A Method for Detecting the Exposure of an OCSP Responder ’ s Session Private Key in D-OCSP-KIS Euro PKI 2005 Younggyo Lee, Injung Kim, Seungjoo Kim, Dongho Won Sungkyunkwan University, Korea Electronics and Telecommunication Research Institute, Korea
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 2 /15 PKI (Public Key Infrastructure) Widespread and strong technology Provides the security (integrity, authentication, non- repudiation) Main idea digital certificate Binding an entity’s identity information and his public key Digitally signed by CA (Certificate Authority) Needs CSI (Certificate Status Information) Information whether the certificate is revoked or not Entity makes a request to CA for revoking Entity’s private key is compromised Entity’s identity information is changed Etc. CA gathers a list of information about revoked certificates and issues the certificate revocation information periodically.
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 3 /15 CRLs (Certificate Revocation Lists) The most well-known method for CSI Simplicity High communication costs (user CA’s Repository) and storage spaces for storing In order to reduce the size of certificate revocation list and communication costs Several methods have been suggested nowadays Delta CRL CRL DPs (Distributed Points) Over-issued CRLs Indirect CRLs Dynamic CRL DPs Freshest CRLs CRTs (Certificate Revocation Trees) NOVOMODO Authenticated Directory
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 4 /15 OCSP (Online Certificate Status Protocol) On-line certificate status service Services very timely CSI to client or user High communication costs and storage spaces are not required Good(0), revoked(1), unknown(?) OCSP Responder : 1, OCSP clients : n If the CSI requests are centralized to OCSP Responder risk of DoS attacks If the OCSP Responder pre-produce a signed value for responses in a short time possibility of replay attacks For reducing the overload of 1 OCSP Responder, D-OCSP is introduced Single OCSP : T-OCSP (Traditional OCSP) Multiple OCSP : D-OCSP (Distributed OCSP)
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 5 /15 D-OCSP (Distributed-OCSP) On-line certificate status service with n-server Reduces the overload of T-OCSP Can service the more CSI than T-OCSP to client in same time Each OCSP Responder have the same private key possibility of OCSP Responder’s private key is very high Therefore, each OCSP Responder have a different private key generally Clients must have all of the OCSP Responder’s certificate increase of communication costs increase of storage consumption For solving the problems, the method of single public key was proposed in D-OCSP-KIS
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 6 /15 D-OCSP-KIS and D-OCSP-IBS D-OCSP-KIS (Distributed OCSP based on Key-Insulated Signature) Proposed by Koga and Sakurai Each OCSP Responder has a different private key But they all have the same public key The length of the single public key is in proportion to the number of OCSP Responder Services the certificate status information of OCSP Responder using hash value Cert Res is modified D-OCSP-IBS (Distributed OCSP based on Identity-Based Signature) Proposed by Yum and Lee The length of the single public key is constant and short
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 7 /15 D-OCSP-KIS and its analysis The concept of D-OCSP-KIS a CA, n-OCSP Responders and a client uses a one-way hash function H satisfying the following properties H operation is at least 10,000 times faster in computation than a digital signature operation. H produces 20-byte outputs, no matter how long its inputs are; and It is too hard to find X such that H(X)=Y. Finding this solution is practically impossible SK 1 CA ……… Client CA’s certificate responder’s certificate … X 1,t X n,t SK n response + X 1,t Responder 1 Responder n
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 8 /15 D-OCSP-KIS and its analysis (Continued) Issuance of OCSP Responder's certificate T is total number of time periods in days (ex : T is 365 if each OCSP Responder’s certificate expires 365 days after issuance) CA produces T-hash values using H Let n be the total number of OCSP Responders. The CA repeatedly produces n hash-chains as different input value X T,i The CA issues the OCSP Responder's certificate C res as follows by using its own private key Status validation of OCSP Responder's private key The CA delivers the hash value X t,i to OCSP Responder i, if OCSP Responder i's private key Sk i is valid in period t When the OCSP Responder i returns the response to the client in period t, it also delivers the hash value X t,i to the client When the client receives the response, she verifies the digital signature using PK res. Then the client can check the status validation of the OCSP Responder's private key using the hash value X t,i received and X 1,i contained in certificate
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 9 /15 D-OCSP-KIS and its analysis (Continued) Analysis of D-OCSP-KIS Possibility of distributing wrong hash values Suppose that an OCSP Responder's session private key is compromised by an attacker accidentally and securely in a time period (e.g., one day) The OCSP Responder cannot request the revocation to the CA So the CA will distribute to the OCSP Responder the wrong hash value that validates the certificate status in spite of the compromise of the session private key Additional load on CA The CA computes and stores the X-chains at each time interval such as in Table And the CA distributes the hash values to each OCSP Responder at the beginning of each period Because the CA has a basic mission (such as certificate issue and revocation, CRL publishing, etc), the generating, storing and distributing (most critical) of these hash values are additional loads on the CA Time interval1 day1 hour1 minute15 seconds1 second To 1 OCSP Responder Computation costs of hash chain 365 hashings8,760 hashings525,600 hashings2,102,400 hashings31,536,000 hashings Storing X-chain7.3 K bytes175.2 K bytes10.3 M bytes41 M bytes616 M bytes Distribution times of hash values 365 times8,760 times525,600 times2,102,400 times31,536,000 times To 1000 OCSP Responders Computation costs of hash chain 365,000 hashings8,760,000 hashings525,600,000 hashings2,102,400,000 hashings31,536,000,000 hashings Storing X-chain7.13 M bytes M bytes10.06 G bytes40.04 G bytes G bytes Distribution times of hash values 365,000 times8,760,000 times525,600,000 times2,102,400,000 times31,536,000,000 times
