Download presentation
Presentation is loading. Please wait.
Published byBriana Mathews Modified over 9 years ago
1
بسم الله
2
PKI Revealed Ayman Saeed
3
Agenda Cryptography Review. PKI …… WHY and HOW!!!!!. X.509 Certificate. PKI Hierarchies Certification. Practical Implementation of PKI.
4
Cryptography is not encryption, cryptography is a framework by which we can ensure the CIA triad for our information ; C for confidentiality, I for Integrity and A for authenticity.Cryptography is not encryption, cryptography is a framework by which we can ensure the CIA triad for our information ; C for confidentiality, I for Integrity and A for authenticity. We can achieve confidentiality by using encryption service, we can ensure the Integrity of a message by hashing it and we can finally authenticate the sender by using a combination of encryption and hashing.We can achieve confidentiality by using encryption service, we can ensure the Integrity of a message by hashing it and we can finally authenticate the sender by using a combination of encryption and hashing. Cryptosystem is the implemented form of the cryptographic framework, it consists of these three components :Cryptosystem is the implemented form of the cryptographic framework, it consists of these three components : 1- algorithms : cryptographic engines for doing encryption and hashing. 2- protocols : for establishing connections and negotiating parameters between the communicating parties. 3- keys : for encryption algorithms. SSL, IPSEC, SSH and PGP are good examples to be cryptosystems.SSL, IPSEC, SSH and PGP are good examples to be cryptosystems. Cryptography Review
5
Encryption can be done symmetrically and asymmetrically.Encryption can be done symmetrically and asymmetrically. For symmetric encryption, we are encrypting clear messages using a key and we are decrypting cipher messages using the same key. DES, 3DES, Blowfish, IDEA, RC5, Safer, Serpent and AES are the well known symmetric encryption algorithms.For symmetric encryption, we are encrypting clear messages using a key and we are decrypting cipher messages using the same key. DES, 3DES, Blowfish, IDEA, RC5, Safer, Serpent and AES are the well known symmetric encryption algorithms. For asymmetric encryption, we are encrypting clear messages using a key and we are decrypting cipher messages using a different key. RSA, ECC, ElGamel and Knapsack are the well known asymmetric encryption algorithms.For asymmetric encryption, we are encrypting clear messages using a key and we are decrypting cipher messages using a different key. RSA, ECC, ElGamel and Knapsack are the well known asymmetric encryption algorithms.
6
Symmetric encryption suffers from two major problems :Symmetric encryption suffers from two major problems : 1- it requires “ out of band “ exchange of keys. 2- not scalable, each pair of communicators should have a different key to use. Asymmetric encryption suffers from only one major problem :Asymmetric encryption suffers from only one major problem : Very slow compared to symmetric encryption, up to 1000 times slower. So, symmetric encryption is the normal choice for encrypting large amount of data, asymmetric encryption is used as the “out of band” way for symmetric encryption key distribution.So, symmetric encryption is the normal choice for encrypting large amount of data, asymmetric encryption is used as the “out of band” way for symmetric encryption key distribution.
7
Diffie-Hellman algorithm is considered as an implementation of key distribution using asymmetric pair of keys. Mohamed will generate two (public and private ) keys using his own Diffie-Hellman algorithm, Ali will do the same thing ; then, both of them will exchange his own public key, so Mohamed will have his own private key and Ali’s public key, he will use his Diffie-Hellman algorithm to generate a new private key ; Ali will have the same private key if he does the same operation.Diffie-Hellman algorithm is considered as an implementation of key distribution using asymmetric pair of keys. Mohamed will generate two (public and private ) keys using his own Diffie-Hellman algorithm, Ali will do the same thing ; then, both of them will exchange his own public key, so Mohamed will have his own private key and Ali’s public key, he will use his Diffie-Hellman algorithm to generate a new private key ; Ali will have the same private key if he does the same operation.
8
As we have mentioned before data integrity can be ensured using ……. Hashing.As we have mentioned before data integrity can be ensured using ……. Hashing.
9
Hashing is an irreversible process, with no keys.Hashing is an irreversible process, with no keys. MD2, MD4, MD5, SHA, HAVAL, RIPE and Tiger are the well known hashing algorithms.MD2, MD4, MD5, SHA, HAVAL, RIPE and Tiger are the well known hashing algorithms.
