IT-6302-3 Network Security Punjab University College of Information Technology, University of the Punjab, Pakistan. Lecture 11 – Public Key Infrastructure
Nov 16, 2015
IT-6302-3
Network SecurityPunjab University College of Information Technology,
University of the Punjab, Pakistan.
Lecture 11 Public Key Infrastructure
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 2
Lecture Objectives Problems in the Public Key Cryptography
Distribution of Public Keys Public Key Infrastructure (PKI) Components of PKI Digital Certificate
Comparison with a Passport X.509 Format
Difference between CA and RA Digital Certificate Creation Steps CA Hierarchies Self Signed Certificates and Cross-Certifications
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 3
PKI
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 4
Public Key Cryptography
Key Distribution is easier with Public Key Cryptography
Each Node is responsible for knowing its own private key and all the public keys can be accessible in one place.
But there are problems with Public Keys as well
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 5
Problems with the Public Key
Example: If all the Public Keys are published in some Newspaper or in some directory service, how you can be sure that the information is correct?
An Intruder (bad guy),might have overwritten the information in the directory service or taken his own ad in the newspaper.
If the bad guy can trick you into mistaking his public key for Alices, he can impersonate Alice to you.
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 6
Public Key Distribution Problem A bad guy creates a key pair (private/public) and
quickly tells the world that the public key he published belongs to Alice
People send confidential stuff to Alice
Alice does not have the private key to read them
Intruder (bad guy) reads Alices messages /
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 7
How to verify a Public Key?
Two approaches: Before you use Alices public key, call her or
meet her and check that you have the right one Fingerprint or hash of the key can be
checked on the phone Get someone you already trust to certify that the
key really belongs to Alice By checking for a trusted digital signature
on the key
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 8
PKI Provides the Answer
Everyone trusts the root Certificate Authority (Verisign, Thawte, BT etc.)
CA digitally signs keys of anyone having checked their credentials by traditional methods
CA may even nominate others to be CAs, and you would trust them automatically too
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 9
Solution of Public key Problem A typical solution for this is to have a trusted node
known as a Certificate Authority (CA) that generates Certificates
Certificates are signed message specifying a name (Alice) and the corresponding Public Key
All nodes need to pre-configured with CAs public key so that they can verify its signatures on certificates.
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 10
Public Key Infrastructure A Public Key Infrastructure (PKI) consists of the
components necessary to securely distribute public keys.
Public Key Infrastructure is a combination of software, encryption technologies, and services application that allows users to encrypt and sendinformation securely over a public network.
PKI mainly includes message digests, digital signatures, and encryption services
PKI deals with different issues related to the Digital Certificates (passport on the Web)
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 11
PKI Features
User authentication stronger than traditional passwords on servers mechanisms
Digital signing of email and other documents proving the originators identity and faster, more efficient, paper free business processes
Encryption to protect critical email and other data in user-focused manner
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 12
Components of PKI
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 13
Components of PKI
Digital Certificate Certification Authorities (CAs)Registration Authorities (RAs)Certificate HoldersRepository/DirectoryValidation Server
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 14
Digital Certificate
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 15
Digital Certificates Digital certificate is a digital document providing
linkage between the public key and the identification data of its owner by the digital signature of a trusted third party
Certificate represents a credential which allows to prove the identity of its owner similarly to the passport or the driving license
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 16
Digital Certificates
CertificateAttributesPublic Key ofCertificate holderEncrypted hash of certificate
Certificate Authority
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 17
Similarities Between A Passport And A Digital Signature
Passport Entry Corresponding digital certificate entry
Full name Subject name
Passport number Serial number
Valid from Same
Valid to Same
Issued by Issuer name
Photograph and signature Public key
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 18
Certification Authority (CA)
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 19
Certification Authority
A CA can certify the binding between a public key and the owner.
The function of a Certification Authority (CA) is the production of certificates and revocation lists (Revocation system).
The CA must accept requests for certificates, as well as processing and making results available to the user over the Directory Service.
