Allowed uses of Public Keys Jim Schaad Soaring Hawk Consulting.

Slides:



Advertisements
Similar presentations
© Copyrights 1998 Algorithmic Research Ltd. All rights Reserved D a t a S e c u r i t y A c r o s s t h e E n t e r p r i s e Algorithmic Research a company.
Advertisements

Authenticating Users. Objectives Explain why authentication is a critical aspect of network security Explain why firewalls authenticate and how they identify.
RRSIG:“I certify that this DNS record set is correct” Problem: how to certify a negative response, i.e. that a record doesn’t exist? NSEC:“I certify that.
SSL Implementation Guide Onno W. Purbo
Position Paper W3C Workshop Mountain View
Cryptography and Network Security
JOSE Open Issue Discussion Chairs Jim Schaad. Process Room vote for Closure – Three Choices for topics We adopt the change We reject the change We discuss.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Software based Acceleration Methods for XML Signature (Or: is there such a method) Youjin Song DongGuk University, Korea Yuliang Zheng University of North.
KMIP Vendor Extension Management KMIP supports ‘extensions’ but provides no mechanism for coordination of values between clients and servers or between.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
CMSC 414 Computer and Network Security Lecture 9 Jonathan Katz.
Cryptography1 CPSC 3730 Cryptography Chapter 13 Digital Signature Standard (DSS)
CS470, A.SelcukRSA1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
S/MIME v3.2 draft-ietf-smime-3850bis-00.txt draft-ietf-smime-3851bis-00.txt Sean Turner Blake Ramsdell.
1 Introduction to Information Security , Spring 2015 Lecture 7: Applied cryptography: asymmetric Eran Tromer Slides credit: John Mitchell, Stanford.
Application of Attribute Certificates in S/MIME Greg Colla & Michael Zolotarev Baltimore Technologies 47 th IETF Conference Adelaide, March 2000.
Key Management in Cryptography
Secure Systems Research Group - FAU Patterns for Digital Signature using hashing Presented by Keiko Hashizume.
Digital Signatures (DSs) The digital signatures cannot be separated from the message and attached to another The signature is not only tied to signer but.
Csci5233 Computer Security1 Bishop: Chapter 10 Key Management: Digital Signature.
Lecture 8 Digital Signatures. This lecture considers techniques designed to provide the digital counterpart to a handwritten signature. A digital signature.
Digital Signatures Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013.
CMS Interoperability Matrix Jim Schaad Soaring Hawk Security.
S/MIME Freeware Library IETF S/MIME WG 13 December 2000 Getronics Government Solutions.
1 Optimal Mail Certificates in Mail Payment Applications Leon Pintsov Pitney Bowes 2nd CACR Information Security Workshop 31 March 1999.
© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.
Using SCVP to Convey Evidence Records Carl Wallace Orion Security Solutions.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
1 Lect. 13 : Public Key Encryption RSA ElGamal. 2 Shamir Rivest Adleman RSA Public Key Systems  RSA is the first public key cryptosystem  Proposed in.
RSA Data Security, Inc. PKCS #1 : RSA Cryptography Standard Jessica Staddon RSA Laboratories PKCS Workshop October 7, 1998.
On OAEP, PSS, and S/MIME John Linn RSA Laboratories S/MIME WG, San Diego IETF, 13 December 2000.
1 Number Theory and Advanced Cryptography 5. Cryptanalysis of RSA Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.
CS461/ECE422 Spring 2012 Nikita Borisov — UIUC1.  Text Chapters 2 and 21  Handbook of Applied Cryptography, Chapter 8 
Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.
Advanced Database Course (ESED5204) Eng. Hanan Alyazji University of Palestine Software Engineering Department.
Certificate Requests to HIP Jani Pellikka 80 th IETF Mar 27 th – Apr 1 st 2011 Prague, Czech Republic.
PKCS #1 v2.1: RSA Cryptography Standard Burt Kaliski, RSA Laboratories PKCS Workshop, 5 October 2000.
Ken Asnes RSA Laboratories July 2001
CMC and PKI4IPSEC Jim Schaad. Requirements Issues What does MAY really mean What does SHOULD really mean Requirements on Admin Peer Requirements on structure.
Demo : OpenSign Server & Java Client Works with: OpenSign Sever Version 0.4 and OSSJClient Version 0.9.
Multiplication Facts X 3 = 2. 8 x 4 = 3. 7 x 2 =
PKCS #5: Password-Based Cryptography Standard
Constraints Lesson 8. Skills Matrix Constraints Domain Integrity: A domain refers to a column in a table. Domain integrity includes data types, rules,
Interoperability Testing for RFCs 3279 and 3280 Tim Polk
Some Technical Issues in PKI Deployment David Chadwick
CRYPTOGRAPHY Gayathri V.R. Kunapuli. OUTLINE History of Cryptography Need for cryptography Private Key Cryptosystems Public Key Cryptosystems Comparison.
1 Session 4 Module 6: Digital signatures. Digital Signatures / Session4 / 2 of 18 Module 4, 5 - Review (1)  Java 2 security model provides a consistent.
Tae-Joon Kim Jong yun Jun
Overview of draft-ietf-sidr-roa-00.txt Steve Kent BBN Technologies.
Project: Simulated Encrypted File System (SEFS) Omar Chowdhury Fall 2015CS526: Information Security1.
Digital Signature Standard (DSS) US Govt approved signature scheme designed by NIST & NSA in early 90's published as FIPS-186 in 1991 revised in 1993,
LDAP for PKI Problems Cannot search for particular certificates or CRLs Cannot retrieve particular certificates or CRLs.
1 Public Key Infrastructure Rocky K. C. Chang 6 March 2007.
KeyProv PSKC Specification Philip Hoyer Mingliang Pei Salah Machani 74 nd IETF meeting, San Francisco Nov
Portable Symmetric Key Container (PSKC) Mingliang Pei Philip Hoyer Dec. 3, th IETF, Vancouver.
Transport Layer Security (TLS) Extensions: Extension Definitions draft-ietf-tls-rfc4366-bis-00.
ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.
RSA Data Security, Inc. PKCS #13: Elliptic Curve Cryptography Standard Burt Kaliski RSA Laboratories PKCS Workshop October 7, 1998.
S/MIME Capabilities Certificate Extension Stefan Santesson Microsoft.
Subject Identification Method August, 2004 Tim Polk, NIST.
PKCS #5 v2.0: Password-Based Cryptography Standard
1 Introduction to Information Security , Spring 2016 Lecture 4: Applied cryptography: asymmetric Zvi Ostfeld Slides credit: Eran Tromer.
Constraints Advanced Database Systems Dr. AlaaEddin Almabhouh.
@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.
KeyProv PSKC Specification Mingliang Pei Authors: P. Hoyer, M. Pei and S. Machani 73 nd IETF meeting, Minneapolis, Nov
Key Exchange in Systems VPN usually has two phases –Handshake protocol: key exchange between parties sets symmetric keys –Traffic protocol: communication.
Dan Brown, Certicom Research November 10, 2004
Jim Schaad Soaring Hawk Security
Draft-lamps-cms-shakes-hash-00 (was draft-dang-lamps-cms-shakes-hash-00) Q. Dang, P. Kampanakis National Institute of Standards and Technology.
Presentation transcript:

