Presentation is loading. Please wait.

Presentation is loading. Please wait.

PKI & Certification Authority

Published byMelina Hardy Modified over 9 years ago

Similar presentations

Presentation on theme: "PKI & Certification Authority"— Presentation transcript:

1 PKI & Certification Authority

2 Cryptography Cryptography is not all about security but there is
NO global security without it.

3 Major Cryptographic Systems
Secret key Cryptography(Symmetric) Public key Cryptography(Asymmetric)

4 Symmetric, or Secret Key, Cryptography
Sharing secret keys is Difficult to get started: Alice needs to go see Bob before she can send him a secret message. Hard to scale: If Alice wants to send a message to Carol, she has to start over with a new secret. An oxymoron: If Alice and Bob both have the key is it really secret? Alice has to trust Bob completely

5 Asymmetric, or Public Key, Cryptography
There are no shared secret keys There are lots and lots of public keys Each person has their own key pair(s), with a private (really!) key and a public key Alice has two burning questions “Whose key is this anyway?” “Is this key still valid?”

6 Public key Cryptography:Secrecy

7 Public key Cryptography:Authentication

8 Public key Cryptography:Secrecy& Authentication

9 Symmetric vs. asymmetric cryptography
Asymmetric cryptography has easier key management Why not always use asymmetric cryptography Slower Needs longer keys

10 RSA ALGORITHM

11 Important to Note: Determining whether a large number is prime or composite is easy; Multiplying 2 large numbers together is easy; Factorising a large number which is the product of 2 large primes (i.e. retrieving the original prime factors) is very difficult.

12 Encryption: Decryption:
1. Divide the message into blocks m where m < n. 2. Compute and send c  me (mod n). Decryption: 1. Compute cd  m (mod n)

13 Solving a problem Suppose I have a prime number p;
a number m between 1 and p-1, another number e also between 1 and p-1; And I compute c = me mod p If I give you c,e and p can you find m?

14 Yes you can if you take the following steps:
Find a number d such that e*d=1 mod p-1 Compute cd mod p = m But if the modulus is not a prime number?

15 RSA Key Generation 2. Compute n = pq.
1. Let p,q be large prime numbers, randomly chosen from the set of all large prime numbers. 2. Compute n = pq. 3. Select e randomly such that gcd(e,(n)=1 4. Compute d  e-1 (mod (n)). 5. Publish n and e. Keep p, q and d secret.

16 Key Length Typical RSA key length: 1024 bits
Security about 280 against best methods comparable to 160-bit ECC, 80-bit symmetric in terms of operations … but RSA-breaking methods require much more memory

17 Implementation Issues
For key generation need efficient method to generate huge primes For encryption and decryption Efficient modular arithmetic Efficient exponentiation

18 RSA Performance The RSA operation involves modular multiplication, which takes time proportional to (log n)2. Public-key: 2 to 17 multiplications if e has few non-zero bits. Private-key: 1.5 log n multiplications. Given p,q, four times faster using the Chinese Remainder Theorem. Good public-key speed, fair private-key speed - but good in combination with secret key, message digest.

19 Software Implementation
Pentium III, 700 MHz bit RSA key generation 430 ms encryption ms decryption ms using CRT and e = 17.

20 Factoring is equivalent to solving RSA
Supposing the public keys n and e are known and the attacker can factor n. Factoring n = pq one can solve for  (n) = (p - 1)(q - 1) Given  (n) and e, the attacker can solve for d where ed ≡ 1 (mod  (n)). The attacker can then decrypt the message.

21 Common Modulus Problem
Users should use a different modulus otherwise users can discover each other’s private key Possible to fake signatures.

22 Types of Factoring Algorithm Special purpose
P and q too close P and q too far away General Purpose Does not depend on structure of p and q Can work in parallel Most powerful technique is NFS used in 1999 to factor 512 bit RSA challenge number.

