Presentation is loading. Please wait.

Presentation is loading. Please wait.

Public Key Infrastructure (PKI) Chien-Chung Shen

Published bySilas Gilmore Modified over 9 years ago

Similar presentations

Presentation on theme: "Public Key Infrastructure (PKI) Chien-Chung Shen"— Presentation transcript:

1 Public Key Infrastructure (PKI) Chien-Chung Shen cshen@cis.udel.edu

2 Distribution of Public Keys The algorithms to generate a matched pair of public and private keys are publicly known, and software that does it is widely available So if Alice wanted to use a public key cipher, she could generate her own pair of public and private keys, keep the private key hidden, and publicize the public key But how can she publicize her public key—assert that the key belongs to her—in such a way that other participants can be sure the key really belongs to her?

3 Public Key Instrastructure (PKI) A complete scheme for certifying bindings between public keys and identities— what key belongs to who—is called a Public Key Infrastructure (PKI) A PKI starts with the ability to (1) verify identities and (2) bind identities to keys out of band By “out of band,” we mean something outside the network and the computers that comprise it, such as in the following scenarios –If Alice and Bob are individuals who know each other, then they could get together in the same room and Alice could give her public key to Bob directly, perhaps on a business card –If Bob is an organization, Alice the individual could present conventional identification, perhaps involving a photograph or fingerprints –If Alice and Bob are computers owned by the same company, then a system administrator could configure Bob with Alice’s public key

4 Public Key Instrastructure (PKI) Establish keys out of band does not scale, but it suffices to bootstrap a PKI Bob’s knowledge that Alice’s (public) key is k can be widely, scalably disseminated using a combination of digital signature and concept of trust –suppose you receive Bob’s public key out of band and you trust Bob on matters of keys and identities –then Bob could send you a message asserting Alice’s key is x –since you know Bob’s public key, you could authenticate this message as having come from Bob –since you trust Bob, you now know that Alice’s key is x, even you had never met her or exchange message with her –with digital signature, Bob wouldn’t even have to send you a message; he could simply create and publish a digitally signed statement that Alice’s public key is x

5 Bob sends digitally signed message: Alice verifies signature, integrity of digitally signed message: large message m H: Hash function H(m) digital signature (encrypt) Bob’s private key K B - + K B (H(m)) - encrypted msg digest K B (H(m)) - encrypted msg digest large message m H: Hash function H(m) digital signature (decrypt) H(m) Bob’s public key K B + equal ? Digital Signature = Signed Message Digest

6 Public Key Instrastructure (PKI) A digitally signed statement of a public key binding (to an identity) is called a public key certificate, or simply a certificate Bob could send Alice a copy of th certificate, or post it on website If an when someone needs to verify Alice’s public key, the could do so by getting a copy of the certificate, perhaps directly from Alice, as long as they trust Bob abd know his public key Starting from just Bob’s public key, we could build up a large set of trusted keys over time Bob plays the role of Certificate Authority (CA) VeriSign® is one well-known commercial CA

7 Public Key Instrastructure (PKI) X.509 is one major standard for certificate ( http://en.wikipedia.org/wiki/X.509) A certificate clearly must include –the identity of the entity being certified –the public key of the entity being certified –the identity of the signer –the digital signature –a digital signature algorithm identifier (which cryptographic hash and which cipher) Certificate creates a binding between an identity and a public key; certificate must use well-defined name space for the identities being certified, such as email address or DNS domains

8 Certificate Authorities Trust is binary; you either trust soneone completely or not at all Together with certificates, this allows the building of chains of trust –If X certifies that a certain public key belongs to Y, and the Y goes on to certify that another pubic ket belobgs to Z, then there exists a chain of certificates from X to Z, even though X and Z may have never met –If you know X’s public key, and you trust X and Y, then you can believe the certificate that gives Z’s key –All you need is a chain of certificates, all signed by entities you trust, as long as it leads back to an entity whose key you already know.

9 Certificate Authorities A certification authority or certificate authority (CA) is an entity claimed (by someone) to be trustworthy for verifying identities and issuing public key certificates There are commercial CAs, governmental CAs, and even free CAs To use a CA, you must know its own key. You can learn that CA’s key, however, if you can obtain a chain of CA-signed certificates that starts with a CA whose key you already know Then you can believe any certificate signed by that new CA

10 View Certificates Firefox and IE come pre-equipped with certificates for a set of CAs; in effect, the brower’s producer has decided these CAs and their keys can be trustedWhen you have browsed to a website whose web address starts with https, there will be a lock icon at the beginning of the address bar. Single-click on the lock icon to get a pop-up that says who verified the certificate, then click on More Information In that window, click on Security then View Certificate

Download ppt "Public Key Infrastructure (PKI) Chien-Chung Shen"

Similar presentations

Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,

Public Key Infrastructure Alex Bardas. What is Cryptography ? Cryptography is a mathematical method of protecting information –Cryptography is part of,
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Digital Signatures Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) Coming up: Digital.

Digital Signatures Dan Fleck CS 469: Security Engineering These slides are modified with permission from Bill Young (Univ of Texas) Coming up: Digital.
Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.

Department of Information Engineering1 Major Concerns in Electronic Commerce Authentication –there must be proof of identity of the parties in an electronic.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
16.1 © 2004 Pearson Education, Inc. Exam 70-294 Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.

Apr 9, 2002Mårten Trolin1 Previous lecture TLS details –Phases Handshake Securing messages –What the messages contain –Authentication The second assignment.
Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2002CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.

1 Key Establishment Symmetric key problem: How do two entities establish shared secret key in the first place? Solutions: Deffie-Hellman trusted key distribution.
Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.

Mar 4, 2003Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities.
8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.

8-1 What is network security? Confidentiality: only sender, intended receiver should “understand” message contents m sender encrypts message m receiver.
Cryptographic Technologies

Cryptographic Technologies
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.
Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2003CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.

Introduction to Public Key Infrastructure (PKI) Office of Information Security The University of Texas at Brownsville & Texas Southmost College.
Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Network Security – Part 2 V.T. Raja, Ph.D., Oregon State University.

Similar presentations

Ads by Google