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 20
Registration Authority (RA)
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 21
Registration Authority
The RA commonly provides the following services
Accepting and verifying registration information about new users
Generating Keys on the behalf of end users
Accepting and authorizing request for key backup and recovery
Accepting and authorizing the request for certification revocation
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 22
Difference Between CA and RA
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 23
Difference between CA and RA RA is an intermediate entity between CA and end
user
RA assists the CA in its day-to-day operation
RA cannot issue digital certificate
CA is responsible for certificate management
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 24
Difference between CA and RA
End UserEnd User
End UserEnd User
End UserEnd User
Registration AuthorityRegistration Authority(RA)(RA)
Certificate AuthorityCertificate Authority
Highly protected communication
link
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 25
Directory
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 26
Directory
Directories are databases that stores the copies of certificates issued by CA to facilitate a single-point access for certificate management and distribution (similar to telephone directories)
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 27
Directory
It contains information about server, printers, network resources and user personal information
It is X.500/LDAP-compliant, this means directory contain certificates in the X.509 format, and that they provide specific search facilities as specified in the LDAP standards published by the IETF.
Directories may be made publicly available or they may be private to a specific organization .
LDAP: Lightweight Directory Access Protocol
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 28
PKI: Used To SupportIdentification and AuthenticationNon-RepudiationIntegrityConfidentiality
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 29
Digital Certificate Creation Steps
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 30
Digital Certificate Creation Steps
Key Generation
Certificate Creation
Verification
Registration
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 31
Step 1: Key Generation
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 32
KEY Generation There are two different approaches for key
generation User creates a private and public key pair
using some software. Then user keeps the private key and sends public key along with other information to RA
RA generates a key pair on the behalf of user ( i.e user does not aware of the technicalities or it there is a requirement of centrally generated or distributed keys )
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 33
USER GENERATING ITS OWN KEY PAIR
Key GenerationSubject
privateprivate publicpublic
This would beSent to the RA
Keep this secret
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 34
RA GENERATING A KEY PAIR ON BEHALF OF THE USER
privateprivate publicpublic
For user X
Key Generation
Private Key for user X
Public Key for user X
Registration Authority
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 35
Step 2: Registration
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 36
Registration
User sends public key, associated registration information, evidence ( i.e copy of passport or tax statement ) about himself to RA.
Certificate Signing Request (CSR) is a standard format for certificate request
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 37
Step 3: Verification
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 38
Verification
After the registration process is completed, the RA is responsible to verify the users credentials. This verification is in two respects, as follows.
RA needs to verify the users credentials
RA checks to ensure that user possess the private key corresponding to public key. This check is called Proof Of Possession , this can be done in three ways
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 39
Proof Of Possession
RA asks the user to digitally sign the CSR using his private key
RA create a random challenge number, encrypt it with users public key and send the encrypted challenge number to the user. RA then asks the user to decrypt it with its private key
RA generate a dummy certificate, encrypt it with users public key and send it to the user. It then asks the user to decrypt it with its private key
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 40
Step 4: Generation of Digital Certificate
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 41
Certificate Creation
RA passes on all the details of the user to the CA
CA does its own verification (if required)
CA creates a digital certificate
CA sends the certificate to the users
CA retains a copy of the certificate
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 42
Digital CertificateCertificate Serial Number
Issuer Name
ValiditySubject Name
Issuer Unique IdentifierSubject Unique Identifier
CAs Digital Signature
Hash Function (SHA, MD5)
Message Digest
Digital Signature Algo
Digital Signature
This digital signature of CA is stored as the last field of Digital Certificate
privateprivate
CAs Private Key
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 43
Digital Certificate
Certificate Serial NumberIssuer Name
ValiditySubject Name
Issuer Unique IdentifierIssuer Unique Identifier
CAs Digital Signature
Hash Function (SHA, MD5)
Message DigestMD1
De-Signing Algo(Decryption)
Digital Signature
publicpublic
Is MD1= MD2
Message DigestMD2
A message digest of all but the last field is created
Yes No
Certificate is Valid Accept it
Certificate is Invalid Reject it
CAs Public Key
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 44
SECURITY ISSUES
Drawing by P. Steiner; 1993 The New Yorker magazine, Inc.
