PKCS. PKCS: Public Key Cryptography Standards

(1)

1 AISS 2012/13 Ricardo Chaves

PKCS

• PKCS: Public Key Cryptography Standards

– Devised and published by RSA Security

– Launched in 1991 as implementation agreements among

early adopters of public-key cryptography

• Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun

– Revised 1993, Cryptoki (PKCS #11) released 1995

– Workshops, ongoing updates, new documents since

1996

Departamento de Engenharia Informática

PKCS - Standards

• PKCS #1 : RSA Cryptography Standard • PKCS #3 : Diffie-Hellman Key-Agreement • PKCS #5 : Password-Based Cryptography

• PKCS #7 : Cryptographic Message Syntax Standard • Sign/encrypt messages under a PKI

• PKCS #8 : Private-Key Information Syntax • PKCS #9 : Selected Attribute Types

• selected attribute types for use in PKCS #7, PKCS #8, PKCS #10 • PKCS #10: Certification Request Syntax

• Format of messages sent to a certification authority to request certification of a public key

• PKCS #11: Cryptographic Token Interface (Cryptoki) • PKCS #12: Personal Information Exchange Syntax • PKCS #13: Elliptic Curve Cryptography Standard • PKCS #14: Pseudo-random Number Generation

• PKCS #15: Cryptographic Token Information Format Standard

(2)

• PKCS #1: RSA Cryptography

– RSA encryption, signature schemes

• v1.5 (1993) has basic RSA schemes, specified in SSL, S/MIME, PKIX • v2.0 (1998) adds Bellare-Rogaway OAEP encryption

• v2.1 (2002) adds B-R PSS (Probabilistic Signature Scheme)

• PKCS #7: Cryptographic Message Syntax

– Signed, encrypted message syntax • enhancement to Privacy-Enhanced Mail

• v1.5 (1993) has RSA-oriented key management, basis for S/MIME, some PKIX protocols

• IETF RFC 2630 (CMS) adds DH-oriented key management • v1.6 (2009) supports SET (Secure Electronic Transaction) protocol

PKCS#11

• PKCS#11: Cryptographic Token Interface (a.k.a. Cryptoki)

– Programming interface for smart cards, other devices

• v1.0 (1995) has basic methods

• v2.01 (1997) adds cryptographic mechanisms, improves management • v2.11 (2001) clarifies interfaces, adds more mechanisms

• PKCS#11 - Main Goals:

– The primary goal of Cryptoki:

• a lower-level programming interface that abstracts the details of the devices; and presents to the application a common model of the cryptographic device, called a “cryptographic token”.

– A secondary goal: • resource-sharing

» as desktop multi-tasking operating systems become more popular, a single device should be shared between more than one application. In addition, an application should be able to interface to more than one device at a given time.

(3)

PKCS#11

• PKCS11 and several key concepts

– Slot – place where the smart card is inserted

– Token – ‘thing’, which is inserted into the Slot.

Commonly the Smart Cards

– Object – keys, certificates, data, sessions, etc.

– Session – before any operation we need to establish a

session to the token

O b j e c t C e r t i f i c a t e K e y D a t a S e c r e t K e y P r i v a t e K e y P u b l i c K e y

PKCS#11- Functions

• SmarCard Management:

» C_GetSlotList » C_GetSlotInfo » C_GetTokenInfo » C_GetMechanismList » C_GetMechanismInfo » C_InitToken » C_InitPIN » C_SetPIN

• Digital Signature:

» C_SignInit » C_Sign » C_SignUpdate » C_SignFinal » C_VerifyInit » C_Verify » C_VerifyUpdate » C_VerifyFinal

• Session Managment:

» C_OpenSession » C_CloseSession » C_CloseAllSession » C_GetSessionInfo » C_Login » C_Logout

• Key Management:

» C_GenerateKey » C_GenerateKeyPair » C_WrapKey » C_UnwrapKey

• Message Hashing:

» C_DigestInit » C_Digest » C_DigestUpdate » C_DigestFinal

(4)

• Management of SmartCard -

Generation of a public/private key pair:

– the C_GenerateKeyPairC_GenerateKeyPair function performs the following operations: 1. Inserts the file EF_Index identification of key

• items obtained from templates;

2. Compiles the files EF_Kpub_Attribute and EF_Kpri_Attribute

• with information obtained from templates;

3. Constructs the file via the APDU command:

• EF_Kpub: CREATE FILE;

4. Constructs the object BSOKPRI-SIGN through the APDU command:

• APDU: PUT DATA OCI

• forcing algorithm and conditions of access consistent with the template of the private key;

5. Generates the key pair using the APDU command:

• APDU: GENERATE KEY PAIR.

PKCS#11

• The C_GenerateKeyPairC_GenerateKeyPair (pre-requisite ? C_Login)

– Input Parameters:

• CK_SESSION_HANDLE hSession:

» session handle obtained by the functions C_OpenSession and C_GetSessionInfo;

• CK_MECHANISM_PTR pMechanism:

» pointer to the cryptographic mechanisms supported by the library;

• CK_ATTRIBUTE_PTR pPublicKeyTemplate:

» pointer to the template of the public key;

• CK_ULONG ulPublicKeyAttributeCount:

» number of attributes of the template;

• CK_ATTRIBUTE_PTR pPrivateKeyTemplate:

» pointer to the template of the private key;

• CK_ULONG ulPrivateKeyAttributeCount:

» number of attributes of the template;

• CK_OBJECT_HANDLE_PTR phPublicKey:

» pointer to where the library will return the object handle public key;

• CK_OBJECT_HANDLE_PTR phPrivateKey:

» pointer to where the library will return the object handle private key.

example CK_RV CK_ENTRY C_GenerateKeyPair( CK_SESSION_HANDLE hSession, CK_MECHANISM_PTR pMechanism, CK_ATTRIBUTE_PTR pPublicKeyTemplate , CK_ULONG ulPublicKeyAttributeCount , CK_ATTRIBUTE_PTR pPrivateKeyTemplate, CK_ULONG ulPrivateKeyAttributeCount , CK_OBJECT_HANDLE_PTR phPublicKey , CK_OBJECT_HANDLE_PTR phPrivateKey );

(5)

PKCS#15

• PKCS #15: Cryptographic Token Information Format

– File format for cryptographic data on smart cards, other devices – v1.0 (1998) newly released, candidate for WAP Forum, country e-ID

cards

– v1.1 (2004), adds software format

• Common formats for cryptographic objects

– File formats in case of smart cards

– Coordination with several groups: » WAP Forum

» PC/SC Forum » SEIS (Sweden)

PKCS#15 - File System

• EF_Index:

– Elementary Linear File type TLV that contains identifiers PKCS # 11 (CKA_ID) objects public key, private key, certificates, and data objects in the Digital Signature directory.

• This file is used by the object management functions for the "navigation" of the Smart Card file system.

(6)

APPLICATION

Ser.Provider Crypto Service Provider C - API

Resource Manager

IFD COM OS manufacture Smart Card SC reader IFD Driver

• Abstraction:

•Abstraction in Windows - Cryptographic Service Provider (CSP):