Certificate Revocation Serge Egelman. Introduction What is revocation? Why do we need it? What is currently being done?

Slides:

Advertisements

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Advertisements

A Framework for Distributed OCSP without Responders Certificate

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.

CP3397 ECommerce.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing Basics From the perspective of security or An Introduction to Certificates.

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.

1 eID validations services Houcine Bel Mamoune Unit manager eID Technical Drill down Session 7 April 2005.

Fed/Ed PKI 2008, June Subject Unique Identifier or Equivalent William A. Weems & Mark B. Jones Academic Technology U. Texas Health Science Center at Houston.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Public Key Management and X.509 Certificates

Session 7 – Contents Certificates Public Key Infrastructure

Computer Security: Principles and Practice EECS710: Information Security Professor Hossein Saiedian Fall 2014 Chapter 23: Internet Authentication Applications.

Lecture 23 Internet Authentication Applications

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Slide 1 Many slides from Vitaly Shmatikov, UT Austin Public-Key Infrastructure CNS F2006.

Windows Vista And Longhorn Server PKI Enhancements Avi Ben-Menahem Lead Program Manager Windows Security Microsoft Corporation.

CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.

CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+

CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.

Configuring Active Directory Certificate Services Lesson 13.

Online AAI José A. Montenegro GISUM Group Security Information Section University of Malaga Malaga (Spain) Web:

Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.

1 Lecture 11 Public Key Infrastructure (PKI) CIS CIS 5357 Network Security.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

NENA Development Conference | October 2014 | Orlando, Florida Security Certificates Between i3 ESInet’s and FE’s Nate Wilcox Emergicom, LLC Brian Rosen.

02/22/2005 Joint Seminer Satoshi Koga Information Technology & Security Lab. Kyushu Univ. A Distributed Online Certificate Status Protocol with Low Communication.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Certificates and FIPS 201 Tim Polk March 3, 2006.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.

Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.

Configuring Directory Certificate Services Lesson 13.

Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.

Certificate revocation list

CERTIFICATES. What is a Digital Certificate? Electronic counterpart to a drive licenses or a passport. Enable individuals and organizations to secure.

Module 9: Fundamentals of Securing Network Communication.

Compliance Defects in Public- key Cryptography “ A public-key security system trusts its users to validate each others’s public keys rigorously and to.

15.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Key Management.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

Authentication 3: On The Internet. 2 Readings URL attacks

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian

Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.

Security CNS 4650 Fall 2004 Rev. 2 SSL, SASL, PKI.

Online Certificate Status Protocol ‘OCSP’ Dave Hirose July Outline: What is OCSP? Digital Signatures Certificate Revocation List Technical aspects.

PKI Future Directions 29 November 2001 Russ Housley RSA Laboratories CS – Class of 1981.

Security fundamentals Topic 5 Using a Public Key Infrastructure.

X.509 standard and CA’s operation Certificate path validation Dec. 18, C&IS lab. Vo Duc Liem.

1 Certification Issue : how do we confidently know the public key of a given user? Authentication : a process for confirming or refuting a claim of identity.

1 Public Key Infrastructure Dr. Rocky K. C. Chang 25 February, 2002.

1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.

X509 Web Authentication From the perspective of security or An Introduction to Certificates.

GRID-FR French CA Alice de Bignicourt.

NECTEC-GOC CA A Brief Status Report 13 th APGrid PMA Face-to-Face meeting March 24 th, 2014 Large-Scale Simulation Research Laboratory Information Communications.

Key management issues in PGP

Information Security message M one-way hash fingerprint f = H(M)

کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)

زير ساخت كليد عمومي و گواهي هويت

Digital Certificates and X.509

CS 465 Certificates Last Updated: Oct 14, 2017.

OCSP Requirements GGF13.

Presentation transcript:

Certificate Revocation Serge Egelman

Introduction What is revocation? Why do we need it? What is currently being done?

Huh? Certificates Are:  Identity Personal Corporate  Financial  Overall Security

Why Revoke? Key Compromise Forgotten Passphrase Lost Private Key Stale Keys “PKI is only as secure as the revocation mechanism”

Current Standard Certificate Revocation Lists (CRLs)  Serial Numbers  PEM and DER  Expiration Date  Next Update Date  CA Signed  Should Be Publically Available.

Obtaining CRLs

Certificate Revocation List (CRL): Version 1 (0x0) Signature Algorithm: md5WithRSAEncryption Issuer: /C=US/O=RSA Data Security, Inc./OU=Secure Server Certification Authority Last Update: Jan 22 11:00: GMT Next Update: Feb 5 11:00: GMT Revoked Certificates: Serial Number: E0F79E9034FDD3D176DBB83A05 Revocation Date: Apr 2 15:03: GMT Serial Number: E434C44813CFCA5A829BF Revocation Date: Sep 17 23:48: GMT Serial Number: 0104C6A B92A015D F Revocation Date: May 15 22:03: GMT

What Are The Problems? CDP Not Specified! CDP Optional! Next Update in Two Weeks!

Among All CAs! CDP Protocols: CA NameCDP Protocol EntrustHTTP/LDAP GeoTrustHTTP GlobalSignHTTP GTE CyberTrust HTTP IPSCAHTTP Thawte VerisignHTTP

Among All CAs! CRL Lifecycles: CA NameCRL Lifecycle EntrustDaily GeoTrust10 Days GlobalSign30 Days GTE CyberTrust6 Months IPSCA30 Days Thawte30 Days Verisign14 Days

CA Market Share

There Must Be Another Way! Online Certificate Status Protocol (RFC 2560) Real-Time Three Responses Burden Moved to Server

OCSP OCSP Servers:  CA Run  CA Delegated  Trusted Third Parties Client Knows Server Address Client Sends Serial Number Server Sends Signed Response

The Next Problem Knowing Location of Server! System Is Useless So What Can We Do?

A Solution The DNS System  Referrals  Client Only Needs Address of Any Server!  Authority is Delegated The Service Locator Extension  Specifics Undefined  Not Currently Being Used Signed Response  Local Responder or CA Key

So What? OCSP Can Mimic DNS  Local Responders  Authoritative Responders  Root OCSP Servers  Nothing Known About Authoritative Responder!

Key Points Every PKI Needs Revocation! CRLs Bad! OCSP Good!

Conclusion Terrorist, Terrorist, Terrorist 9/11, 9/11 God Bless America

References Ron Rivest, Can We Eliminate Certificate Revocation Lists?, Financial Cryptography, Patrick McDaniel and Aviel Rubin, A Reponse to “Can We Eliminate Certificate Revocation Lists?,” Financial Cryptography, Serge Egelman, Josh Zaritsky, and Anita Jones, Improved Certificate Revocation with OCSP. M. Myers, R. Ankney, A. Malpani, S. Galperin, and C. Adams, X.509 Internet Public Key Infrastructure: Online Certificate Status Protocol (OCSP), IETF RFC R. Housley, W. Polk, W. Ford, and D. Solo, Internet X.509 Public Key Infrastructure Certificate and CRL Profile, IETF RFC 2459.

Questions?