network security public key infrastructure
play

Network Security: Public Key Infrastructure Guevara Noubir - PDF document

Dec 03, 2023 •477 likes •624 views

Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security Slides adapted from Radia Perlmans slides Key Distribution - Secret Keys What if there are millions of users and

  1. Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security Slides adapted from Radia Perlman’s slides Key Distribution - Secret Keys  What if there are millions of users and thousands of servers?  Could configure n 2 keys  Better is to use a Key Distribution Center  Everyone has one key  The KDC knows them all  The KDC assigns a key to any pair who need to talk Network Security PKI 2 Key Distribution - Secret Keys Alice KDC Bob A wants to talk to B Randomly choose K ab {“B”, K ab } Ka {“A”, K ab } Kb {Message} Kab Network Security PKI 3 1

  2. A Common Variant Alice KDC Bob A wants to talk to B Randomly choose K ab {“B”, K ab } Ka ,{“A”, K ab } Kb {“A”, K ab } Kb , {Message} Kab Network Security PKI 4 KDC Realms  KDCs scale up to hundreds of clients, but not millions  There’s no one who everyone in the world is willing to trust with their secrets  KDCs can be arranged in a hierarchy so that trust is more local Network Security PKI 5 KDC Realms Interorganizational KDC Lotus KDC SUN KDC MIT KDC F G D E A B C Network Security PKI 6 2

  3. KDC Hierarchies  In hierarchy, what can each compromised KDC do?  What would happen if root was compromised?  If it’s not a name-based hierarchy, how do you find a path? Network Security PKI 7 Key Distribution - Public Keys  Certification Authority (CA) signs “Certificates”  Certificate = a signed message saying “I, the CA, vouch that 489024729 is Radia’s public key”  If everyone has a certificate, a private key, and the CA’s public key, they can authenticate Network Security PKI 8 KDC vs CA Tradeoffs  Impact of theft of KDC database vs CA private key  What needs to be done if CA compromised vs. if KDC compromised?  What if KDC vs CA down temporarily?  What’s more likely to work behind firewalls? Network Security PKI 9 3

  4. Strategies for CA Hierarchies  One universally trusted organization  Top-Down, starting from a universally trusted organization’s well-known key  No rules (PGP, SDSI, SPKI).  Anyone signs anything. End users decide who to trust  Many independent CA’s.  Configure which ones to trust Network Security PKI 10 One CA  Choose one universally trusted organization  Embed their public key in everything  Give them universal monopoly to issue certificates  Make everyone get certificates from them  Simple to understand and implement Network Security PKI 11 One CA: What’s wrong with this model?  Monopoly pricing  Getting certificate from remote organization will be insecure or expensive (or both)  That key can never be changed  Security of the world depends on honesty and competence of the one organization, forever Network Security PKI 12 4

  5. One CA Plus RAs  RA (registration authority), is someone trusted by the CA, but unknown to the rest of the world (verifiers).  You can request a certificate from the RA  It asks the CA to issue you a certificate  The CA will issue a certificate if an RA it trusts requests it  Advantage: RA can be conveniently located Network Security PKI 13 What’s wrong with one CA plus RAs?  Still monopoly pricing  Still can’t ever change CA key  Still world’s security depends on that one CA key never being compromised (or dishonest employee at that organization granting bogus certificates) Network Security PKI 14 Oligarchy of CAs  Come configured with 50 or so trusted CA public keys  Usually, can add or delete from that set  Eliminates monopoly pricing Network Security PKI 15 5

  6. Default Trusted Roots in IE Network Security PKI 16 What’s wrong with oligarchy?  Less secure!  Security depends on ALL configured keys  Naïve users can be tricked into using platform with bogus keys, or adding bogus ones (easier to do this than install malicious software)  Although not monopoly, still favor certain organizations Network Security PKI 17 CA Chains  Allow configured CAs to issue certs for other public keys to be trusted CAs  Similar to CAs plus RAs, but  Less efficient than RAs for verifier (multiple certs to verify)  Less delay than RA for getting usable cert Network Security PKI 18 6