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 10 /15 D-OCSP-KIS and its analysis (Continued) Analysis of D-OCSP-KIS (Continued) No detection of exposure of OCSP Responder's session private key An attacker steals an OCSP Responder R i 's session private key secretly in period t She can acquire the hash value X t,i easily and cannot derive any other OCSP Responder's private keys because she cannot obtain SK* She cannot derive the hash value X t+1,i (H(X t+1,i ) = X t,i ) because H is a one-way function Therefore, she cannot cheat the clients after period t However, if the OCSP Responder R i cannot recognize the fact that its session private key has been stolen in period t, she can masquerade as the OCSP Responder until all the periods are finished She can offer the wrong OCSP responses to clients, servers and users of E-commerce It can cause serious confusion and damage to them
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 11 /15 Proposed method Requirements Let n be the total number of OCSP Responders and m be the total number of clients. In general, n is much less than m (n << m) Suppose that the end user gets the CSI service through the client Suppose that the client gets the CSI service from the OCSP Responder after registration with the CA Computation of hash values for each OCSP Responder Let K be the total number of signature uses by an OCSP Responder. (ex, K is 10,000 if each OCSP Responder's certificate expires after 10,000-signing operations for responses) Thus, the certificate of the OCSP Responder is expired after 10,000-signature operations. The OCSP Responder can produce the hash value X K using H as follows The OCSP Responder repeatedly produces m hash-chains as different input values X j,0 for m clients ……… client 1 CA’s certificate Responder’s certificate … X 1,1,K …X 1,m,K SK 1 SK n X n,1,K …X n,m,K client m X 1,1,K …X n,1,K X 1,m,K …X n,m,K …….… Responder nResponder 1 CA < Computation of hash value and issuance of OCSP Responder's certificate >
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 12 /15 Proposed method (Continued) Computation of hash values for each OCSP Responder (Cont’) Each OCSP Responder repeatedly produces n × m hash-chains as different input values X i,j,0 X i,j,k denotes the hash value of time k computed in OCSP Responder i for distribution to client j Each OCSP Responder stores the input values of X i,1,0,...,X i,m,0 and all intermediate hash values and sends all the final hash values of X i,1,K,...,X i,m,K to the CA, securely Issuance of OCSP Responder's certificate by a CA The CA gathers X i,1,K,...,X i,m,K from each OCSP Responder and issues m OCSP Responder's certificates C clientj for distribution to the clients by using its own private key SN is the serial number of the certificate and V represents the validity period. I and S denote the issuer and subject of the certificate Then, the hash values included in each certificate are different from each other In OCSP Responder 1 In OCSP Responder j In OCSP Responder n Certificate for client 1 Certificate for client m
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 13 /15 Proposed method (Continued) Status validation of OCSP Responder's private key by the client When OCSP Responder i returns the response to the client j, she also delivers the hash value X i,j,k to the client When the client j receives the response from the OCSP Responder i, she verifies the digital signature using the OCSP Responder's public key PK res. Then the client can check the status validation of the OCSP Responder's private key using the hash value X i,j,k received in the response and X i,j,K contained in the OCSP Responder's certificate. ……… Client CA’s certificate SK 1 SK n response + X 1,j,k CA response + X n,j,k Responder 1 Responder n At the first response to client j At the k-th response to client j At the last response to client j At the first response At the k-th response At the last response < Status validation of OCSP Responder's private key >
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 14 /15 Proposed method (Continued) Detection procedure of OCSP Responder's session key's exposure by the client 1. The client performs 1-hashing operation using the hash value X i,j,k included in the response, sets X temp to the hash value, and increments the counter C now by 1 X temp H(X i,j,k ) C now C now The client then compares X temp with X i,j,K contained in the OCSP Responder i's certificate. If this holds, goto step 3. Otherwise, the client sets X i,j,k to X temp and goto step 1 X i,j,k X temp 3. The counter C now is compared with C before. If the following condition C now C before+1 is satisfied, then the client accepts the response and goto step 4. Otherwise, he rejects the response because of recognizing the exposure of the session private key and the abuse of the hash value 4. After setting C before to C now and C now to 0, the client proceeds to perform step 1 C before C now C now 0
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 15 /15 Characteristics and comparisons Detection of the exposure of session private key and hash value Usage times of OCSP Responder's private key Decreasing of CA's Load Traditional D-OCSPD-OCSP-KISProposal Structure of Res’s Cert.maintainmodify (+20n byte) The number of Res’s Cert. acquired in clientn11 The number of signing for issuring Res’s Cert. in CAn1m Structure of responsemaintainmodify (+ 60 byte)modify (+ 40 byte) Addition of passes-n x T (at beginning of period)m (at initial) Computation costs of Res’s certificate status in clientonline or offline t-hash computation (average:365/2) k-hash computation (average:10,000/2) Usage period of certificate365 days 10,000 times (more or less is possible) Detection of Res’s private key exposure X XO CA’s load-highmedium
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 16 /15 Conclusion We have proposed a method that can immediately detect the exposure of the OCSP Responder's session private key and the abuse of the hash value in D- OCSP-KIS. The hash values are only used one time and the load for computation of the X- chain in the CA is distributed to each OCSP Responder. The method decreases the additional load to the CA. Our future work is to increase the usage time of the OCSP Responder's private key and to decrease the number of hash function operation for the status validation.
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 17 /15 Question and Answer
A Method for Detecting the Exposure of an OCSP Responder’s Session Private Key in D-OCSP-KIS p. 18 /15 Question and Answer