Presentation is loading. Please wait.

Presentation is loading. Please wait.

International Standards Public Key Infrastructure.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "International Standards Public Key Infrastructure."— Presentation transcript:

1 International Standards Public Key Infrastructure

2 Public key systems  Each entity has a key pair (s,p)  Confidentiality C=E(p,M) and M = D(s,C)  Authenticy Signature = S(s,M) and V(p,Signature) = accept

3 RSA Signature  RSA keys  P, Q primes  PQ=N  ed 1 (mod (P-1)(Q-1))  P, Q, d private  e, N public

4 RSA Signature example  Transform the data to be signed to a unique form: enc  MD = Hash(enc)  PAD to N –D = 00 01 FF... FF 00 MD  Sign –S = D d (mod N)  Send data and S

5 RSA Signature example  Transform the signed data to the unique form: enc  MD = Hash(enc)  Decrypt –D = S e (mod N)  Remove padding and compare MD

6 Key management  Key creation  Key distribution  Key renewal  Key revocation  Key validation control

7 Certification authorities  CA –Trusted Third Party –(s,p) –Publish public keys  Signs –Entity’s identity –Entity’s public key  Certificate

8 Certificate authorities  Cross certification  Chains

9 The life cycle of a user certificate Issue Store Use Renew Revoke Register

10 International standards  ASN.1 –Everything is build upon ASN.1  X.509  PKCS  PKIX  S/MIME  OCSP  Public Key Cryptographic Standard  #1 RSA encryption Standard  #5 Password-Based Encryption  #7 Cryptographic Message Syntax  #8 Private-Key Infomation  #10 Certification Request  #12 Personal Information Exchange Syntax

11 Abstract Syntax Notation One  ASN.1  Language to describe structured data –Everything is specified in ASN.1  Types and values –Simple –Structured

12 ASN.1 simple types  INTEGER  NULL  BOOLEAN  ENUMERATED  BIT STRING  OCTET STRING  OBJECT IDENTIFIER

13 OBJECT IDENTIFIER  Giving object name –Distinguish between different types of obejcts  Algorithms  Types (X509 Extensions og name attributes)  Object identifier tree –CCITT {0} –ISO {1} –Both {2}

14 Examples  RSA –pkcs-1 OBJECT IDENTIFIER ::= { iso(0) member-body(2) us(840) rsadsi(113549) pkcs(1) 1} –rsaEncryption OBJECT IDENTIFIER ::= { pkcs-1 1 } –sha1WithRSAEncryption ::= { pkcs-1 5 }  X.509 –Id-at OBJECT IDENTIFIER ::= {joint-iso-ccitt(2) ds(5) 4} –Id-at-commonName OBJECT IDENTIFIER ::= {id-at 3}

15 Characters and times  Characters –Printable –TeleTex –IA5 –Visible  Times –UTC –Generalized

16 Structured types  SET and SET OF  SEQUENCE and SEQUENCE OF  CHOICE  ANY –Used when there are ”holes” in the definition.  TAGS –Everything has a tag

17 TAGS  Creates new types from old types  Used to distinguish types CHOICE ::= { aInteger, bInteger } CHOICE ::= { a[0] Integer, b[1] Integer }  IMPLICIT (new tags replaces old tag)  EXPLICIT (new tag is added)  DEFAULT and OPTIONAL

18 Encoding Rules  Serialize and deserialize objects  Basic –Length of objets can be indefinite –Objects in sets are not sorted  Distinguished  (Packed and Confidential)

19 ENCODING  Identifier Length Content ILC IL ILILC ILC

20 Identifier  Class –Universal 0 0 described in the ASN.1 standard –Context-specific 1 0 not described in the ASN.1 standard  Form –Simple 0 –Structurered 1  Tag number –5 bit (11111 used for large tag numbers) -> 0..30 87654321 ClassP/CTag number

21 EXAMPLE  X.509 (EXPLICIT TAGGING) Extensions [3] SEQUENCE OF... -SEQUENCE OF is an Universal structured type with tag 16 -> Class = 00, C = 1, 16 = 10000 : 0011 0000 = 30 -Extensions [3] is a Context-Specific structured type with tag 3 -> Class = 10, C = 1, 3 = 00011 :1010 0011 = A3 A3L+2 30LC

22 LENGTH  Short 7 bit gives 127 Octets  Long (simplified) –1000 0001 = 81 –1000 0002 = 82 87654321 0LLLLLLL 8765432187654321 10000001LLLLLLLL

23 LENGTH  Indefinite 87654321 10000000 8765432187654321 0000000000000000

24 CONSTRUCTED ENCODING  Simple types can be encoded like a structured object –BITs, OCTETs, Characters Example: Octetstring ”ABCDEF0123456789” 0416ABCDEF0123456789 048ABCDEF01 2420 04823456789