On the internet nobody knows who you are
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 45
Authentication with Certificates
1. Melinda gets Bills certificate2. She verifies its digital signature
She can trust that the public key really belongs to Bill
But is it Bill standing if front of her, or is that Scott?3. Melinda challenges Bill to encrypt for her a phrase etc.
she just made up (I really need more shoes)4. Bill has, of course, the private key that matches the
certificate, so he responds (*&$^%$&fhsdf*&EHFDhd62^&)
5. Melinda decrypts this with the public key she has in the certificate (which she trusts) and if it matches the phrase she challenged Bill with then it must really be Bill himself!
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 46
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 47
INTERNET EXPLORER
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 48
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 49
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 50
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 51
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 52
Management of Public Keys
Certificates X.509 Public Key Infrastructures
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 53
Problems with Public-Key Encryption
A way for Trudy to subvert public-key encryption.
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 54
Certificates
A possible certificate and its signed hash.
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 55
X.509 The basic fields of an X.509 certificate.
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 56
Public-Key Infrastructures
(a) A hierarchical PKI. (b) A chain of certificates.
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 57
Certificate Hierarchies
To verify the Digital Certificates, the receiver must have to know the Issuer CAs Public Key.
If the CA of Alice and Bob are same, then this is not a problem
But this cannot always be guaranteed Alice and Bob may not have obtained their
certificates from the same CA How can Alice obtain the public Key of the CA of
Bob? To resolve such problems, a Certification
Authority Hierarchy is created. This is also called Chain of Trust
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 58
Self Signed Certificate & Cross Certification
Self signed certificate means that a certification authority (e.g. root CA) signs its own certificate
Cross Certification Generally every country appoints its own root
certificate. In real life, CA s are implemented in
decentralized manner. Cross Certification allows CA s and end users
from different PKI domains to interact
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 59
Certificate Revocation If your credit card is lost, or if it gets stolen, you
would normally report the loss to the concerned bank. The bank would cancel your credit card
Similarly, the digital certificates can also be revoked
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 60
Certificate Revocation Most common reasons can be:
The holder of the digital certificate reports that the private key corresponding to the public key specified in the digital signatures is compromised.
CA realized that it has made some mistake in issuing it
The certificate holder leaves a job and the certificate was issued specifically while the person was employed in that job
IT-6302-3 Network Security, PUCIT, University of the Punjab, Pakistan 61
References Cryptography and Network Security
By Atul Kahate Designing Network Security
By Cisco Press Cryptography and Network Security
3rd Edition, by William Stallings Mastering Network Secuity
By Chris Brenton and Cameron Hunt Computer Networking A Top-Down Approach Featuring the Internet
2nd Edition, by James F. Kurose and Keith W. Ross http://www.cs.utexas.edu/~shmat/courses/cs378_spring05/cs378_home.html http://emhain.wit.ie/~mcgibney/it4/ http://nas.cl.uh.edu/yang/teaching/csci5931netSecuritySpr05/index.html
Note: Slides are adapted from the companion web sites of referenced books and urls mentioned
Lecture ObjectivesPublic Key CryptographyProblems with the Public KeyPublic Key Distribution ProblemHow to verify a Public Key?PKI Provides the AnswerSolution of Public key ProblemPublic Key InfrastructurePKI FeaturesDifference between CA and RADifference between CA and RADirectoryDirectoryKEY GenerationRegistrationProof Of PossessionAuthentication with CertificatesManagement of Public KeysProblems with Public-Key EncryptionCertificatesX.509Public-Key InfrastructuresCertificate HierarchiesSelf Signed Certificate & Cross CertificationCertificate RevocationCertificate RevocationReferences