23 New Attacks on RSA Algorithm
Quantum Computer Cryptanalysis in linear time. Infeasible with current technology.

24 Shamir, Trommer 2002, 2003 Improvements on NFS Number of Bits Time
Cost 512 10 mins $10K 1024 1 year $10M

25 Timing Analysis (Paul Kocher 1995)
Encryption of known plaintext may provide leakage of information. 512-bit modulus attacked using 2000 plaintext encryption. Attack may apply in the case of use of RSA in smart cards. How to avoid Timing Analysis attacks Use fixed time for encryption process. Multiply by random blinding factor.

26 Digital Signature vs. Handwritten :
Features of handwritten signatures: -Is unique to the signer -The signer couldn’t deny it later -No one could generate it Features of digital signatures: -Depends on the message -Unique to the signer -Easy to generate -Easy to verify - Not to be forged computationally -Could be copied

27 CREATING A DIGITAL SIGNATURE Message Hash Function Encryption Function
Digest Private Key

28 VERIFYING A DIGITAL SIGNATURE Hash Function Digest 2 Result Valid Y/N?
Message Decryption Function Digital Signature Digest 1 Result Public Key

29 Digital Signature Standards
1-DSS 2-RSA 3-ECDSA(Elliptic Curve Digital signature Algorithm)

30 Digital Signatures in Open Systems
How do you know that the public key belongs to the other party? Is this key still valid?

31 We know that the only person who can create a valid digital signature is the one who holds the private key. But what if someone steals the private key?

32 Should you be able to take it back? (Maybe…)
Some digital signature legislation has called for absolute non-repudiation and placed the burden of proof on the owner of the private key. This is unlike, say, credit cards where the burden of proof lies on the credit card company… Is this good? Bad? A little of both?

33 A partial solution: PKI
As a means of addressing these problems, the general idea of a Public Key Infrastructure was born. PKI is the infrastructure that creates and manages electronic credentials, allowing the use of digital signatures and their underlying keys and certificates across the Internet. PKI is essentially a way to “publish” public key values in a way that is almost (but not really) analogous to a telephone book.

34 What is a Public Key Infrastructure?
A complex infrastructure of - Hardware - Software databases - Networks -Security procedures -Legal obligations …that will enable us to use Public Key Envelopes and Digital Signatures to do those things we have historically done with handmade marks in ink on paper.

35 How Does PKI Work? PKI helps us by providing two things:
Certification: The binding of a public key to something (person, place or thing…) Validation: The ability to check if such a binding is a valid one.

36 Public Key Infrastructure Components
There are four basic infrastructure components Certification Authority (CA) – generates certificates and CRLs Registration Authority (RA) – checks users identity to ensure binding is correct Directory – database of certificates and CRLs Archive – keeps old certificates and CRLs for use in distant future

37 Trusted Third Party CA RA RA RA

38 3. Alice provides Bob with her digital certificate, which provides and certifies Alice’s public key
0. Alice generates key pair Bob Alice 1. Alice convinces CA of her identity, provides public key 2. CA gives digital certificate to Alice CA 4. Bob verifies CA signature using CA public key

39 Achieving Security with PKI: An Encryption Example
Alice creates a key pair and goes to the RA to request a certificate The RA checks her ID and requests the certificate from the CA The CA posts it in the directory Bob gets the certificate from the directory Bob verifies her certificate, makes sure its not on the CRL, and uses her public key to send her a secret message

40 Achieving Security with PKI: A Digital Signature Example
Alice creates a key pair and goes to the RA to request a certificate The RA checks her ID and requests the certificate from the CA The CA posts it in the directory Alice uses her private key to sign a message Bob gets the certificate from the directory Bob verifies her certificate, makes sure its not on the CRL, and uses the public key to verify her signature

41 CA’s have the critical role in data security and e-commerce
They guarantee that two parties exchanging information are really who they claim to be

42 Certification Authority
Issue certificates Publish certificates Revocation of certificates Renew certificates Manage databases (valid/revoked certificates) Security Policy Authority Key pair generation for users Key Recovery Authority

43 Registration Authority
Registration of the users (check identity) interaction with certificate applicants checking of identity of applicants forwarding of certificate creation requests and certificate revocation requests to CA storing of keys and certificates on smart card of user

44 What is a certificate? A certificate and the corresponding private key constitute the fundamental personal identifier in a PKI. A certificate identifies a person to a remote computer (or vice versa) – the private key is needed to complete the authentication. In particular, a certificate does not contain authorisation information.

