Presentation is loading. Please wait.

Presentation is loading. Please wait.

Introduction to PKI Novell BrainShare 2002 Tammy Green

Published byHubert Stevenson Modified over 6 years ago

Similar presentations

Presentation on theme: "Introduction to PKI Novell BrainShare 2002 Tammy Green"— Presentation transcript:

1 Introduction to PKI Novell BrainShare 2002 Tammy Green
Senior Software Engineer Novell, Inc. Steve Walker Software Engineer IO225—Introduction to PKI

2 The Problem

3 One Solution

4 Symmetric Key Cryptography
Bob and Alice agree on key Keys can be passwords, Personal Identification Numbers (PIN), etc. Bob encrypts message to Alice with key Alice decrypts message with same key

5 It Works, but What If… Alice and Bob don’t know each other
Need a trusted third-party Bob wants to send a message to 1,000 people Need an easy way to exchange keys Alice puts the key on a sticky note on her monitor Need a way to notify everyone

6 Public Key Cryptography
Two keys for each person Public key—available to everyone Private key—kept secret Given the public key, “hard” to find private key Encrypt using public key Decrypt using private key

7 Encryption/Decryption
Bob’s message Alice’s private key A Bob’s message Alice’s public key A

8 Signing/Verification
Bob’s message Bob’s message Verified Bob Bob’s private key B Bob’s public key B

9 Encryption and Signature
Bob’s private key B Bob’s public key B Bob Bob’s message Verified Bob’s message Alice’s public key A Alice’s private key A

10 How Do They Exchange Keys?
Put them in the newspaper Send them on a floppy disk Put them in a public directory, e.g., Novell eDirectory™ “All of these methods are vulnerable to substitution or tampering”

11 Digital Certificate Prevents tampering because it is digitally signed
Prevents substitution because it is signed by a “trusted” entity Can put them anywhere Web sites Floppy disks Directories Etc.

12 Certificate Types X.509 PGP Simple PKI (SPKI) XML certificates
“Compact” certificates Wireless TLS certificates Attribute certificates

13 What Is an X.509 Certificate?
It binds a public key to a name The name can be A person A group A machine A program There are four versions v1, v2—seldom used v3—most commonly used v4—not yet used

14 Format of a X.509 Certificate
Public Key Algorithm Signature Algorithm (object Identifier) Public Key (bit string) Subject (name) Issuer Not Before Not After Validity Period (date and time) Signed Optional Extensions Version (Integer)

15 Who Signs a Certificate?
Self-signed I am me because I say that I am me Certificate Authority (CA) Trusted third party

16 Choosing a CA Organizational CAs Commercial CAs
Trusted only within a limited domain Self-signed Commercial CAs Widely trusted (e.g., by all web browsers) Referred to as “trusted roots”

17 To Sign or Not to Sign CAs sign certificates if predefined criteria are met Subject name and alternative names are reasonable Proof of possession of private key Agrees with data in extensions Public key not already used Criteria are defined in Certification Practice Statement (CPS) Validation may be done by a Registration Authority (RA)

18 Getting a Certificate 1. Generate key pair
2. Generate certificate request 4. Validate certificate request 3. Send certificate request 8. Return certificate 5. Issue certificate 6. CA issues certificate 7. Publish certificate

19 But What If…? What if someone else claims to be me?
CA must validate identity What if two people have the same name? Need a global unique identifier Qualified certificates ensure uniqueness

20 Intermediate CAs Signed by another CA Capabilities could be limited
Signed by a root CA Signed by another intermediate CA Capabilities could be limited Limits put in certificate May only sign non-CA certificates May only sign certificates for certain names

21 CA Hierarchy

22 But What If…? How do I decide which CAs to trust?
Applications do it for you Your company could do it for you Can’t a CA just “trust” another CA? CAs can cross-certify each other Bridge CAs can bridge the gap

23 Bridging the Gap Bridge CA

24 Certificate Extensions
Common extensions Alternative names Key usage Basic constraints CRL distribution point Custom extensions Picture of yourself May be critical

25 But What If…? What if my certificate expires?
Get a new certificate You may need a new key pair What if the information in my certificate is incorrect? What if someone steals my private key? Revoke the certificate

26 Revoking a Certificate
1. Revoke certificate 2. Approve revocation request 3. Revoke certificate 4. Publish certificate revocation