10
But we did not notice that we have a big huge weakness, if we are depending only on these hashing algorithms.But we did not notice that we have a big huge weakness, if we are depending only on these hashing algorithms. A simple newbie can execute an MITM attack, and he will be able to receive the message with digest from the sender so as to create a new fake message with a new generated hash (using the same hashing algorithm) to be sent to the poor receiver.A simple newbie can execute an MITM attack, and he will be able to receive the message with digest from the sender so as to create a new fake message with a new generated hash (using the same hashing algorithm) to be sent to the poor receiver. We can solve this problem by using HMAC with any hashing algorithm.We can solve this problem by using HMAC with any hashing algorithm.
11
This is our last step for the CIA triad, how can we ensure authenticity using cryptography !!!This is our last step for the CIA triad, how can we ensure authenticity using cryptography !!! Digital signature is used for achieving authenticity in a cryptographic form, it uses a combination of hashing and asymmetric encryption.Digital signature is used for achieving authenticity in a cryptographic form, it uses a combination of hashing and asymmetric encryption.
13
PKI …… WHY and HOW!!!!! Public Key Infrastructure is a Trust Connectivity media, I need to trust the sender before beginning a new session with him, but I do not have a direct look at him, how can I know that this public key is the one owned by the real sender; I need someone between us, someone that I can trust and that can trust this remote sender.Public Key Infrastructure is a Trust Connectivity media, I need to trust the sender before beginning a new session with him, but I do not have a direct look at him, how can I know that this public key is the one owned by the real sender; I need someone between us, someone that I can trust and that can trust this remote sender. How do I know I can trust you?How do I know I can trust you? Answer: The CA trusts me. How do I know the CA trusts you ?How do I know the CA trusts you ? Answer: you can see my certificate issued by the CA.
14
PKI infrastructure can be divided into four basic subsystems :PKI infrastructure can be divided into four basic subsystems : Registration AuthorityRegistration Authority Certification AuthorityCertification Authority Certification RepositoryCertification Repository Certification revocation systemCertification revocation system
15
Registration authority will deal the requester, who and why?? It could be an office with some humans to evaluate the requester or it could be a piece of software.Registration authority will deal the requester, who and why?? It could be an office with some humans to evaluate the requester or it could be a piece of software. Certification authority will issue the certificate for the requester as it is requested by the Registration authority.Certification authority will issue the certificate for the requester as it is requested by the Registration authority. All certificates issued by the CA will be stored in a certificate repositoryAll certificates issued by the CA will be stored in a certificate repository
16
Amr wants to participate in a PKI process:Amr wants to participate in a PKI process: He will send a request for the registration authority to be given a certificate.He will send a request for the registration authority to be given a certificate. RA will validate Amr’s Identity.RA will validate Amr’s Identity. RA will send a request for CA with Amr information.RA will send a request for CA with Amr information. CA will generate the certificate and will send it to Amr.CA will generate the certificate and will send it to Amr. A copy from this certificate will be saved at the certificate repo.A copy from this certificate will be saved at the certificate repo. The certificate that will be issued for Amr will have only his public Key, it will not carry Amr’s private key as it will be viewed for the public. So where is the private key !!.The certificate that will be issued for Amr will have only his public Key, it will not carry Amr’s private key as it will be viewed for the public. So where is the private key !!. Before requesting the certificate, Amr can generate both public and private keys at his PC, he can enclose the generated public key with the certificate request, CA will use this public key for the new issued certificate.Before requesting the certificate, Amr can generate both public and private keys at his PC, he can enclose the generated public key with the certificate request, CA will use this public key for the new issued certificate. As a second option, CA can generate both public and private keys, Amr can have his private “out of band”.As a second option, CA can generate both public and private keys, Amr can have his private “out of band”.
18
X.509 Certificate Before we proceed into the certificate anatomy ; I would like to predict the certificate structure from the view of what we really need from the certificate itself.Before we proceed into the certificate anatomy ; I would like to predict the certificate structure from the view of what we really need from the certificate itself. The certificate is a proof of trust from the CA to a specific user, so it should declare the name of this user ( this is the certificate of amr.saeed).The certificate is a proof of trust from the CA to a specific user, so it should declare the name of this user ( this is the certificate of amr.saeed). The certificate should declare the authority that issued this certificate (xyx.company).The certificate should declare the authority that issued this certificate (xyx.company). The certificate should have the public key of Amr in a clear form.The certificate should have the public key of Amr in a clear form. The contents of this certificate should be hashed and digitally signed by the issuer CA.The contents of this certificate should be hashed and digitally signed by the issuer CA.