Allowed uses of Public Keys Jim Schaad Soaring Hawk Consulting

Usage Question RSA Key is a data structure independent of how it is used –DH and DSA OAEP – PSS – PKCS v1.5 are all different usage schemes for that data Should usage restrictions be specified? How should usage be restricted?

Possible Answers Never restrict usage –Use rsaEncryption as public key OID Tie to the public key structure –Would do a single usage restriction –Use schema OID as public key OID Use a certificate extension –Allows for multiple usages –Parallels Key Usage Extension –Schema OID restricts key usage

OAEP/PSS Complications RSA-OAEP and RSA-PSS specify additional cryptographic parameters (i.e. Mask Generation Function) RSA-OAEP and RSA-PSS specify additional non-cryptographic parameters (i.e. saltLength)

Complications (2) Need to specify which are significant –Currently saltLength is specified as a default value Can owner specify multiple items –Can say MFG1 and not MFG1 or MFG2 Can owner make no specification –Requires use of OPTIONAL rather than default

Solutions Do nothing Change DEFAULT to OPTIONAL Use separate structures for signature/encryption and public key Create extension to specific this information

Solutions (2) Nothing –Requires text to state which items are significant for checking –Allows only a single item to be specified DEFAULT -> OPTIONAL –Those items specified MUST match –Allows only a single item to be specified

Solutions (3) Different structure in Public Key field –Allows each OID to specify what they want –Requires different OIDs to be specified for public key vs usage Certificate Extension –Allows for more global specifications Bulk algorithms, hash algorithms –Separates usage information from key data

Solutions (4) Nothing Change DEFAULT to OPTIONAL Use separate structures for signature/encryption and public key Create extension to specific this information DISCUSSION

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.