Certificates Noah Zani, Tim Strasser, Andrs Baumeler Overview - - PowerPoint PPT Presentation

certificates
SMART_READER_LITE
LIVE PREVIEW

Certificates Noah Zani, Tim Strasser, Andrs Baumeler Overview - - PowerPoint PPT Presentation

Nov 29, 2022 278 likes •783 views

Certificates Noah Zani, Tim Strasser, Andrs Baumeler Overview Motivation Introduction Public Key Infrastructure (PKI) Economic Aspects Motivation Need for secure, trusted communication Growing certificate market

slide-1
SLIDE 1

Certificates

Noah Zani, Tim Strasser, Andrés Baumeler

slide-2
SLIDE 2

Overview

  • Motivation
  • Introduction
  • Public Key Infrastructure (PKI)
  • Economic Aspects
slide-3
SLIDE 3

Motivation

  • Need for secure, trusted communication
  • Growing certificate market
  • Government surveillance
slide-4
SLIDE 4

Introduction

  • Symmetric/Asymmetric cryptography
  • Why do we need certificates?
slide-5
SLIDE 5

Symmetric Encryption

https://i-msdn.sec.s-msft.com/dynimg/IC168364.gif

slide-6
SLIDE 6

Asymmetric encryption (public-key encryption)

https://i-msdn.sec.s-msft.com/dynimg/IC21919.gif

slide-7
SLIDE 7

Why do we need Certificates?

slide-8
SLIDE 8

Public Key Infrastructure

  • PKI as defined in RFC 5280 and ITU-T X.509
  • Use Case: e-Banking
slide-9
SLIDE 9

Definition

  • “The infrastructure able to support the management of public keys

able to support authentication, encryption, integrity or non- repudiation services“ [1 ]

  • “The set of hardware, software, people, policies and

procedures needed to create, manage, store, distribute, and revoke Public Key Certificates based on public-key cryptography.”

[ 2]

[1]: ITU-T X.509 (10/2012) [2]: Xenitellis, Simos. (2000). The Open–source PKI Book: A guide to PKIs and Open–source Implementations (pp.107). Retrieved October, 2015 from http://sourceforge.net/projects/ospkibook/

slide-10
SLIDE 10

X.509

  • It was developed as part of the X.500 standard, which described the

structure of a globally accessible directory service but was never fully implemented.

  • Defines frameworks for Public Key Infrastructure
  • Issued in 1988 by the ITU-T (The Telecommunication

Standardization Sector of the International Telecommunication Union)

slide-11
SLIDE 11

RFC 5280/6818

  • Profile for the Internet X.509 Public Key Certificate and

Certificate Revocation List

  • Published May 2008 by the Internet Engineering Task

Force IETF

  • Updated January 2013 by the RFC 6818
slide-12
SLIDE 12

Components

  • Components of a PKI

 Public Key Certificate  Certification Authority (CA)  Registration Authoritiy (RA)  Certificate Revocation List (CRL)  Directory Service  Validation Authority (VA)  Subscriber (Holder of certificate) and (participant trusting the certificates)  Documentation, including policy and practice statement

slide-13
SLIDE 13
slide-14
SLIDE 14

Certificates

  • Public-key of certificate holder
  • Information about the validity of the certificate, about

the certificate holder and certificate issuer (CA)

  • Digital signature by the CA
slide-15
SLIDE 15
slide-16
SLIDE 16

Certificate/Certification Authority

  • A CA is a Trusted Third Party that it issues digital

certificates

  • Trustworthiness is key
slide-17
SLIDE 17

Certificate/Certification Authority

  • Validates certificate requester

 Domain validation  Organizational validation  Extended validation

  • Issues certificate signed with CAs private key
  • Revokes invalid certificates
slide-18
SLIDE 18

Hierarchical structure and certification path

  • X.509 assumes a strict

hierarchical tree structure of CAs

  • Child CAs (subordinate CAs) are

certified by their parent CAs

  • The Root CA is trustworthy by

agreement of all participants

  • Trusted CAs are included with

browsers

  • Alternative concept: web of trust

models

Root CA Intermediate CA Intermediate CA Issuing CA Issuing CA Issuing CA Issuing CA

slide-19
SLIDE 19

Cross Certification

Company A PKI Company B PKI

  • Corp. A Root CA
  • Corp. A

Subordinate CA User 1 User 2

  • Corp. B Root CA
  • Corp. B

Subordinate CA User 1 User 2 Cross Certification

slide-20
SLIDE 20
slide-21
SLIDE 21

Registration Authority

  • An optional system to which a CA delegates certain

management functions

  • Receives Certification Signing Requests (CRS) and verifies

the authenticity of the certificate holder

  • Forwards the request to the Certification Authority
slide-22
SLIDE 22
slide-23
SLIDE 23

Validation Authority

  • An entity that provides services used to validate a

certificate

  • Certificate Revocation List (CRL)

