• No results found

Certificates, Certification Authorities and Public-Key Infrastructures

N/A
N/A
Protected

Academic year: 2021

Share "Certificates, Certification Authorities and Public-Key Infrastructures"

Copied!
6
0
0

Loading.... (view fulltext now)

Full text

(1)

ALMA MATER STUDIORUM – UNIVERSITA’ DI BOLOGNA

 

Certificates,

Certification Authorities and

Public-Key Infrastructures

Ozalp Babaoglu

© Babaoglu 2001-2015 Sicurezza

Certificati digitali

La chiave pubblica con la quale stiamo cifrando deve

appartenere realmente al destinatario del messaggio

Si pone il problema dello scambio delle chiavi

(man-in-the-middle attack)

I certificati digitali vengono usati per evitare che qualcuno

tenti di “spacciarsi” per un’altra persona sostituendone la chiave pubblica

2

Certificates in the physical world

Personal data Photograph

Seals + Signature “I certify that the data

correspond to the person in the photo”

Digital Certificates

In asymmetric cryptography, a digital certificate is the form

in which public keys are communicated

It is a binding between a public key and identity

information about a subject

It is signed by a certificate issuer

Functions much like a physical certificate Avoids man-in-the-middle attacks

(2)

© Babaoglu 2001-2015 Sicurezza

X.509 Certificates

X.509 is a standard that specifies digital certificates with the following fields:

Subject: Distinguished Name, Public Key Issuer: Distinguished Name, Signature Validity: Not Before Date, Not After Date Administrative Info: Version, Serial Number

Extended Info:

5 © Babaoglu 2001-2015 Sicurezza

X.509 Certificates

Distinguished Name Fields as defined by X.509 Standard

Common Name CN=Calisto Tanzi Organization or Company O=Parmalat

Organizational Unit OU=Management

City/Locality L=Parma

State/Province ST=Emilia Romagna Country (ISO Code) C=IT

6

Distribuzione dei certificati

Distribuzione manuale o di persona: passaporto, carta

d’identità

Certificati sono generati e distribuiti da entità fidate

Certificate servers

Public Key Infrastructures (PKI)

Certificate servers

Database centralizzate disponibili su rete Possono essere replicate

Permettono agli utenti di

richiedere l’inserimento del proprio certificato nel database richiedere il certificato di qualcuno

(3)

© Babaoglu 2001-2015 Sicurezza

Certification Authority

Certification Authority (CA) is responsible for certification,

validation and revocation of certificates

Many different types of CAs exist: commercial, government,

free, etc.

Examples of CAs: VeriSign, Symantec, Thawte, Geotrust,

Comodo, Visa, Actalis

9 © Babaoglu 2001-2015 Sicurezza

Public Key Infrastructure

Collection of CAs and protocols for invoking their services

by clients constitutes a Public Key Infrastructure (PKI)

10

PKI – Certification

When a subject requests a certificate for the first time, the

subject must be authenticated

In-band authentication:

performed using the PKI itself

possible only for certain types of identity information (e.g. email

addresses)

Out-of-band authentication:

performed using more traditional methods, such as mail, fax, over

the telephone or physical meeting

PKI – Certification Authorities

The certification process is based on trust

Users trust the issuing authority to issue only certificates that

correctly associate subjects to their public keys ■ Only one CA for the entire world?

No — would be impractical

Instead:

Most PKI enable one CA to certify other CA’s

One CA is telling its users that they can trust what a second CA

(4)

© Babaoglu 2001-2015 Sicurezza

PKI – Certificate Chains

13 DN Bob PubK Bob Sig CA Z DN CA Y PubK CA Y Sig CA X DN CA Z PubK CA Z Sig CA Y DN CA X Sig CA X PubK CA X © Babaoglu 2001-2015 Sicurezza

PKI – Certificate Chains

Certificate chains can be of arbitrary length

Each certificate in the chain validated by the preceding one Different certificates:

“Leaf” certificates (end-user) “Intermediate” certificates “Root” certificates

14

PKI – CA Hierarchies

CAs can be organized

as a rooted tree (X.509) as a general graph (PGP) CA CA CA CA CA CA CA

Hierarchical Trust (X.509)

Based on chains of trust forming a rooted tree among

entities that are reputed to be CAs

The (blind) trust we place on root-level CAs must be

acquired through reputation, experience, operational competence and other non-technical aspects

Anyone claiming to be a CA must be a trusted entity and we

(5)

© Babaoglu 2001-2015 Sicurezza

Web of Trust (PGP)

In PGP, any user can act as a CA and sign the public key of

another user

A public key is considered valid only if a sufficient number of

trusted users have signed it

As the system evolves, complex trust relations emerge as

dynamic “web”

Trust need not be symmetric or transitive (more on PGP later)

17 © Babaoglu 2001-2015 Sicurezza

PKI – Validation

Validation — need to control that the certificate

Is current — within “not before” and “not after” dates, Is valid — signed by a chain of CAs ending in a root CA, Has not been revoked

Checking currency and validity can be done locally and

off-line by the certificate user

Checking if the certificate has been revoked is more

complicated

18

PKI – Revocation

Revocation — the process of breaking the binding between

a public key and a subject for various reasons ■ subject’s private key becomes compromised

subject identifier information changes (e.g., name, email address)

On-line

revocation problem becomes trivial

Online Certificate Status Protocol (OCSP) of X.509 describes how

to check validity and revoke certificates ■ Off-line

While the certificate is current, the revocation method is critical

PKI – Revocation

Certificate Revocation List (CRL)

a list of revoked certificates id constructed, signed and periodically

distributed by th CA

user must check the latest CRL during validation to make sure that

a certificate has not been revoked

X.509 includes a CRL profile, describing the format of CRLs

CRL Problems

CRL time-granularity problem — how often to issue CRLs? CRL size — incremental versus bulk

(6)

© Babaoglu 2001-2015 Sicurezza

Certificates in Practice: Firefox

21 © Babaoglu 2001-2015 Sicurezza

Certificates in Practice: Firefox

22

References

Related documents

The steam pressure in the exchanger will increase, which in turn will increase the rate of heat transfer to the process stream.. The result will be a change in the product

X Includes technologies/functions such as public key encryption, digital certificates, certification authorities, registration authorities, certificate management services,

bogus trust anchor in the list of trusted CAs – It is hard to examine the set of trust anchors and. determine whether some has modified

Students appreciate the immediate feedback and instruction provided through these programs Examining faculty perceptions on using MyMathLab was the first step in understanding

The purpose of this report is to assess not only the economical, environmental and social aspects of two potential hardware or software combinations that serve the purpose of

COPY HACKERS VALUE PROPOSITION SCORE: 35/50 Unique: 6 Desirable: 8 Specific: 8 Succinct: 6 Memorable: 7. RATIONALE FOR VARIATION 1: Post Planner is quite simple in concept,

In addition, order forms must be received by the Doubletree by Hilton Miami Airport Convention Center Catering Department two minimum (2) week prior to setup date for the event.

Certificate templates are used by Microsoft Windows Server 2003 public key infra€ structure (PKI) to define the contents of certificates issued by enterprise certificate