25 The life cycle of a user certificate Issue Store Use Renew Revoke Register

26 User registration  Ensure entity’s indentification  Registration Office –Post Office –System administrator –Bank –...  Result –PIN code for authentification to CA –Private key and certifcate

27 The life cycle of a user certificate Issue Store Use Renew Revoke Register

28 Issueing certificates  Generate a key pair (s,p)  Prove s by signing indentity and p M = p||idSignature = S(s,M)  Send M and Signature to CA  CA verifies identity and signature  CA issues certificate

29 EXAMPLE  Certificate request CertificationRequest ::= SEQUENCE { certificationRequestInfoCertificationRequestInfo signatureAlgorithmAlgorithmIdentifier signatureBIT STRING } CertificationRequestInfo ::= SEQUENCE { versionVersion, subjectName, subjectPublicKeyInfoSubjectPublicKeyInfo, attributes[0] IMPLICIT Attributes }  Internet Explorer  No user authentication

30 PKIX  Public Key Infrastructure X.509 –Family of standards –Protocols for  issue certificate  certificate management  time stamps  status of certificates –Certificate and CRL profile –Certificate Practise Statement

31 PKIX CMP  Certificate Management Protocols –Protocol messages for  Certificate requests  Certificate renewal  Certificate revocation ... –Certificate request provides authentication  User gets secret key at registration (out-of-band)  Used to protect the certificate request –provide authentication (MAC)

32 PKIX CMP PKIMessage ::= SEQUENCE { headerPKIHeader, bodyPKIBody, protection[0] PKIProtection OPTIONAL, extraCerts[1] SEQUENCE OF Certifcate OPTIONAL} PKIHeader ::= SEQUENCE { senderGeneralName, recipientGeneralName, messageTime[0] GeneralizedTime OPTIONAL, protectionAlg[1] AlgorithmIdentifier OPTIONAL, senderKeyID[2] OCTET STRING OPTIONAL,... } Body contains the ”real” content

33 PKIX CMC Issue  Authentication –User gets secret key after registration (eg. PIN letter) –Used to protect request  Password Based MAC PKIBODY ::= CHOICE {... CERTReqMessages,... } CertReqMessage ::= SEQUNCE { CertReq CertRequest, pop ProofOfPossession OPTIONAL, regInfo Attributes OPTIONAL} CertRequest ::= SEQUENCE { certReqIdINTEGER, certTemplate CertTemplate } CertTemplate ::= SEQUENCE { Version[0] INTEGER, serialNumber [1] INTEGER, signingAlg[2] AlgorithmIdentifier, issuer[3] Name, subject[4] Name, validity[5] Validity, publickey[6] SubjectPublicKeyInfo,... extensions[9] Extensions }

34 X.509 Certificates  The most widespread on the Internet  In version 3 Extentions were added –Basically holes where you can put anything –Adds flexibility –Causes interoperability problems

35 X.509 Certificates  Certificate –Version –Serial number –Signature algorithm –Issuer –Validity –Subject –Public key –Extensions –Signature

36 X.509 Syntax Certificate ::= SEQUENCE { tbsCertificateTBSCertificate, signatureAlgorithmAlgorithmIdentifier, signatureValueBIT STRING } TBSCertificate ::= SEQUENCE { version[0] DEFAULT v1, serialNumberInteger, signatureAlgorithmIdentifier, issuerName, validityValidity, subjectName, subjectPublicKeyInfoSubjectPublicKeyInfo,.. extensions[0] Extensions OPTIONAL }

37 X.509 standard extensions  Basic Constraints –Is this a CA certificate –Chain length  Key –Usage –Extended –Private key usage period  Key Identifiers  Alternative Name  Name constraints  CRL Distribution Points  Policy –Issuers policy  Identifier –1.3.6.1.4.1.4386.2.2.2.1.1  CPS –http://www.certifikat.dk/repository  User notice –This certificate is issued under TDC Internet Cas Certificate Policy for Class II Certificates (OID=1.3.6.1.4.1.4386.2.2.2.1.1). –Constraint –Mapping

38 Certificate Policy  The entity is correct  Usage –Authenticity and confidentiality and maybee more  Publish certificate status  Registration is done properly  Entitiy –Correct authentication to LRA –Respect key usage –Protect private key –If compromised revoke certificate –Check validity before use  Receiver –Check certificate  Phone number

39 X.509 other extensions  Qualified Certificate –CA’s says that the certificate is a QC –issued by CA with a public statement –indicates a policy consistent with CA –living human entity with pseudonym or real name of subject  Biometric Information  Procuration  Admission  Monetary Limit  Majority  Certificate Status

