20-763 ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems 20-763 Lecture 6 Digital Certificates.

Slides:



Advertisements
Similar presentations
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Advertisements

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Copyright © 1999, Financial Services Technology Consortium. All rights reserved. FSML and Echeck Milton M. Anderson Financial Services Technology Consortium.
Design of E-Check System Date : Apr. 11, 2001 Course Title : Computer Security and Electronic Payment System Team Members : 최미진, 김민지, 박정호, 전우석.
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Public Key Management and X.509 Certificates
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 7 Digital Certificates.
ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
ELECTRONIC PAYMENT SYSTEMS SPRING 2004 COPYRIGHT © 2004 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6: Digital Certificates.
ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
ELECTRONIC PAYMENT SYSTEMSFALL 2001COPYRIGHT © 2001 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Epayment Security II.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Security Management.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Computer Science Public Key Management Lecture 5.
Controller of Certifying Authorities PKI Technology - Role of CCA Assistant Controller (Technology) Controller of Certifying Authorities Ministry of Communications.
INTRODUCTION Why Signatures? A uthenticates who created a document Adds formality and finality In many cases, required by law or rule Digital Signatures.
Chapter 31 Network Security
Supporting Technologies III: Security 11/16 Lecture Notes.
Lecture 12 Electronic Business (MGT-485). Recap – Lecture 11 E-Commerce Security Environment Security Threats in E-commerce Technology Solutions.
Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.
Secure Electronic Transaction (SET)
ECE454/599 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2012.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
E-Commerce Security Professor: Morteza Anvari Student: Xiaoli Li Student ID: March 10, 2001.
Configuring Directory Certificate Services Lesson 13.
Digital Signatures A Brief Overview by Tim Sigmon April, 2001.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
CERTIFICATES. What is a Digital Certificate? Electronic counterpart to a drive licenses or a passport. Enable individuals and organizations to secure.
King Mongkut’s University of Technology Faculty of Information Technology Network Security Prof. Reuven Aviv 6. Public Key Infrastructure Prof. R. Aviv,
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
DIGITAL SIGNATURE. GOOD OLD DAYS VS. NOW GOOD OLD DAYS FILE WHATEVER YOU WANT – PUT ‘NA’ OR ‘-’ OR SCRATCH OUT FILE BACK DATED, FILE BLANK FORMS, FILE.
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
ELECTROINC COMMERCE TOOLS Chapter 6. Outline 6.0 Introduction 6.1 PUBLIC KEY INFRASTRUCTURE (PKI) AND CERTIFICATE AUTHORITIES (CAs) TRUST
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
31.1 Chapter 31 Network Security Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display.
Network Security Lecture 27 Presented by: Dr. Munam Ali Shah.
Public Key Infrastructure (PKI) Chien-Chung Shen
Security fundamentals Topic 5 Using a Public Key Infrastructure.
Network Security Continued. Digital Signature You want to sign a document. Three conditions. – 1. The receiver can verify the identity of the sender.
Key Management. Authentication Using Public-Key Cryptography  K A +, K B + : public keys Alice Bob K B + (A, R A ) 1 2 K A + (R A, R B,K A,B ) 3 K A,B.
 Attacks and threats  Security challenge & Solution  Communication Infrastructure  The CA hierarchy  Vehicular Public Key  Certificates.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Security Outline Encryption Algorithms Authentication Protocols
Message Digest Cryptographic checksum One-way function Relevance
Presentation transcript:

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Electronic Payment Systems Lecture 6 Digital Certificates

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Outline Trust infrastructures Identity documents Digital certificates Certificate hierarchy Certification chains Remote authentication Public key infrastructure (PKI)

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Trust Infrastructures OS (Windows, Linux, BSD…) Device (BIOS, CPU, Video/Audio, Storage) User (Biometrics, smart cards, digital signatures) Applications (Virus checkers, code authentication) Server (Secure , SSL) Content (Copy/tamper protection, document authentication) Network (VPNs, firewalls, proxy servers, intrusion detectors) Enterprise (Central management procedures) External organization (Gov’t agency, CA)