 List of certificates that have been revoked, and therefore, entities presenting those (revoked) certificates should no longer be trusted  Two states: revoked & hold  Published and signed by the CA which issued the certificates, downloaded by browsers from a repository

slide-24
SLIDE 24

Certificate Revocation List

  • Advantages:
  • CRLs can be distributed via

untrusted communication

  • Contains information about all

certificates of one CA

  • Disadvantages
  • May grow large (several

megabytes)

  • Client has to download the

whole list

  • If download fails, by default

certificate is accepted

  • Client has to search the whole

list

  • Possible publishing periods of

up to one week

slide-25
SLIDE 25

Online Certificate Status Protocol

  • Alternative to CRL
  • June 1999, substituted in 2013 with RFC6990
  • Network protocol for checking validity of a certificate using its

identifier

  • Signed response from OCSP responder includes

 Certificate identifier  Certificate status value (‘good’, ‘revoked’, ‘unknown’)  Response validity interval

  • Advantages

 Possible real time check  Request for only one certificate possible  Fast response to certificate status (depending on underlying data)

slide-26
SLIDE 26

Use Case: e-Banking

How is the PKI used to ensure that you are really talking to the servers of your Bank?

Bank You

?

slide-27
SLIDE 27

Use Case: e-Banking

Certificate Authority Certificate request and check issues verfies Bank You TLS secured connection

slide-28
SLIDE 28

Tranport Layer Security (TLS)

  • 1. Negotiation Phase
  • 2. Authentication and Pre- Master Secret
  • 3. Decryption and Master Secret
  • 4. Generate Session Keys
  • 5. Encrypt with Session Key
slide-29
SLIDE 29

Negotiation Phase

  • Client requests a secure connection

 Provides highest supported TLS version  Provides a list of supported cipher suites

  • Server answers

 Indicates TLS verison he wants to use  Chooses one of the cypher suites  Sends his certificate

slide-30
SLIDE 30

Authentication and Pre-Master Secret

  • Client checks validity of the certificate
  • Client checks the signature of the cerificate to authentificate the

Bank

 Signature = hash value of the first part of the certificate  Signature is encrypted with the CA’s private key  Check is done by decyphering the signature and comparing the value with the hash value created by the client

  • The client generates a pre-master secret and encrypts it with the

server’s public key

slide-31
SLIDE 31

Master Secret and Session Keys

  • Server decrypts the pre-master secret
  • Client and Server generate master secret from the pre-

master secret

  • Client and Server use the master secret to generate

session keys

  • Session keys are used to secure the connection in a

symmetrical fashion

slide-32
SLIDE 32

How does a Certificate look like?

http://ipseclab.eit.lth.se/tiki-index.php?page=2.%20Background

slide-33
SLIDE 33

How does a Certificate look like?

http://ipseclab.eit.lth.se/tiki-index.php?page=2.%20Background

slide-34
SLIDE 34

How does a Certificate look like?

http://ipseclab.eit.lth.se/tiki-index.php?page=2.%20Background

slide-35
SLIDE 35

How does a Certificate look like?

slide-36
SLIDE 36

Cypher Suites

  • Cypher Suites are collections of authentication, encryption, message

authentication and key exchange algorithms.

https://www.openssl.org/docs/manmaster/apps/ciphers.html

slide-37
SLIDE 37

Economic Aspects

  • Who issues certificates?
  • What does it take to get a certificate?
slide-38
SLIDE 38

Certificate Authorities

  • Commercial CA
  • Free CA
  • Private CA
slide-39
SLIDE 39

Commercial CA

  • Build trust by undergoing audits, e.g. WebTrust
  • Follow guidelines based on CA/Browser Forum
  • Certificate types:

 Domain Certificate  Multi-Domain Certificate  Wildcard Certificate  Extended Validation Certificate

  • Limited Lifetime
slide-40
SLIDE 40

Commercial CA Market

  • Fragmented depending on use case:

 Digital signatures  SSL Certificates

W3Techs: Usage of SSL certificate authorities for websites from http://w3techs.com/technologies/overview/ssl_certificate/all

slide-41
SLIDE 41

Commercial CA Example

  • SwissSign

 Pricing:  Depending on certificate type  Range from 160.- CHF to 750.- CHF

 Process to get a certificate

 Buy a certificate license  Create User-Account  Use license to order a certificate  Send signed application form  Send copy of passport of requesting person  Send copy of passport of domain owner  Optional: Send copy of passport of company owner / representative  Optional: New companies (under 3 years): confirmation of the bank

slide-42
SLIDE 42

Alternative: Free CAs

  • CAcert.org
  • "Let's encrypt"
slide-43
SLIDE 43

Private CA

  • + Cheaper
  • + Faster to Install
  • - Only for your Organization
  • - You must protect your Private Key
slide-44
SLIDE 44

Questions?

slide-45
SLIDE 45

Discussion

slide-46
SLIDE 46

Do you care about your trusted CA’s?

slide-47
SLIDE 47

Is it justified to pay for certificates?

slide-48
SLIDE 48

Should the government be involved in digital certificates?

slide-49
SLIDE 49

Where do you see security problems?