45 Digital Certificate’s contents:
-name and other information of the owner -a serial number -public key specifications -the expiration date -the signature of CA

46 Anatomy of a certificate
Public Key A text string ABCDEFGHIJKLMNOPQRSTUV Validity Data Extensions Signature from CA’s private key

47 Digital Certificate Standard: -X509 is an standard for digital certificate.It is as a part of standard group ITU-OSI. -X509 v2 -X509 v3

48 What does a certificate look like?
Well…that depends, but it will likely have the following fields: Issuer’s identity: Frank the CA Subject’s Name: Joe Valid Dates: From To: Key Info: RSA Signature Key N=55, e=17 This is Joe’s key…really! Signed, Frank the CA

49 CA examples: -Belsign-Globalsign,1996, Belgium - OnWatch, Bell, Canada
-Verisign, April 1995, California -Belsign-Globalsign,1996, Belgium - OnWatch, Bell, Canada -Icetel, Telematic, EU -Keywitness,1995, Canada -Semper, EU -Thawte Consulting, South Africa

50 Applications That Use a PKI
Digital Signatures Smart Card Logon Encrypting File System Certificate Services Internet Authentication Secure Software Code Signing Software Restriction Policy IP Security

51 PKI Market Trends

52

53 PKI and e-Business The initial reason for implementing a PKI initiative in an organization was to secure e-Business. In order to communicate securely with business partners and to conduct transactions in a legal manner, the necessity of a PKI for the security industry was evident.

54 Below figure shows that majority of the respondents (55%) had more than one e-Business application PKI-enabled

55

56 How to Identify Technical Requirements
For Ask Security requirements What is your organization’s security policy? Do you have any business partners? Do you have requirements for complying with industry or government standards? Administration requirements Who will manage CAs? Who will manage certificates? Availability requirements How many CAs does your organization require? How are certificates distributed between CAs?

57 Security Policy A security policy: Defines for using security services
Identifies applications to secure by using certificates Defines security services to offer by using certificates

58 Certificate Policy A certificate policy describes:
The user identification process Private key management requirements The process for responding to lost or compromised private keys Certificate enrollment and renewal requirements The maximum value for transactions

59 Certification Practice Statement
A CPS can include these sections: Introduction General Provisions Identification and Authentication Operational Requirements Physical, Procedural, and Personnel Security Controls Technical Security Controls Certificate and CRL Profile Specification Administration

Download ppt "PKI & Certification Authority"

Similar presentations

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Public Key Management and X.509 Certificates

Public Key Management and X.509 Certificates
Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.

Certification Authority. Overview  Identifying CA Hierarchy Design Requirements  Common CA Hierarchy Designs  Documenting Legal Requirements  Analyzing.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.

Session 5 Hash functions and digital signatures. Contents Hash functions – Definition – Requirements – Construction – Security – Applications 2/44.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Attacks on Digital Signature Algorithm: RSA

Attacks on Digital Signature Algorithm: RSA
Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.

Public-key Cryptography Montclair State University CMPT 109 J.W. Benham Spring, 1998.
20-751 ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.

ECOMMERCE TECHNOLOGY SUMMER 2002 COPYRIGHT © 2002 MICHAEL I. SHAMOS Cryptographic Security.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.
Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,

Cryptographic Techniques Instructor: Jerry Gao Ph.D. San Jose State University URL: May,
20-751 ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

ECOMMERCE TECHNOLOGY FALL 2003 COPYRIGHT © 2003 MICHAEL I. SHAMOS Cryptography.

Similar presentations

Ads by Google