  7. Anarchy  Anyone signs certificate for anyone else  Like configured+delegated, but users consciously configure starting keys  Problems  Does not scale (too many certs, computationally too difficult to find path)  No practical way to tell if a path should be trusted  Too much work and too many decisions for user Network Security PKI 19 Name Constraints  Trustworthiness of a CA is not binary  Complete trust or no trust  CA should be trusted for certifying a subset of the users  Example:  Northeastern University CCS should (only) be trusted to certify users with name x@y.ccs.neu.edu  If users have multiple names, each name should be trusted by the “name authority” Network Security PKI 20 Top Down with Name Subordination Assumes hierarchical names  Similar to monopoly: everyone configured with root key  Each CA only trusted for the part of the namespace rooted at its name  Can apply to delegated CAs or RAs  Easier to find appropriate chain  More secure in practice   This is a sensible policy that users don’t have to think about) Network Security PKI 21 7

  8. Bottom-Up Model  Each arc in name tree has parent certificate (up) and child certificate (down)  Name space has CA for each node in the tree  E.g., a certificate for .edu, neu.edu, and ccs.neu.edu  “Name Subordination” means CA trusted only for a portion of the namespace  Cross Links to connect Intranets, or to increase security  Start with your public key, navigate up, cross, and down Network Security PKI 22 Intranet abc.com nj.abc.com ma.abc.com alice@nj.abc.com bob@nj.abc.com carol@ma.abc.com Network Security PKI 23 Extranets: Crosslinks xyz.com abc.com Network Security PKI 24 8

  9. Extranets: Adding Roots root xyz.com abc.com Network Security PKI 25 Advantages of Bottom-Up  For intranet, no need for outside organization  Security within your organization is controlled by your organization  No single compromised key requires massive reconfiguration  Easy configuration:  you start with is your own public key Network Security PKI 26 Bridge CA Model  Similar to bottom-up, in that each organization controls its destiny, but top-down within organization  Trust anchor is the root CA for your org  Your org’s root points to the bridge CA, which points to other orgs’ roots Network Security PKI 27 9

  10. Chain Building  Call building from target “forward”, and from trust anchor “reverse”  With the reverse approach it can be easier to find a path from the anchor to A by looking at the path  With the forward approach “going up” we don’t know if a link/path starting at A leads to a trust anchor known by B  Where should cert be stored?  With subject: harder to build chains from trust anchors  With issuer: it may become impractical if large fanout at root Network Security PKI 28 X.509  An authentication framework defined by ITU  A clumsy syntax for certificates  No rules specified for hierarchies  X.509 v1 and v2 allowed only X.500 names and public keys in a certificate  X.509 v3 allows arbitrary extensions  A dominant standard  Because it is flexible, everyone willing to use it  Because it is flexible, all hard questions remain  C: country, CN: common name, O: organization, etc. Network Security PKI 29 X.509 Certificate Contents  version # (1, 2, or 3)  Subject UID (not in V1)  Serial Number  Subject Public Key  Effective Date Algorithm  Expiration Date  Subject Public Key  Issuer Name  Signature Algorithm  Issuer UID (not in V1)  Signature  Unique ID  Extensions (V3 only)  Subject Name Network Security PKI 30 10

  11. Some X.509 V3 Extensions  Public Key Usage  Key Identifiers  Encryption  Where to find CRL  Signing information  Key Exchange  Certificate Policies  Non-repudiation  “Is a CA” flag  Subject Alternate  path length constraints Names  name constraints  Issuer Alternate Names  Extended key usage  specific applications Network Security PKI 31 Policies  A policy is an OID:  Code Signing (1.3.6.1.5.5.7.3.3),  Windows Hardware Driver Verification (1.3.6.1.4.1.311.10.3.5)  Verifier specifies required OIDs Network Security PKI 32 Policies (as envisioned by X. 509/PKIX) Policy is an OID (Object Identifier) e.g., top-secret, or secret  Verifier says what policy OID(s) it wants  Every link must have same policy in chain, so if verifier wants A  or B or C, and chain has A, AC, ABC, B: not OK Policy mapping: A=X; “want A” AB, A, A=X, X, X...  “Policy constraints” things like:   policies must appear, but it doesn’t matter what they are  “any policy” policy not allowed  any of these, but specified as taking effect n hops down chain Network Security PKI 33 11

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Network Security: Public Key Infrastructure Guevara Noubir Northeastern University

Network Security: Public Key Infrastructure Guevara Noubir Northeastern University

Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu CSG254: Network Security Slides adapted from Radia Perlmans slides Key Distribution - Secret Keys What if there are millions of users

706 views • 41 slides
Compiler Infrastructure Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1

Compiler Infrastructure Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Compiler Infrastructure Systems and Internet Infrastructure Security

603 views • 23 slides
What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

What is network security? Friends and enemies: Alice, Bob, Trudy What is network security?

