PKI Future Directions 29 November 2001 Russ Housley RSA Laboratories CS – Class of 1981.

Slides:



Advertisements
Similar presentations
DIGITAL CERTIFICATES Prof. Ravi Sandhu. 2 © Ravi Sandhu PUBLIC-KEY CERTIFICATES reliable distribution of public-keys public-key encryption sender needs.
Advertisements

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.
PKI Introduction Ravi Sandhu 2 © Ravi Sandhu 2002 CRYPTOGRAPHIC TECHNOLOGY PROS AND CONS SECRET KEY SYMMETRIC KEY Faster Not scalable No digital signatures.
Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Chapter 14
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
Certificate Revocation Serge Egelman. Introduction What is revocation? Why do we need it? What is currently being done?
Resource Certificate Profile Geoff Huston, George Michaelson, Rob Loomans APNIC IETF 67.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
1 eID validations services Houcine Bel Mamoune Unit manager eID Technical Drill down Session 7 April 2005.
Network Security Essentials Chapter 4
Donkey Project Introduction and ideas around February 21, 2003 Yuri Demchenko.
1 ISA 562 Information Systems Theory and Practice 10. Digital Certificates.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Public Key Management and X.509 Certificates
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Chapter 9 Deploying IIS and Active Directory Certificate Services
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
DESIGNING A PUBLIC KEY INFRASTRUCTURE
SMUCSE 5349/7349 Public-Key Infrastructure (PKI).
European Signatures versus Global SignaturesRome, 7 April, 2003 EESSI open specifications and interoperability The state of the art in Italy Giovanni Manca.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006 draft-ietf-sidr-res-certs-01 Geoff Huston Rob Loomans George Michaelson.
CN1276 Server Kemtis Kunanuraksapong MSIS with Distinction MCTS, MCDST, MCP, A+
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
Christopher Chapman | MCT Content PM, Microsoft Learning, PDG Planning, Microsoft.
14 May 2002© TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.
1 Lecture 11 Public Key Infrastructure (PKI) CIS CIS 5357 Network Security.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Configuring and Troubleshooting Identity and Access Solutions with Windows Server® 2008 Active Directory®
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.
Configuring Directory Certificate Services Lesson 13.
Certificate revocation list
EuroPKI Antonio Lioy Politecnico di Torino Dip. Automatica e Informatica.
CERTIFICATES. What is a Digital Certificate? Electronic counterpart to a drive licenses or a passport. Enable individuals and organizations to secure.
Cryptography and Network Security Chapter 14 Authentication Fourth Edition by William Stallings Lecture slides by Lawrie Brown Changed and extended by.
Secure Messaging Workshop The Open Group Messaging Forum February 6, 2003.
Module 4 Network & Application Security: Kerberos – X509 Authentication service – IP security Architecture – Secure socket layer – Electronic mail security.
Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian
X.509 Topics PGP S/MIME Kerberos. Directory Authentication Framework X.509 is part of the ISO X.500 directory standard. used by S/MIME, SSL, IPSec, and.
Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Creating and Managing Digital Certificates Chapter Eleven.
Cryptography and Network Security Chapter 14
Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)
Some Technical Issues in PKI Deployment David Chadwick
1 APNIC Trial of Certification of IP Addresses and ASes RIPE October 2005 Geoff Huston.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
1 Certification Issue : how do we confidently know the public key of a given user? Authentication : a process for confirming or refuting a claim of identity.
LDAP for PKI Problems Cannot search for particular certificates or CRLs Cannot retrieve particular certificates or CRLs.
1 Public Key Infrastructure Dr. Rocky K. C. Chang 25 February, 2002.
Pertemuan #8 Key Management Kuliah Pengaman Jaringan.
Cryptography and Network Security
Authentication Applications
Introduction to PKI Novell BrainShare 2002 Tammy Green
کاربرد گواهی الکترونیکی در سیستمهای کاربردی (امضای دیجیتال)
Public-Key Certificates
APNIC Trial of Certification of IP Addresses and ASes
Digital Certificates and X.509
Resource Certificate Profile SIDR WG Meeting IETF 66, July 2006
Presentation transcript:

PKI Future Directions 29 November 2001 Russ Housley RSA Laboratories CS – Class of 1981

2 Outline Background Privilege Management Certification Status Management Protocols Legal and Policy Applications

3 Digital Signing A one-way hash function is used to create a hash of the data to be signed A digital signature is cryptographic transformation of the hash value and the signer’s private key Original Message Originator Private Key Hash Hash Value Sign Signature Value