27 Publishing Certificate Revocations
Typically done by a CA Common methods Certificate Revocation List (CRL) Delta Indirect On-demand Online Certificate Status Protocol (OCSP) Simple Certificate Validation Protocol (SCVP) Location of revocation information is in certificate

28 But What If…? How long will it take before my certificate is actually revoked? Depends on CA and on method of publishing Caching can a problem What if it takes weeks? Revocation data may include an invalidity date What if the CA is compromised? CAs can be revoked Root CA compromise is very bad

29 Validating a Certificate
Must have entire chain For each pair of certificates make sure Public key in issuer certificate signed other certificate Subject and issuer names match Certificates are within validity period Neither certificate has been revoked No unknown critical extensions At least one certificate in chain is “trusted”

30 But What If… Isn’t it slow to check if every certificate is revoked?
Caching can help OCSP and SCVP can help Revoking certificates isn’t common yet What if the CA doesn’t support revocation? You could create your own revocation list

31 So, What Can I Do with a Certificate?
Sign and encrypt Authenticate a web site Authenticate yourself Encrypt a data channel (e.g., SSL) Protect data from tampering and substitution Notarize data Timestamp data

32 SSL Server Side Authentication
Browser Server Choose cipher suite Generate R1 Generate R0 R0, cipher suites Validate server certificate Generate R2 Calculate symmetric key Calculate master secret R1, cipher suite, certificate chain [ R2 + … ]Server’s PubK, [ Hash (msgs + …) ]SymK Decrypt R2 Calculate master secret Calculate symmetric key Validate encrypted hash Validate encrypted hash [ Hash (msgs + …) ]SymK

33 SSL Mutual Authentication
Browser Server Choose cipher suite Generate R1 Generate R0 R0, cipher suites Validate server certificate Find user certificate Generate R2 Calculate master secret Calculate symmetric key R1, cipher suite, certificate chain, trusted roots Validate user certificate Decrypt R2 Validate signed hash Calculate master secret Calculate symmetric key Validate encrypted hash certificate chain, [ R2 + … ]Server’s PubK, { Hash (msgs + ...) }User’s PrvK, [ Hash (msgs + …) ]SymK Validate encrypted hash [ Hash (msgs + …) ]SymK

34 But What If…? What if it really wasn’t me?
You must protect your client and your private key Non-repudiation is a misnomer What if I have a 56-bit crypto web browser? Symmetric key will be limited to 56-bits Unless the server has a special certificate

35 Server-Gated or Step-Up Crypto
Certificates are signed by designated CAs (e.g., VeriSign) Called 128-bit SSL Global Server IDs Special extensions in the certificate OID OID Allows the symmetric key in the handshake to always be 128-bits

36 Benefits of Public Key Cryptography
Alice and Bob don’t know each other A CA is a trusted third party Bob wants to send a message to 1,000 people Publish his certificate to a directory his certificate to everyone Alice puts the key on a sticky note on her monitor CA revokes her certificate Previous signatures still honored

37 What Is a PKI? Public Key Infrastructure
A collection of components which allow you to create, manage and use public key certificates

38 PKI Components Public/private key pairs Digital certificates
Cryptography provider CAs RAs Revocation mechanism Repository for certificates and revocation information Management tools

39 Why Is PKI Good for eCommerce?
Data confidentiality Data integrity Authentication Standards-based

40 Vision…one Net Mission
A world where networks of all types—corporate and public, intranets, extranets, and the Internet—work together as one Net and securely connect employees, customers, suppliers, and partners across organizational boundaries Mission To solve complex business and technical challenges with Net business solutions that enable people, processes, and systems to work together and our customers to profit from the opportunities of a networked world

41

42 Additional Resources www.novell.com/security IETF PKIX Working Group
RFC 2459 Net Solutions lab Meet the Experts Night TUT240: Configuring and Troubleshooting the Security Components of NetWare®

43 wiN big Access and Security table one Net solutions lab visit the
in the to obtain an entry form

44

Download ppt "Introduction to PKI Novell BrainShare 2002 Tammy Green"

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
Cryptography and Network Security

Cryptography and Network Security
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College.

Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College.
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”

CERTIFICATES “a document containing a certified statement, especially as to the truth of something ”
Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.

Copyright, 1996 © Dale Carnegie & Associates, Inc. Digital Certificates Presented by Sunit Chauhan.
CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukPKI1 Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Chapter 8 Web Security.

Chapter 8 Web Security.
Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Introduction to Secure Messaging The Open Group Messaging Forum April 30, 2003.

Similar presentations

Ads by Google