19
This is X.509 certificate anatomy :This is X.509 certificate anatomy :
20
This certificate’s version is V3, serial number is 6b 3c ……., signature algorithms are SHA with RSA, issuer is Class 3 …….. Etc.This certificate’s version is V3, serial number is 6b 3c ……., signature algorithms are SHA with RSA, issuer is Class 3 …….. Etc.
21
This is the sequence of signing a digital certificate :This is the sequence of signing a digital certificate :
22
This is the sequence of verifying a digital certificate :This is the sequence of verifying a digital certificate :
23
Certificate loses its validity in one of these three cases :Certificate loses its validity in one of these three cases : 1-loss of integrity. 2-date expiration. 3-being revoked. Certificate revocation can be done if we have a sudden change ; a user loses his private key, someone leaves the company or something like that.Certificate revocation can be done if we have a sudden change ; a user loses his private key, someone leaves the company or something like that. Loss of integrity and date expiration can be easily known by the entity that receives the certificate ; how do this entity know that this certificate had been revoked !!! this the new problem that we should solve.Loss of integrity and date expiration can be easily known by the entity that receives the certificate ; how do this entity know that this certificate had been revoked !!! this the new problem that we should solve. Each of your trusted certification authorities should have a list of revoked certificates that were issued by this CA. This list is known as Certificate Revocation List (CRL) and this list should be broadcasted to all systems that trust this CA.bEach of your trusted certification authorities should have a list of revoked certificates that were issued by this CA. This list is known as Certificate Revocation List (CRL) and this list should be broadcasted to all systems that trust this CA.b
24
Each system should check CRL advertised by the CA that issued the received certificate.Each system should check CRL advertised by the CA that issued the received certificate.
26
Let us assume two situations to deal with, for a solid understanding of PKI Hierarchies and Cross-Certification:Let us assume two situations to deal with, for a solid understanding of PKI Hierarchies and Cross-Certification:
27
We have a big company that has multiple branches, each branch should have a dedicated CA for issuing certificates in this branch ; these branches should be authorized from subordinate CAs and subordinate CAs should be authorized from one root CA. This is known as hierarchal cross-certification. PKI Hierarchies Certification
28
The CA at the top of the hierarchy is called a root CA. Root CAs have self- signed certificates. Root CAs are the most trusted CAs in the organization. Child CAs are called subordinate CAs. Subordinate CAs are certified by the parent CAs. A parent CA certifies the subordinate CA by issuing and signing the subordinate CA certificate. A subordinate CA can be either an intermediate or an issuing CA. An intermediate CA issues certificates only to subordinate CAs. An issuing CA issues certificates to users, computers, or services.The CA at the top of the hierarchy is called a root CA. Root CAs have self- signed certificates. Root CAs are the most trusted CAs in the organization. Child CAs are called subordinate CAs. Subordinate CAs are certified by the parent CAs. A parent CA certifies the subordinate CA by issuing and signing the subordinate CA certificate. A subordinate CA can be either an intermediate or an issuing CA. An intermediate CA issues certificates only to subordinate CAs. An issuing CA issues certificates to users, computers, or services. So if a user receives a certificate that was issued by a CA which is a member in a hieratical cross certification model, this certificate should contain its certification path.So if a user receives a certificate that was issued by a CA which is a member in a hieratical cross certification model, this certificate should contain its certification path.
29
The belowfigure shows an example of certification path. The recipient should verify theses certificates one by one starting from bottom to top with the condition >>>>>>> the user trusts the root CA.The belowfigure shows an example of certification path. The recipient should verify theses certificates one by one starting from bottom to top with the condition >>>>>>> the user trusts the root CA.
31
سبحانك اللهم وبحمدك أشهد ان لا اله الا انت أستغفرك وأتوب اليك أستغفرك وأتوب اليك
Similar presentations
© 2025 SlidePlayer.com. Inc.
All rights reserved.