1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates

2 PUBLIC-KEY CERTIFICATES-1 What is a certificate?: –A statement claiming some binding of attribute values Why do we need them? –Identifying entities outside of domain –Distributed access control What do they do? –Propagates claims: Certifier makes a claim that can be checked for authenticity and accepted if the recipient believe the claimant to be truthful –Manages trust – distributed trust management

3 X.509v1 CERTIFICATE VERSION SERIAL NUMBER SIGNATURE ALGORIT ISSUER VALIDITY SUBJECT SUBJECT PUB KEY INFO SIGNATURE RSA+MD5, 512 C=US, S=VA, O=GMU, OU=ISE 9/9/99-1/1/1 C=US, S=VA, O=GMU, OU=ISE, CN=Alice RSA, 1024, xxxxxx SIGNATURE

4 PUBLIC-KEY CERTIFICATES For public-key based encryption –sender needs public key of receiver For public-key digital signatures –receiver needs public key of sender To establish an agreement –both need each other’s public keys

5 CERTIFICATE TRUST Acquisition of public key of the issuer to verify the signature –Go to through a certificate chain Whether or not to trust certificates signed by the issuer for this subject

6 PEM CERTIFICATION GRAPH Internet Policy Registration Authority Policy Certification Authorities (PCAs) HIGH ASSURANCE MID-LEVEL ASSURANCE RESIDENTIAL PERSONA Certification Authorities (CAs) Abrams Grover Subjects Grover LEO IPRA MITRE GMU CS Virginia Fairfax Anonymous

7 PUBLIC-KEY CERTIFICATES What is a certificate?: –A statement claiming some binding of attribute values Why do we need them? –Identifying entities outside of domain –Distributed access control What do they do? –Propagate claims: Certifier makes a claim that can be checked for authenticity and accepted if the recipient believe the claimant to be truthful –Manages trust – distributed trust management

8 SECURE ELECTRONIC TRANSACTIONS (SET) CA HIERARCHY Root Brand Geo-Political BankAcquirer CustomerMerchant

9 Certificate Revocation Sometimes, the issuer need to recant certificate –The subject’s attributes have changed –The subject misused the certificate –There are forged certificates Published in a certificate revocation list

10 CRL FORMAT SIGNATURE ALGORITHM ISSUER LAST UPDATE NEXT UPDATE REVOKED CERTIFICATES SIGNATURE SERIAL NUMBER REVOCATION DATE

11 X.509 CERTIFICATES X.509v1 –basic X.509v2 –adds unique identifiers to prevent against reuse of X.500 names X.509v3 –adds many extensions –can be further extended

12 X.509v3 CERTIFICATE INNOVATIONS distinguish various certificates –signature, encryption, key-agreement identification info in addition to X.500 name –internet names: addresses, host names, URLs issuer can state policy and usage –good enough for casual but not for signing checks limits on use of signature keys for further certification extensible –proprietary extensions can be defined and registered attribute certificates –ongoing work

13 X.509v2 CRL INNOVATIONS CRL distribution points indirect CRLs delta CRLs revocation reason push CRLs

14 HIERARCHICAL STRUCTURE Z X Q A Y RST CEGIKMO abcdefghijklmnop

15 HIERARCHICAL STRUCTURE WITH ADDED LINKS Z X Q A Y RST CEGIKMO abcdefghijklmnop

16 TOP-DOWN HIERARCHICAL STRUCTURE Z X Q A Y RST CEGIKMO abcdefghijklmnop

17 FORREST OF HIERARCHIES

18 MULTIPLE ROOT CA’s + INTERMEDIATE CA’s MODEL X Q A R ST CEGIKMO abcdefghijklmnop

19 THE CERTIFICATE TRIANGLE user attributepublic-key X.509 identity certificate X.509 attribute certificate SPKI certificate

20 2-WAY SSL HANDSHAKE WITH RSA Record Protocol Handshake Protocol

21 SINGLE ROOT CA MODEL Root CA abcdefghijklmnop Root CA User

22 SINGLE ROOT CA MULTIPLE RA’s MODEL Root CA abcdefghijklmnop Root CA UserRA UserRA UserRA

23 MULTIPLE ROOT CA’s MODEL Root CA abcdefghijklmnop Root CA User Root CA Root CA Root CA User Root CA User

24 ROOT CA + INTERMEDIATE CA’s MODEL Z X Q A Y RST CEGIKMO abcdefghijklmnop

25 MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X Q A R ST CEGIKMO abcdefghijklmnop

26 MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X Q A R ST CEGIKMO abcdefghijklmnop

27 MULTIPLE ROOT CA’s PLUS INTERMEDIATE CA’s MODEL X Q A R ST CEGIKMO abcdefghijklmnop

28 MULTIPLE ROOT CA’s + INTERMEDIATE CA’s MODEL Essentially the model on the web today Deployed in server-side SSL mode Client-side SSL mode yet to happen

29 SERVER-SIDE MASQUERADING Bob Web browser Web server Server-side SSL Ultratrust Security Services

30 SERVER-SIDE MASQUERADING Bob Web browser Web server Server-side SSL Ultratrust Security Services Mallory’s Web server BIMM Corporation Server-side SSL

31 SERVER-SIDE MASQUERADING Bob Web browser Web server Server-side SSL Ultratrust Security Services Mallory’s Web server Server-side SSL BIMM Corporation Ultratrust Security Services

32 MAN IN THE MIDDLE MASQUERADING PREVENTED Bob Web browser Web server Client-side SSL Ultratrust Security Services Mallory’s Web server BIMM Corporation Client-side SSL Ultratrust Security Services Client Side SSL end-to-end Ultratrust Security Services Bob BIMM Corporation Ultratrust Security Services Bob

33 ATTRIBUTE-BASED CLIENT SIDE MASQUERADING Web browser BIMM.com Web server Client-side SSL Ultratrust Security Services BIMM.com Ultratrust Security Services

34 ATTRIBUTE-BASED CLIENT SIDE MASQUERADING Web browser BIMM.com Web server Client-side SSL Ultratrust Security Services BIMM.com SRPC

35 ATTRIBUTE-BASED CLIENT SIDE MASQUERADING Web browser BIMM.com Web server Client-side SSL Ultratrust Security Services BIMM.com PPC

36 ATTRIBUTE-BASED CLIENT SIDE MASQUERADING Web browser BIMM.com Web server Client-side SSL Ultratrust Security Services BIMM.com SRPC PPC