Presentation is loading. Please wait.

Presentation is loading. Please wait.

Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena.

Published byBruce Barton Modified over 9 years ago

Similar presentations

Presentation on theme: "Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena."— Presentation transcript:

1 Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena

2 Course Administration HW2 due – Coming Monday, 11am – Mar 04 2

3 Course Admin Mid-Term Exam – On March 12 (Tuesday) – In class, from 11am-12:15pm Covers lectures up to lectures 5.* (this week) In-class review on Mar 07 (Thursday) Strictly closed-book (no cheat-sheets are allowed) A sample exam will be provided as we near the exam date 10/9/2015 3 Lecture 5.2: Private Key Distribution

4 Outline of Today’s lecture Key Distribution Public Key Setting Certificates and Public Key Infrastructure 4

5 Key Distribution Cryptographic primitives seen so far assume – In private key setting: Alice and Bob share a secret key which is unknown to Oscar. – In public key setting: Alice has a “trusted” (or authenticated) copy of Bob’s public key. But how does this happen in the first place? Alice and Bob meet and exchange key(s) Not always practical or possible. We need key distribution, first and foremost! Idea: make use of a trusted third party (TTP) 5

6 Public Key Distribution Public announcements (such as email) – Can be forged Public directory – Can be tampered with Public-key certification authority (CA) (such as verisign) – This is what we use in practice – CA issues certificates to the users 6

7 Naming and Certificates Certification authority’s vouch for the identity of an entity - Distinguished Names (DN). /O=UAB/OU=CIS/CN=Nitesh Saxena – Although CN may be same, DN is different. Policies of certification – Authentication policy What level of authentication is required to identify the principal. – Issuance policy Given the identity of principal will the CA issue a certificate? 7

8 Types of Certificates CA’s vouch at some level the identity of the principal. Example – Verisign: – Class 1 – Email address – Class 2 – Name and address verified through database. – Class 3- Background check. 8

9 Public Key Certificate Public Key Certificate – Signed messages specifying a name (identity) and the corresponding public key. Signed by whom – Certification Authority (CA), an organization that issues public key certificates. We assume that everyone is in possession of a trusted copy of the CA’s public key. CA could be – Internal CA. – Outsourced CA. – Trusted Third-Party CA. 9

10 Public Key Certificate 10 Note: Mechanism of certification and content of certificate, will vary but at the minimum we have email verification and contains ID and Public Key.

11 Certificate Verification/Validation 11

12 Certificate Revocation CA also needs some mechanism to revoke certificates – Private key compromised. – CA mistake in issuing certificate. – Particular service the certificate grants access to may no longer exist. – CA compromised. Expiration time solves the problems only partially. Certification Revocation Lists (CRL) – a list of every certificate that has been revoked but not expired. – CRL’s quickly grow large! CRL’s distributed periodically. – What about time period between revocation and distribution of CRL? Other mechanisms – OCSP (online certificate status protocol) 12

13 X.509 Clearly, there is a need for standardization – X.509. Originally 1988, revised 93 and 95. X.509 is part of X.500 series that defines a directory service. Defines a framework for authentication services by X.500 directory to its users. Used in S/MIME, IPSEC, SSL etc. Does not dictate use of specific algorithm (recommends RSA). 13

14 X.509 Certificate 14

15 Advantages of CA Over KDC CA does not need to be on-line all the time! CA can be very simple computing device. If CA crashes, life goes on (except CRL). Certificates can be stored in an insecure manner!! Compromised CA cannot decrypt messages. Scales well. 15

16 Internet Certificate Hierarchy 16 Internet Policy Registration Authority Policy Certification Authorities Certification Authority Individuals/roles/orgs.

17 Types of certificates Organizational Certificates Principal’s affiliation with an organization Residential certificates Principal’s affiliation with an address Persona Certificates Principal’s Identity Principal need not be a person. It could be a role. 17

18 Public-key Infrastructure (PKI) Combination of digital certificates, public-key cryptography, and certificate authorities. A typical enterprise's PKI encompasses – issuance of digital certificates to users and servers – end-user enrollment software – integration with corporate certificate directories – tools for managing, renewing, and revoking certificates; and related services and support Verisign, Thawte and Entrust – PKI providers. Your own PKI using Mozilla/Microsoft certificate servers 18

19 Problems with PKI – Private Key Where and how is private key stored? – Host – encrypted with pass phrase – Host – encrypted by OS or application – Smart Card Assumes secure host or tamper proof smartcard. 19

20 Problems with PKI - Conflicts X.509, and PGP remain silent on conflicts. They assume CA’s will ensure that no conflicts arise. But in practice conflicts may exist – – John A. Smith and John B. Smith may live at the same address. 20

21 Trustworthiness of Issuer A certificate is the binding of an external identity to a cryptographic key and a distinguished name. If the issuer can be fooled, all who rely upon the certificate can be fooled  How do you trust CA from country XYZ (your favorite prejudice). 21

22 Further Reading Kerberos RFC: RFC-1510 X.509 page http://www.ietf.org/html.charters/pkix- charter.html http://www.ietf.org/html.charters/pkix- charter.html Ten Risks of PKI - http://www.schneier.com/paper-pki.html http://www.schneier.com/paper-pki.html 22

23 Some questions Can a KDC learn communication between Alice and Bob, to whom it issued keys? Can a CA learn communication between Alice and Bob, to whom it issued certificates? What happens if the CA is online all the time? Alice uses her private key, public key pairs and a CA issued certificate. She learnt that Eve might have leaned her key. What should she do? 23

24 Some Questions Sometimes when you access an https web- site, you get a security warning. What is that warning for? Sometimes when you connect to an SSH server, you get a security warning. What is that warning for? What is a self-signed certificate? 24

Download ppt "Lecture 5.3: Key Distribution: Public Key Setting CS 436/636/736 Spring 2012 Nitesh Saxena."

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
(n)Code Solutions A division of GNFC

(n)Code Solutions A division of GNFC
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
Public Key Infrastructure (PKI)

Public Key Infrastructure (PKI)
Lecture 4: Hash Functions, Message Authentication and Key Distribution CS 392/6813: Computer Security Fall 2008 Nitesh Saxena *Adopted from Previous Lectures.

Lecture 4: Hash Functions, Message Authentication and Key Distribution CS 392/6813: Computer Security Fall 2008 Nitesh Saxena *Adopted from Previous Lectures.
Certificates Last Updated: Aug 29, 2013. A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.

Certificates Last Updated: Aug 29, A certificate was originally created to bind a subject to the subject’s public key Intended to solve the key.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.
Lecture 23 Internet Authentication Applications

Lecture 23 Internet Authentication Applications
Chapter 9 Deploying IIS and Active Directory Certificate Services

Chapter 9 Deploying IIS and Active Directory Certificate Services
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.

70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 9: Planning and Managing Certificate Services.
 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.
CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.

CMSC 414 Computer (and Network) Security Lecture 15 Jonathan Katz.

Similar presentations

Ads by Google