4 X.509 Certificate Format SERIAL NUMBER v1 or v2 or v3 C=US, S=VA, O=RSA Labs VERSION SIGNATURE ALGORITHM RSA with SHA-1 ISSUER VALIDITY 1/1/01 - 1/1/02 SUBJECT C=US, S=VA, O=RSA Labs CN=Russell Housley SUBJECT PUBLIC KEY INFO RSA, ISSUER UNIQUE ID ACBDEFGH SUBJECT UNIQUE ID RSTUVWXY EXTENSIONS SIGNATURE

5 X.509 CRL Format VERSION SIGNATURE ALGORITHM RSA with SHA-1 v1 or v2 C=US, S=VA, O=RSA Labs ISSUER LAST UPDATE 11/25/01 NEXT UPDATE 12/2/01 REVOKED CERTIFICATES CRL EXTENSIONS SIGNATURE SEQUENCE OF SERIAL NUMBER REVOCATION DATE 9/27/01 CRL ENTRY EXTENSIONS

6 Privilege Management Extensions allow arbitrary information to be bound to the subject identity Should only include an attribute in the identity certificate if it meets two criteria –The CA is authoritative for the attribute –The expected lifetime of the attribute will not increase the likelihood of revocation When these criteria cannot be met, then an attribute certificate should be used instead

7 Attribute Certificate HOLDER v1 or v2 VERSION ISSUER RSA with SHA-1 SIGNATURE ALGORITHM SERIAL NUMBER 11/29/ /30/01 VALIDITY C=US, S=VA, O=RSA Labs ATTRIBUTES ISSUER UNIQUE ID EXTENSIONS SIGNATURE C=US, S=VA,O=RSA Labs, OU=IT SEQUENCE OF ATTRIBUTE TYPE { } (role) SET OF ATTRIBUTE VALUES Administrator

8 Linking Identity Certificates and Attribute Certificates The attribute certificate holder field is a pointer to an identity certificate Two techniques: –Matching subject – Links to any identity certificate for that subject –Matching issuer / serial number pair – Links to a particular certificate

9 Certificate Status Certificate Revocation Lists (CRLs) –Delta CRLs –Sliding Window Delta CRLs –Indirect CRLs Online Certificate Status Protocol (OCSP) –RFC 2560 –Client must build certification path –Irrevocable trust in OCSP responder Delegated Path Validation –Simple Certificate Validation Protocol (SCVP) draft-ietf-pkix-scvp-06, July 2001 –Server builds path and validates it for the client –Irrevocable trust in SCVP responder

10 Sliding Window Delta CRLs In this example, one can fetch the smaller Delta CRL if the cache is current within 36 hours.

11 Indirect CRLs Hierarchical PKI In this example, one can validate the Indirect CRL once, caching information about all of the CAs in the hierarchy. Each certificate issued to a CA contains a CRL Distribution Points extension that points to the Indirect CRL.

12 OCSP Response RESPONDER ID v1 C=US, O=RSA, CN=OCSP1 VERSION PRODUCED AT Z CERTIFICATE ID CERTIFICATE STATUS Good THIS UPDATE Z Z RESPONSE EXTENSIONS SIGNATURE id-MD5, A5CF3378E4BB0012, ED3556A790CC34FF, 2560 NEXT UPDATE SINGLE EXTENSIONS Nonce = 48

13 SCVP Architecture Client SCVP Responder OCSP Responder X.500 Directory LDAP Directory Other … Certificate Yes / No

14 Management Protocols Too many choices … –PKCS #10 [RFC 2314] –Certificate Request Message Format [RFC 2511] –Certificate Management Protocol (CMP) [RFC 2510] –Certificate Management using CMS (CMC) [RFC 2797] –Simple Certificate Enrollment Protocol (SCEP) [Cisco] Need simple, straightforward enrollment –Enable your grandparents to get a certificate and send digitally signed electronic mail … Yet, allow face-to-face registration for high-value electronic commerce –Qualified Certificates [RFC 3039]

15 Legal and Policy Electronic Signatures in Global and National Commerce Act (E-Sign) Health Insurance Portability and Accountability Act (HIPAA) Government Paperwork Elimination Act (GPEA) European Directive 1999/93/EC –Qualified certificates required American Bar Association is updating RFC 2527 –Certificate Policy and Certification Practices Framework

16 Applications Signed documents –ETSI Electronic Signature Format [RFC 3126] –Electronic signature policies [RFC 3125] –XML Digital Signatures [RFC 3075] Time stamping servers –Time-Stamp Protocol (TSP) [RFC 3161] Wireless Applications Protocol (WAP)

17 For More Information Russ Housley