Presentation is loading. Please wait.

Presentation is loading. Please wait.

IT443 – Network Security Administration Instructor: Bo Sheng

Published byEustace Melvyn Perkins Modified over 6 years ago

Similar presentations

Presentation on theme: "IT443 – Network Security Administration Instructor: Bo Sheng"— Presentation transcript:

1 IT443 – Network Security Administration Instructor: Bo Sheng
PKI IT443 – Network Security Administration Instructor: Bo Sheng

2 What Is PKI Informally, the infrastructure supporting the use of public key cryptography. A PKI consists of Certificate Authority (CA) Certificates A repository for retrieving certificates A method of revoking certificates A method of evaluating a chain of certificates from known public keys to the target name

3 Certification Authorities (CA)
A CA is a trusted node that maintains the public keys for all nodes (Each node maintains its own private key) 1 2 3 4 5 6 CA If a new node is inserted in the network, only that new node and the CA need to be configured with the public key for that node

4 Certificates A CA is involved in authenticating users’ public keys by generating certificates A certificate is a signed message vouching that a particular name goes with a particular public key Example: [Alice’s public key is ]carol [Carol’s public key is ]Ted & [Alice’s public key is ]carol Knowing the CA’s public key, users can verify the certificate and authenticate Alice’s public key

5 Certificates Certificates can hold expiration date and time
Alice keeps the same certificate as long as she has the same public key and the certificate does not expire Alice can append the certificate to her messages so that others know for sure her public key Someone can impersonate Alice

6 PKI Models How many CAs Hierarchical name space Monopoly = one
Oligarchy = many Anarchy = any Hierarchical name space Top-down Bottum-up

7 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

8 Monopoly Model One CA universally trusted by everyone
Everyone must get certificates from this CA The public key to this organization is the only PKI trust anchor and is embedded in all software and hardware

9 Problems There is NO universally trusted organization
Monopoly control. CA could charge any fees. Once deployed, it is hard to switch to a different CA Entire world’s security relies on this CA

10 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

11 Monopoly + Registration Authorities (RA)
RAs are affiliated with the single CA and are trusted by this CA. RAs check identities and provide the CA with relevant information (identity and public key information) to generate certificates. More convenient (more places to be certified). Still a monopoly. All the monopoly problems still hold.

12 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

13 Delegated CAs The trust anchor (known CA) issues certificates to other CAs (delegated CAs) vouching for their trustworthiness as CAs. Users can obtain their certificates from delegated CAs instead of the trust anchor CA. Example: [Carol’s public key is ]Ted & [Alice’s public key is ]carol Ted: trust anchor CA & Carol: delegated CA

14 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

15 Oligarchy Model A few trusted CAs and a certificate issued by any one of them is accepted Competition between CAs is good Problems: Not as secure as the monopoly case Need to protect more CAs (instead of only one) Might be easier to trick a naïve user by inserting a bogus trust anchor in the list of trusted CAs It is hard to examine the set of trust anchors and determine whether some has modified the set

16 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

17 Anarchy Model (Web of Trust)
Fully distributed approach. No CA or list of CA provided to the users. Anyone can sign certificates for anyone else. Each user is responsible for configuring some trust anchors (provide his own certificates for them). A database maintains these certificates. Unworkable on a large scale (Why?). Huge database. Searching it is inefficient.

18 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

19 Name Constraints A CA is responsible for certifying users in his domain only UMB CA certifies UMB students Provides complete autonomy CAs need to be able to identify each other. How?

20 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

21 Top-Down with Name Constraints
Everyone agrees on a root organization and the root CA delegates to other CA. (A centralized trust anchor (CA) + delegated CAs). To get a certificate, contact the root. You will be redirected to an appropriate delegated CA. Delegated CAs can only issue certificates for users in their domain.

22 PKI Models Monopoly model Monopoly + RA Delegated CAs Oligarchy model
Anarchy model Name constraints Top-down with name constraints Bottom-up with name constraints

23 Bottom-Up with Name Constraints
Assumes a hierarchical name space. Similar to Internet domain names. Each organization maintains its own CA, and CAs link to others. Similar to DNS tree hierarchy but also cross-links (cross certificates) are allowed (Forest hierarchy). A parent certifies its children and children certify their parent. The hierarchy is traversed in a bottom-up fashion. Follow up-links until you encounter an ancestor of the target, then follow at most one cross-link, and then follow down-links from there.

24 Bottom-Up with Name Constraints
B/Y/Z B/Y/Z/A A/B A/C B/Y/Z/C A/B/X A/B/K A/C/Y B/Y/Z/A/C How can A/C/Y verify the certificate of B/Y/Z/C? How can B/Y/Z/C verify the certificate of A/C/Y?

25 Advantages Easy to navigate the hierarchy (similar to DNS).
No monopoly. Replacing keys is reasonably easy. Can be deployed in any organization without help from the rest of the world. Authentication between users in the same organization does not need to go outside the organization.

26 X.509 An authentication framework defined by ITU
A clumsy syntax for certificates No rules specified for hierarchies X.509 v1 and v2 allowed only X.500 names and public keys in a certificate X.509 v3 allows arbitrary extensions A dominant standard Because it is flexible, everyone willing to use it Because it is flexible, all hard questions remain C: country, CN: common name, O: organization, etc.

27 X.509 Subject UID (not in V1) Version # (1, 2, or 3)
Subject Public Key Algorithm Subject Public Key Signature Algorithm Signature Extensions (V3 only) Version # (1, 2, or 3) Serial Number Effective Date Expiration Date Issuer Name Issuer UID (not in V1) Unique ID Subject Name

Download ppt "IT443 – Network Security Administration Instructor: Bo Sheng"

Similar presentations

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.4 Public Key Infrastructure (PKI) Acknowledgment: Slides revised from.

Computer Science CSC 474Dr. Peng Ning1 CSC 474 Information Systems Security Topic 4.4 Public Key Infrastructure (PKI) Acknowledgment: Slides revised from.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.

CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
1 Lecture 13: Public Key Infrastructure terms PKI trust models –monopoly with registration authorities with delegated certificate authorities –oligarchy.

1 Lecture 13: Public Key Infrastructure terms PKI trust models –monopoly with registration authorities with delegated certificate authorities –oligarchy.
COEN 350 Public Key Infrastructure. PKI Task: Securely distribute public keys. Certificates. Repository for retrieving certificates. Method for revoking.

COEN 350 Public Key Infrastructure. PKI Task: Securely distribute public keys. Certificates. Repository for retrieving certificates. Method for revoking.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Report on Attribute Certificates By Ganesh Godavari.

Report on Attribute Certificates By Ganesh Godavari.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 17 Jonathan Katz.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 20 Jonathan Katz.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
14 May 2002© 2000-02 TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.

14 May 2002© TrueTrust Ltd1 Privilege Management in X.509(2000) David W Chadwick BSc PhD.

Similar presentations

Ads by Google