40 The life cycle of a user certificate Issue Store Use Renew Revoke Register

41 Certificate storage  Browser  Disk  Token  Next time

42 Certificate and private key storage  Encoded X.509 –One public key  PKCS#8 –Private key  PKCS#7 –Public key –Certificate chains  PKCS#12 –Private key and chain –Authenticated by you

43 The life cycle of a user certificate Issue Store Use Renew Revoke Register Can you ?

44 Certificate usage  Encryption –Recipient certificate should be validated before use  Signature –Recipient should validate signer certificate  Certificate validation –Signature and validity –Chain –Revocation

45 Revocation  CRL –Signed list of serial numbers of all revoked certifcates for a particular CA  OCSP –Signed reply  Instant Certificates –Certificate holds their own status and time stamp –Requester gets a updated and re-signed certificate CertificateList ::= SEQUENCE { tbsCertList TBSCertList, algorithm AlgorithmIdentifier, signature BIT STRING} TBSCertList::= SEQUENCE { versionINTEGER, signature AlgorithmIdentifier, IssuerName, thisUpdateTime, nextUpdate Time OPTIONAL, revoedCertificates SEQUENCE OF Entry, crlExtensionsOPTIONAL } Entry ::= SEQUENCE { userCertificate SerialNumber, revocationDate Time, entryExtension Extensions OPTIONAL}

46 CRL extensions  CRL extension –Serial number –Delta CRL  Base number  Entry extension –Invalidity date –Reason code  0 unspecified  1 key comprimisied  2 CA comprimisied  3 affiliation changed  4 superseeded  5 cessation of operation  6 certificate on hold  8 remove from CRL  9 privilege withdrawn

47 CRL

48 The life cycle of a user certificate Issue Store Use Renew Revoke Register

49 Cryptographic Message Syntax  PKCS#7 –Behind everything  Signed data  Encrypted data  Uses certificates  Transport data –CRL and certificate  Behind S/MIMEv2 –Used by standard email clients  CMS –Extends PKCS#7  Key exchange –Previously agreed conventional key  Key agreement –DH scheme  Can use certificate  Behind S/MIMEv3

50 PKCS#7 Signed data SignedData ::= SEQUENCE { versionINTEGER, digestAlgorithmsDigestAlgorithmIdentifiers, contentInfoContentInfo, certificatesCertificates OPTIONAL, crlsCRLs OPTIONAL, signerInfosSignerInfos } SignerInfo ::= SEQUENCE { versionINTEGER, ISNIssuerAndSerialNumber, digestAlgorithmAlgorithmIdentifier, authenticatedAttributesAttributes OPTIONAL digestEncryptionAlgorithm AlgorithmIdentifier, encryptedDigestOCTET STRING }

51 PKCS#7 Enveloped data EnvelopedData ::= SEQUENCE { versionINTEGER, recipientInfosRecipientInfos, encryptedContentInfoEncryptedContentInfo } RecipientInfo ::= SEQUENCE { version INTEGER, ISNIssuerAndSerialNumber, keyEncryptionAlgorithmAlgorithmIdentifier, encryptedKeyOCTET STRING } EncryptedContentInfo ::= SEQUENCE { contentTypeContentType, contententEncryptionAlgorithm AlgorithmIdentifier, encryptedContent OCTET STRING OPTIONAL}

52 S/MIME  Secure/Multipurpose Internet Mail Extensions  De facto standard for secure email  Combination of MIME and PKCS #7 –Take a MIME entity –Wrap it in a PKCS #7 structure  Sign or encrypt –Add MIME headers to the result –Repeat if both signature + encryption is to be applied

53 The life cycle of a user certificate Issue Store Use Renew Revoke Register

54 Certificate management  Renew –Like issue, but –You have an old private key –You have a name  Revoke –Sign message  Telephone

Download ppt "International Standards Public Key Infrastructure."

Similar presentations

Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.

CSCE 815 Network Security Lecture 10 KerberosX.509 February 13, 2003.
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Cryptography and Network Security Chapter 14

Cryptography and Network Security Chapter 14
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.

CS5204 – Operating Systems 1 Authentication. CS 5204 – Operating Systems2 Authentication Digital signature validation proves:  message was not altered.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Network Security Essentials Chapter 4

Network Security Essentials Chapter 4
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.

Geneva, Switzerland, 2 June 2014 Introduction to public-key infrastructure (PKI) Erik Andersen, Q.11 Rapporteur, ITU-T Study Group 17 ITU Workshop.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct, 17 2012.

Identity Standards (Federal Bridge Certification Authority – Certificate Lifecycle) Oct,
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.

HIT Standards Committee: Digital Certificate Trust – Policy Question for HIT Policy Committee March 29, 2011.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Similar presentations

Ads by Google