in the Public Key Cryptography

Distribution of Public Keys Public Key Infrastructure (PKI) Components of PKI Digital Certificate

Comparison with a Passport X.509 Format

Difference between CA and RA Digital Certificate Creation Steps CA Hierarchies Self Signed Certificates and Cross-Certifications


PKI


Public Key Cryptography

Key Distribution is easier with Public Key Cryptography

Each Node is responsible for knowing its own private key and all the public keys can be accessible in one place.

But there are problems with Public Keys as well


Problems with the Public Key

Example: If all the Public Keys are published in some Newspaper or in some directory service, how you can be sure that the information is correct?

An Intruder (bad guy),might have overwritten the information in the directory service or taken his own ad in the newspaper.

If the bad guy can trick you into mistaking his public key for Alices, he can impersonate Alice to you.


Public Key Distribution Problem A bad guy creates a key pair (private/public) and

quickly tells the world that the public key he published belongs to Alice

People send confidential stuff to Alice

Alice does not have the private key to read them

Intruder (bad guy) reads Alices messages /


How to verify a Public Key?

Two approaches: Before you use Alices public key, call her or

meet her and check that you have the right one Fingerprint or hash of the key can be

checked on the phone Get someone you already trust to certify that the

key really belongs to Alice By checking for a trusted digital signature

on the key


PKI Provides the Answer

Everyone trusts the root Certificate Authority (Verisign, Thawte, BT etc.)

CA digitally signs keys of anyone having checked their credentials by traditional methods

CA may even nominate others to be CAs, and you would trust them automatically too


Solution of Public key Problem A typical solution for this is to have a trusted node

known as a Certificate Authority (CA) that generates Certificates

Certificates are signed message specifying a name (Alice) and the corresponding Public Key

All nodes need to pre-configured with CAs public key so that they can verify its signatures on certificates.


Public Key Infrastructure A Public Key Infrastructure (PKI) consists of the

components necessary to securely distribute public keys.

Public Key Infrastructure is a combination of software, encryption technologies, and services application that allows users to encrypt and sendinformation securely over a public network.

PKI mainly includes message digests, digital signatures, and encryption services

PKI deals with different issues related to the Digital Certificates (passport on the Web)


PKI Features

User authentication stronger than traditional passwords on servers mechanisms

Digital signing of email and other documents proving the originators identity and faster, more efficient, paper free business processes

Encryption to protect critical email and other data in user-focused manner


Components of PKI


Components of PKI

Digital Certificate Certification Authorities (CAs)Registration Authorities (RAs)Certificate HoldersRepository/DirectoryValidation Server


Digital Certificate


Digital Certificates Digital certificate is a digital document providing

linkage between the public key and the identification data of its owner by the digital signature of a trusted third party

Certificate represents a credential which allows to prove the identity of its owner similarly to the passport or the driving license


Digital Certificates

CertificateAttributesPublic Key ofCertificate holderEncrypted hash of certificate

Certificate Authority


Similarities Between A Passport And A Digital Signature

Passport Entry Corresponding digital certificate entry

Full name Subject name

Passport number Serial number

Valid from Same

Valid to Same

Issued by Issuer name

Photograph and signature Public key


Certification Authority (CA)


Certification Authority

A CA can certify the binding between a public key and the owner.

The function of a Certification Authority (CA) is the production of certificates and revocation lists (Revocation system).

The CA must accept requests for certificates, as well as processing and making results available to the user over the Directory Service.


Registration Authority (RA)


Registration Authority

The RA commonly provides the following services

Accepting and verifying registration information about new users

Generating Keys on the behalf of end users

Accepting and authorizing request for key backup and recovery

Accepting and authorizing the request for certification revocation


Difference Between CA and RA


Difference between CA and RA RA is an intermediate entity between CA and end

user

RA assists the CA in its day-to-day operation

RA cannot issue digital certificate

CA is responsible for certificate management


Difference between CA and RA

End UserEnd User

End UserEnd User

End UserEnd User

Registration AuthorityRegistration Authority(RA)(RA)

Certificate AuthorityCertificate Authority

Highly protected communication

link


Directory


Directory

Directories are databases that stores the copies of certificates issued by CA to facilitate a single-point access for certificate management and distribution (similar to telephone directories)


Directory

It contains information about server, printers, network resources and user personal information

It is X.500/LDAP-compliant, this means directory contain certificates in the X.509 format, and that they provide specific search facilities as specified in the LDAP standards published by the IETF.

Directories may be made publicly available or they may be private to a specific organization .

LDAP: Lightweight Directory Access Protocol


PKI: Used To SupportIdentification and AuthenticationNon-RepudiationIntegrityConfidentiality


Digital Certificate Creation Steps


Digital Certificate Creation Steps

Key Generation

Certificate Creation

Verification

Registration


Step 1: Key Generation


KEY Generation There are two different approaches for key

generation User creates a private and public key pair

using some software. Then user keeps the private key and sends public key along with other information to RA

RA generates a key pair on the behalf of user ( i.e user does not aware of the technicalities or it there is a requirement of centrally generated or distributed keys )


USER GENERATING ITS OWN KEY PAIR

Key GenerationSubject

privateprivate publicpublic

This would beSent to the RA

Keep this secret


RA GENERATING A KEY PAIR ON BEHALF OF THE USER

privateprivate publicpublic

For user X

Key Generation

Private Key for user X

Public Key for user X

Registration Authority


Step 2: Registration


Registration

User sends public key, associated registration information, evidence ( i.e copy of passport or tax statement ) about himself to RA.