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Identity Documents What is an identity document? (Passport, birth certificate, driver’s license) –A piece of paper –Issued by a trusted third party –With information verifying the identity of the holder An identity document is useless unless the holder can be CHALLENGED to demonstrate that he is the person named in the document –Photograph –Signature –Fingerprint

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Digital Certificate A digital identity document binding a public-private key pair to a specific person or organization Verifying a digital signature only proves that the signer had the private key corresponding to the public key used to decrypt the signature Does not prove that the public-private key pair belonged to the claimed individual We need an independent third party to verify the person’s identity (through non-electronic means) and issue a digital certificate

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Digital Certificate Contents Name of holder Public key of holder Name of trusted third party (certificate authority) DIGITAL SIGNATURE OF CERTIFICATE AUTHORITY Data on which hash and public-key algorithms have been used Other business or personal information

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS X.509 Version 2 Certificate SOURCE: FORD & BAUM, SECURE ELECTRON IC COMMERCE VERSION # OF X.509 UNIQUE # ASSIGNED BY CA EXAMPLES: MD5RSA, sha1RSA USUALLY A DOMAIN NAME EXAMPLES: RSA

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Digital Certificate Verification Do I trust the CA? (Is it in my list of trust root certification authorities?) Is the certificate genuine? –Look up the CA’s public key; use it to decrypt the signature –Compute the certificate’s hash; compare with decrypted sig Is the holder genuine? This requires a challenge If the holder is genuine, he must know the private key corresponding to the pubic key in the certificate Having the certificate is not enough. (They are exchanged over the Internet all the time) Send him a nonce (random 128-bit number)

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Challenge by Nonce If you’re really Shamos, you must know his private key So please encrypt this nonce: “A87B1003 9F60EA46 71A837BC 1E07B371” When the answer comes back, decrypt it using the public key in the certificate If the result matches, the remote user knew the correct private key Never use the same nonce twice

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS ISO X.500 Directory Standard RDN: RELATIVE DISTINGUISHED NAME O: ORGANIZATION C: ISO COUNTRY CODE CN: COMMON NAME EACH RDN MAY HAVE ATTRIBUTES STANDARD FOR HIERARCHICAL DIRECTORIES SOURCE: XCERT.COMXCERT.COM

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Certification Hierarchy What happens if you don’t recognize the CA in a certificate or it is not a trusted CA? Suppose CA1 has a certificate issued by trusted CA2? You may choose to trust CA1

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS RCA : Root Certificate Authority BCA : Brand Certificate Authority GCA : Geo-political Certificate Authority CCA : Cardholder Certificate Authority MCA : Merchant Certificate Authority PCA : Payment Gateway Certificate Authority Certificate Authority Hierarchy RCA BCA GCA CCAMCA PCA CERTIFICATE ISSUANCE Root CA issues its own certificate!

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Certification Chains SOURCE: FORD & BAUM, SECURE ELECTRON IC COMMERCE X.500 Name Directory similar to domain naming Children have unique relative names

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Certification Paths Alice has a certificate issued by authority D To verify Alice’s certificate, Bob needs the public key of authority D (to decrypt D’s signature on the certificate) How does Bob get it so he is sure it is really the public key of D? This is another verification problem. Solution: Alice sends Bob a certification path, a sequence of certificates leading from her authority D to Bob. The public key of D is in D’s certificate (D’s certificate is not enough for verification since Bob may not know D’s certification authority G)

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Certification Paths ALICE BOB CERTIFICATE ISSUED BY D D > CERTIFICATE ISSUED BY F F > ALICE WILL TRUST ANY PARTY TRUSTED BY D CERTIFICATION PATH: D >, G >, J >, H >, F > CERTIFICATION AUTHORITY END USER = = “REVERSE” CERTIFICATE D TRUSTS G G TRUSTS J J TRUSTS H H TRUSTS FF TRUSTS B ALICE NOW HAS (AND TRUSTS) BOB’S CERTIFICATE SOURCE: SILVASILVA AND STANTON

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Notation { A, B, C, D } means strings A, B, C and D concatenated together SK SENDER ( A ) means string A encrypted with SENDER’s secret (private) key PK BANK ( B ) means string B encrypted with BANK’s public key H(A) means one-way hash of string A

