Public Key Distribution and X.509 Wade Trappe. Distribution of Public Keys There are several techniques proposed for the distribution of public keys:

Slides:



Advertisements
Similar presentations
Chapter 14 – Authentication Applications
Advertisements

NETWORK SECURITY.
CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Chapter 14
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Public Key Infrastructure (PKI)
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Essentials Chapter 4
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Public Key Management and X.509 Certificates
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Computer Security Key Management
1 Authentication Applications Digital Signatures Security Concerns X.509 Authentication Service Kerberos Based on slides by Dr. Lawrie Brown of the Australian.
Cryptography1 CPSC 3730 Cryptography Chapter 10 Key Management.
Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution of public keys –use of public-key.
Kemal AkkayaWireless & Network Security 1 Department of Computer Science Southern Illinois University Carbondale CS 591 – Wireless & Network Security Lecture.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Key Distribution CS 470 Introduction to Applied Cryptography
Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.
Computer Science Public Key Management Lecture 5.
Chapter 5 Digital Signatures MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI 1.
Secure Electronic Transaction (SET)
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Key Management and Diffie- Hellman Dr. Monther Aldwairi New York Institute of Technology- Amman Campus 12/3/2009 INCS 741: Cryptography 12/3/20091Dr. Monther.
Lecture 23 Internet Authentication Applications modified from slides of Lawrie Brown.
Chapter 23 Internet Authentication Applications Kerberos Overview Initially developed at MIT Software utility available in both the public domain and.
Overview of Key Establishment Techniques: Key Distribution, Key Agreement and PKI Wade Trappe.
10. Key Management. Contents Key Management  Public-key distribution  Secret-key distribution via public-key cryptography.
1 Authentication Applications Behzad Akbari Fall 2010 In the Name of the Most High.
Cryptography and Network Security Chapter 14 Authentication Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed and extended by.
Module 4 Network & Application Security: Kerberos – X509 Authentication service – IP security Architecture – Secure socket layer – Electronic mail security.
KERBEROS. Introduction trusted key server system from MIT.Part of project Athena (MIT).Developed in mid 1980s. provides centralised private-key third-party.
Fall 2010/Lecture 321 CS 426 (Fall 2010) Key Distribution & Agreement.
KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT; OTHER PUBLIC-KEY CRYPTOSYSTEMS - Chapter 10 KEY MANAGEMENT DIFFIE-HELLMAN KEY.
Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Lecture 25 Presented by: Dr. Munam Ali Shah.
1 Chapter 10: Key Management in Public key cryptosystems Fourth Edition by William Stallings Lecture slides by Lawrie Brown (Modified by Prof. M. Singhal,
Cryptography and Network Security Chapter 14
Using Public Key Cryptography Key management and public key infrastructures.
Key Management Network Systems Security Mort Anvari.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Lecture 11 Overview. Digital Signature Properties CS 450/650 Lecture 11: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 Certification Issue : how do we confidently know the public key of a given user? Authentication : a process for confirming or refuting a claim of identity.
Lecture 9 Overview. Digital Signature Properties CS 450/650 Lecture 9: Digital Signatures 2 Unforgeable: Only the signer can produce his/her signature.
Fall 2006CS 395: Computer Security1 Key Management.
1 Chapter 3-3 Key Distribution. 2 Key Management public-key encryption helps address key distribution problems have two aspects of this: –distribution.
Key Management and Distribution Anand Seetharam CST 312.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Key Management and Distribution
Computer and Network Security
Cryptography and Network Security
KERBEROS.
Authentication Applications
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
Public Key Infrastructure
Cryptography and Network Security Chapter 14
Digital Certificates and X.509
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
刘振 上海交通大学 计算机科学与工程系 电信群楼3-509
Presentation transcript:

Public Key Distribution and X.509 Wade Trappe

Distribution of Public Keys There are several techniques proposed for the distribution of public keys: –Public announcement –Publicly available directory –Public key authority –Public key certificates

Public Announcement Idea: Each person can announce or broadcast their public key to the world. Example: People attach their PGP or RSA keys at the end of their s. Weakness: –No authenticity: Anyone can forge such an announcement –User B could pretend to be User A, but really announce User B’s public key.

Public Directory Service Idea: Have a public directory or “phone book” of public keys. This directory is under the control/maintenance of a trusted third party (e.g. the government). Involves: –Authority maintains a directory of {name, PK} –Each user registers public key. Registration should involve authentication. –A user may replace or update keys. –Authority periodically publishes directory or updates to directory. –Participants can access directory through secure channel. Weaknesses: –If private key of directory service is compromised, then opponent can pretend to be directory service. –Directory is a single point of failure.

Public Key Authority Idea: More security is achieved if the authority has tighter control over who gets the keys. Assumptions: –Central authority maintains a dynamic directory of public keys of all users. –Central authority only gives keys out based on requests. –Each user knows the public key of the authority. Weaknesses: –Public Key Authority is a single point of failure. –User has to contact PK Authority, thus the PK Authority can be a bottleneck for service.

Public Key Authority, protocol PK Auth A B Step 1 Step 2 1. A Sends: {Request || Time1} 2. PK Auth: E dAuth [ e B || {Request || Time1}] Step 3 Step 6 3. A Sends B: E eB (ID A ||N 1 ) Step 7 4 and 5. B does steps 1 and B Sends: E eA (N 1 ||N 2 ) Step 4 Step 5 7. A Sends: E eB (N 2 )

Public Key Certificates Idea: Use certificates! Participants exchange keys without contacting a PK Authority in a way that is reliable. Certificates contain: –A public key (created/verified by a certificate authority). –Other information. Certificates are given to a participant using the authority’s private key. A participant conveys its key information to another by transmitting its certificate. Other parties can verify that the certificate was created/verified by the authority. Weakness: –Requires secure time synchronization.

Public Key Certificates, overview Cert Auth A B Give e A securely to CA CertA = E dAuth {Time1||ID A ||e A } CertA Cert B Securely give e B to CA CertB = E dAuth {Time2||ID B ||e B } Requirements: Any participant can read a certificate to determine the name and public key of the certificate’s owner. Any participant can verify that the certificate originated from the certificate authority and is not counterfeit. Only the certificate authority can create and update certificates. Any participant can verify the currency of the certificate.

X.509 PK Certificates X.509 is a very commonly used public key certificate framework. The certificate structure and authentication protocols are used in: –IP SEC –SSL –SET X.509 Certificate Format: –Version 1/2/3 –Serial is unique within the CA –First and last time of validity Version Cert Serial # Algorithm & Parms Issuer Name Validity Time: Not before/after Subject Name PK Info: Algorithm, Parms, Key... Signature (w/ hash)

X.509 Certificate Chaining Its not feasible to have one CA for a large group of users. Suppose A knows CA X 1, B knows CA X 2. If A does not know X 2 ’s PK then Cert X2 (B) is useless to A. If X1 and X2 have certified each other then A can get B’s PK by: –A obtains CertX1(X2) –A obtains CertX2(B) –Because B has a trusted copy of X2’s PK, A can verify B’s certificate and get B’s PK. Certificate Chain: –{CertX1(X2)|| CertX2(B)} Procedure can be generalized to more levels. AB X1X1 X2X2 {Cert X1 (X2)|| Cert X2 (B)} Cert X1 (X2) Cert X2 (X1)