Certificate Signing Request (CSR) is a standard format for certificate request


Step 3: Verification


Verification

After the registration process is completed, the RA is responsible to verify the users credentials. This verification is in two respects, as follows.

RA needs to verify the users credentials

RA checks to ensure that user possess the private key corresponding to public key. This check is called Proof Of Possession , this can be done in three ways


Proof Of Possession

RA asks the user to digitally sign the CSR using his private key

RA create a random challenge number, encrypt it with users public key and send the encrypted challenge number to the user. RA then asks the user to decrypt it with its private key

RA generate a dummy certificate, encrypt it with users public key and send it to the user. It then asks the user to decrypt it with its private key


Step 4: Generation of Digital Certificate


Certificate Creation

RA passes on all the details of the user to the CA

CA does its own verification (if required)

CA creates a digital certificate

CA sends the certificate to the users

CA retains a copy of the certificate


Digital CertificateCertificate Serial Number

Issuer Name

ValiditySubject Name

Issuer Unique IdentifierSubject Unique Identifier

CAs Digital Signature

Hash Function (SHA, MD5)

Message Digest

Digital Signature Algo

Digital Signature

This digital signature of CA is stored as the last field of Digital Certificate

privateprivate

CAs Private Key


Digital Certificate

Certificate Serial NumberIssuer Name

ValiditySubject Name

Issuer Unique IdentifierIssuer Unique Identifier

CAs Digital Signature

Hash Function (SHA, MD5)

Message DigestMD1

De-Signing Algo(Decryption)

Digital Signature

publicpublic

Is MD1= MD2

Message DigestMD2

A message digest of all but the last field is created

Yes No

Certificate is Valid Accept it

Certificate is Invalid Reject it

CAs Public Key


SECURITY ISSUES

Drawing by P. Steiner; 1993 The New Yorker magazine, Inc.

On the internet nobody knows who you are


Authentication with Certificates

1. Melinda gets Bills certificate2. She verifies its digital signature

She can trust that the public key really belongs to Bill

But is it Bill standing if front of her, or is that Scott?3. Melinda challenges Bill to encrypt for her a phrase etc.

she just made up (I really need more shoes)4. Bill has, of course, the private key that matches the

certificate, so he responds (*&$^%$&fhsdf*&EHFDhd62^&)

5. Melinda decrypts this with the public key she has in the certificate (which she trusts) and if it matches the phrase she challenged Bill with then it must really be Bill himself!


INTERNET EXPLORER


Management of Public Keys

Certificates X.509 Public Key Infrastructures


Problems with Public-Key Encryption

A way for Trudy to subvert public-key encryption.


Certificates

A possible certificate and its signed hash.


X.509 The basic fields of an X.509 certificate.


Public-Key Infrastructures

(a) A hierarchical PKI. (b) A chain of certificates.


Certificate Hierarchies

To verify the Digital Certificates, the receiver must have to know the Issuer CAs Public Key.

If the CA of Alice and Bob are same, then this is not a problem

But this cannot always be guaranteed Alice and Bob may not have obtained their

certificates from the same CA How can Alice obtain the public Key of the CA of

Bob? To resolve such problems, a Certification

Authority Hierarchy is created. This is also called Chain of Trust


Self Signed Certificate & Cross Certification

Self signed certificate means that a certification authority (e.g. root CA) signs its own certificate

Cross Certification Generally every country appoints its own root

certificate. In real life, CA s are implemented in

decentralized manner. Cross Certification allows CA s and end users

from different PKI domains to interact


Certificate Revocation If your credit card is lost, or if it gets stolen, you

would normally report the loss to the concerned bank. The bank would cancel your credit card

Similarly, the digital certificates can also be revoked


Certificate Revocation Most common reasons can be:

The holder of the digital certificate reports that the private key corresponding to the public key specified in the digital signatures is compromised.

CA realized that it has made some mistake in issuing it

The certificate holder leaves a job and the certificate was issued specifically while the person was employed in that job


References Cryptography and Network Security

By Atul Kahate Designing Network Security

By Cisco Press Cryptography and Network Security

3rd Edition, by William Stallings Mastering Network Secuity

By Chris Brenton and Cameron Hunt Computer Networking A Top-Down Approach Featuring the Internet

2nd Edition, by James F. Kurose and Keith W. Ross http://www.cs.utexas.edu/~shmat/courses/cs378_spring05/cs378_home.html http://emhain.wit.ie/~mcgibney/it4/ http://nas.cl.uh.edu/yang/teaching/csci5931netSecuritySpr05/index.html

Note: Slides are adapted from the companion web sites of referenced books and urls mentioned

Lecture ObjectivesPublic Key CryptographyProblems with the Public KeyPublic Key Distribution ProblemHow to verify a Public Key?PKI Provides the AnswerSolution of Public key ProblemPublic Key InfrastructurePKI FeaturesDifference between CA and RADifference between CA and RADirectoryDirectoryKEY GenerationRegistrationProof Of PossessionAuthentication with CertificatesManagement of Public KeysProblems with Public-Key EncryptionCertificatesX.509Public-Key InfrastructuresCertificate HierarchiesSelf Signed Certificate & Cross CertificationCertificate RevocationCertificate RevocationReferences

NS10-PublicKeyInfrastructure(PKI)

Documents

alices public key

cas public key

public key infrastructureit

public key example

corresponding public

private key

solution of public key

key pair privatepublic