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Remote Authentication B sends a certificate to A (A now knows B’s public key) A constructs an authentication token M = ( T A, R A, I B, d ) A sends B the message ( B  A, SK A { M } ) B obtains A’s public key PK A, trusted because of B  A B recovers M by using PK A to decrypt SK A { M } TIMESTAMP NONCE TO PREVENT REPLAY ATTACK ID OF B DATA TO BE SIGNED A’S CERTIFICATION PATH INCLUDING A’S CERTIFICATE AUTHENTICATION TOKEN ENCRYPTED WITH A’S PRIVATE KEY (ONLY A CAN DO THIS)

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Authentication B checks I B to make sure he is the intended recipient B verifies that the timestamp T a is current B verifies that R A has not been used before (no replay) B knows A’s certificate really belongs to A since only A could have encrypted M with SK A B can send A an authentication token so A will know that B is authentic AT THIS POINT, B HAS AUTHENTICATED A. THIS IS “ONE-WAY AUTHENTICATION” IF A AND B AUTHENTICATE EACH OTHER, WE HAVE “TWO-WAY AUTHENTICATION”

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Public Key Infrastructure (PKI) Digital certificates alone are not enough to establish security –Need control over certificate issuance and management Certification authorities issue certificates Who verifies the identify of certification authorities? Naming of entities Certification Practice Statement Certificate Revocation List The metafunctions of certificate issuance form the Public Key Infrastructure

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Certification Practice Statement Satement by a CA of the policies and procedures it uses to issue certificates CA private keys are on hardware cryptomodules View Verisign Certification Practice StatementCertification Practice Statement INFN (Istituto Nazionale di Fisica Nucleare ) CPSCPS LITRONIC 440 CIPHERACCELERATOR IBM S/390 SECURE CRYPTOGRAPHIC MODULE CHRYSALIS LUNA CA3 TRUSTED ROOT KEY SYSTEM

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Certificate Revocation List Online list of revoked certificates View Verisign CRLCRL Verisign CRL usage agreementusage agreement

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Functions of a Public Key Infrastructure (PKI) Generate public/private key pairs Identify and authenticate key subscribers Bind public keys to subscriber by digital certificate Issue, maintain, administer, revoke, suspend, reinstate, and renew digital certificates Create and manage a public key repository

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Corporate PKI Components SOURCE: INFOSEC ENGINEERING

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Payee Electronic Checkbook Payer Endorsement Check Payee’s Bank credit account Accounts Receivable Payer’s Bank debit account Clear and settle echeck Invoice Electronic Checkbook Deposit or WWW Signature Certificates Signature Certificates Invoice Check Signature Certificates Accounts Payable Invoice Check Signature Certificates eCheck Structure

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS public key references check payer’s signature action payer’s account payer’s cert attachment invoice payer’s bank’s signature payer’s bank’s cert Check public key references signatures endorsement endorser’s signature action endorser’s account endorser’s cert endorser’s bank’s signature endorser’s bank’s cert Endorsement public key references signatures deposit depositor’s signature action depositor’s account depositor’s cert depositor’s bank’s signature depositor’s bank’s cert Deposit signatures eCheck Signatures & Endorsement

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS 1. Sales contact Customer Marketing and sales 2. Account agreement and customer data Bank echeck server Bank Certification Authority 7. X.509 certificates and account blocks 12. CRL 11. Account activation 10. Card sent notification 5. Public key, certificate request, account block request 6. X.509 certificates, account block Card initialization Bank account administrative systems 8. PIN mailer 9. Electronic checkbook, smart card reader, software, instructions 4. Electronic checkbook issuance instructions 3. Echeck account information eCheckbook Distribution & PKI

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Major Ideas Digital certificate is a digital identity document issued by a trusted third party Digital signatures alone do not prove identity The holder of a certificate must be challenged to prove he knows the correct private key Certificate authorities form trust hierarchies Certification paths lead from sender to recipient, allowing verification of the trust relationship How crucial are certificates to secure eCommerce?

ELECTRONIC PAYMENT SYSTEMSFALL 2002COPYRIGHT © 2002 MICHAEL I. SHAMOS Q A &

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.