• No results found

Public Key Infrastructure

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Public Key Infrastructure"

Copied!
21
0
0

Loading.... (view fulltext now)

Download now ( 21 Page )

Full text

(1)

UT DALLAS

UT DALLAS Erik Jonsson School of Engineering & Computer Science

Public Key Infrastructure

(2)

What is PKI

• How to ensure the authenticity of public keys

• How can Alice be sure that Bob’s purported

public key really is Bob’s key (not Charlie’s)

• A PKI is a secure system that is used to

manage and control certificates

• Several aspects:

– The system should function without the active intervention of the user.

– Public key signature scheme is used

– No need to keep prior shared secret keys between two parties

(3)

Components of PKI

• Certificate Issuance:

– Most PKIs have one or more trusted authorities (certification authorities) that control the issuing of certificates.

– Before a certificate issued the identity of the user must be verified.

– A secure procedure is needed to generate and transmit the public key and private key to the user

(4)

Components of PKI

• Certificate Revocation:

– Revoking certificate before a normal expiration date

– When private key being lost or other fraudulent use of the key

– Similar to credit cards stolen

– Additional infrastructure is required to recognize revoked certificates

(5)

Components of PKI

• Key backup / recovery / update:

– Secure storage of users’ private keys by the administrator of the PKI, in case users lose or forget their private keys

– User has to prove its identity before being allowed to access a stored private key

– When a certificate is about to expire the old key can be used to transfer the new key

– More efficient than generating new keys and certificates from scratch

(6)

Components of PKI

• Timestamping:

– Certificates usually have fixed length validity periods.

(7)

Secure Socket Layer

• SSL is used to facilitate online purchases

from a company’s web page using a web browser

• Only the server is required to supply a

certificate during an SSL session

• The client may not even have a public key or

(8)

Setting up an SSL Session

client server

I’m Alice I’m Bob, Inc. PK, sigCA (PK) verify PK

generate MS y = ePK (MS)

K1 , K2 =h(MS)

K1 , K2 =h(MS) MS = dPK (y)

(9)

Certificates

• Certificates are building blocks of PKIs

• A certificate binds an identity to a public key

• Everyone has access to an authentic copy of

the public key of the CA

• X.509 v3 certificates contain the following

fields:

– Version number

– Serial number

(10)

Certificates

• X.509 v3 certificates contain the following

fields:

– Issuer name

– Validity period

– Subject name (i.e. the certificate owner)

– The cert. owner public key

– Optional fields

(11)

Trust Models

• Using certificate paths to sign a certificate

• Trust models:

– Strict hierarchy

– Networked PKIs

– Web browser model

(12)

1) Strict Hierarchy Model

• The root CA is called a trust anchor

• Root CA may issue certificates for lower level

CAs

• Any CA can issue certificates for end users

• x → y means that the entity corresponding to

node x has signed a certificate for the entity corresponding to node y.

(13)

1) Strict Hierarchy Model (Cont.)

CAroot

CA1 CA2 CA3 CA4

(14)

2) Networked PKIs

• Strict hierarchy may work well within a single

organization.

• Sometimes it may be desirable to connect

root CAs of two or more different PKI domains.

(15)

Networked PKIs – The Mesh Configuration

CAroot1

CAroot2 CAroot3

Cross certification is used among multiple CAs n root CAs will require n(n-1) cross certifications

(16)

The Hub-and-spoke Configuration

CAhub

CAroot1 CAroot3

n root CAs each cross-certify independently with a new hub CA. 2n cross certifications are required

(17)

3) The Web Browser Model

• Web browsers come preconfigured with a set

of “independent” root CAs

• These are treated by the user of the browser

as trust anchors.

• The provider of the browser is assumed to be

trusted.

• Problems:

– No information about the preconfigured CAs

(18)

3) The Web Browser Model (Cont.)

• Problems:

– No mechanism to revoke a root CA

– User may accept self signed certificates

(19)

4) Pretty Good Privacy (PGP)

• Every user is his or her own CA.

• A PGP certificate contains an e-mail address

(ID), a public key (PK) and one or more signatures on this (ID, PK) pair.

• Alice’s self signed certificate:

– Cert(Alice) : (data, signatures) where

data : (ID = [email protected] , PK = 12345)

(20)

4) Pretty Good Privacy (PGP)

• Other users might also create signatures on

the data on Alice’s certificate.

• signatures : (sigAlice (data), sigBob (data))

• The signatures on a certificate help to verify

the certificate’s authenticity to other users

• Collection of certificates: keyring

• Associated with each certificate in the keyring

is an owner trust field (OTF) and a key

(21)

The Future of PKI

• Many potential difficulties associated with

large-scale deployments of PKIs

• Who should be responsible for development,

maintenance and regulation of PKIs? Governments? Industry?

• What standards should be used in PKIs?

• Interoperability problems

References

Download now ( PDF - 21 Page - 144.77 KB )

Related documents

Taper model for Eucalyptus nitens, in volcanic ash soils of the region of The Araucanía (Chile)

Un modelo de ahusamiento debiera tener los atributos siguientes: i) ser diferenciable en toda la longitud del fuste, ii) no generar oscilaciones alrededor de la

Clinical Handover Standard for Midwifery Students: Improving Safety Attitudes in Maternity Services

Either the control group or the intervention group was equally evaluated post-test the safety attitudes questionnaire filled Clinical Instructor and students, then

29500321-Shunt-Reactors-Shunt-Reactor-Protection.pdf

By means of control of Inductance: Shunt Reactors can be fixed type or power electronic switched type (typically found in TCRs, SVC etc).. DRY TYPE & OIL

Guidance for the risk assessment of the presence at low level of genetically modified plant material in imported food and feed under Regulation (EC) No 1829/2003

Following a request of the European Commission, the European Food Safety Authority (EFSA) provides guidance on the scienti fi c requirements of Annex II of Regulation (EU) No

Comparative genomics of dairy lactic acid bacteria: Proto-cooperation, proteolysis and flavour formation.

The genes encoding predicted proteolytic system components of the three sequenced L. lactis strains were used to query the database containing pangenome CGH data. We obtained

Department of Defense INSTRUCTION. Public Key Infrastructure (PKI) and Public Key (PK) Enabling

Non-Federal agency certificates shall be tested for technical interoperability with DoD information systems, including web servers and e-mail clients, to ensure that

A transcriptomic approach to dissect the effect of grapevine rootstocks on plant tolerance to abiotic stresses and berry ripening

Taking into accounts that at commercial CS harvest, CS/M4 berries berries were showing differences in some processes ripening- related (e.g. flavonoids metabolism)