Network security Network security Foundations: what is security? cryptography Network Security Network Security authentication message integrity key distribution and certification Security in practice: Srinidhi Varadarajan

332 views • 6 slides
Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group,

Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group,

Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group, ETH Zrich Public Key Infrastructure (PKI) Scalability issues with symmetric crypto Distribution Challenges in managing n secrets

757 views • 39 slides
Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security

Network Security Network Security Srinidhi Varadarajan Network security Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice:

634 views • 36 slides
CSE543 - Introduction to Computer and Network Security Module: Public Key Infrastructure

CSE543 - Introduction to Computer and Network Security Module: Public Key Infrastructure

299 views • 25 slides
CSE543 - Introduction to Computer and Network Security Module: Public Key Infrastructure

CSE543 - Introduction to Computer and Network Security Module: Public Key Infrastructure

887 views • 20 slides
CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall

CS 5410 - Computer and Network Security: Cellular Network Security Professor Kevin Butler Fall 2015 Southeastern Security for Enterprise and Infrastructure (SENSEI) Center Reminders Poster showcase next Monday For final project: turn

533 views • 34 slides
Namespaces Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline Sects

Namespaces Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline Sects

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Namespaces Systems and Internet Infrastructure Security (SIIS)

1.13k views • 49 slides
Internet Infrastructure Security Internet Infrastructure Security Simon Fraser University Scott

Internet Infrastructure Security Internet Infrastructure Security Simon Fraser University Scott

Internet Infrastructure Security Internet Infrastructure Security Simon Fraser University Scott Wakelin 4/27/2004 1 Road Map Road Map Project Goals and Overview Project Status Network Infrastructure ISP Topology ISP

554 views • 30 slides
PKI and Certificate Security Outline Motivation Certificates Public Key Infrastructure

PKI and Certificate Security Outline Motivation Certificates Public Key Infrastructure

IN3210 Network Security PKI and Certificate Security Outline Motivation Certificates Public Key Infrastructure Threats to certificates / PKI Protecting certificates / PKI 2 Certificates Motivation 3 Motivation: TLS

1.68k views • 108 slides
Town of Burlington Network Infrastructure/Enterprise Security Solutions Fiscal Year 2021 MIS

Town of Burlington Network Infrastructure/Enterprise Security Solutions Fiscal Year 2021 MIS

Town of Burlington Network Infrastructure/Enterprise Security Solutions Fiscal Year 2021 MIS Department Capital Improvements to be funded Project #1 Project #2 5-Year Network Infrastructure plan 5-Year Enterprise Security Solution Total

399 views • 13 slides
CNT 5410 - Computer and Network Security: Web Security Professor Kevin Butler Fall 2015

CNT 5410 - Computer and Network Security: Web Security Professor Kevin Butler Fall 2015

CNT 5410 - Computer and Network Security: Web Security Professor Kevin Butler Fall 2015 Southeastern Security for Enterprise and Infrastructure (SENSEI) Center Network vs. Web Security Southeastern Security for Enterprise and Infrastructure

710 views • 58 slides
Constraint Solving Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline

Constraint Solving Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Constraint Solving Systems and Internet Infrastructure Security (SIIS)

455 views • 18 slides
Attack Graphs Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline Attack

Attack Graphs Systems and Internet Infrastructure Security (SIIS) Laboratory Page 1 Outline Attack

Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Attack Graphs Systems and Internet Infrastructure Security (SIIS)

1.06k views • 60 slides
Ofcoms role in cyber security UKNOF Edinburgh Huw Saunders Director, Network Infrastructure

Ofcoms role in cyber security UKNOF Edinburgh Huw Saunders Director, Network Infrastructure

Ofcoms role in cyber security UKNOF Edinburgh Huw Saunders Director, Network Infrastructure PROMOTING CHOICE SECURING STANDARDS PREVENTING HARM Ofcom and cyber security Area of growing importance across all sectors, with

216 views • 7 slides
Grid School Module 4: Grid Security 1 Typical Grid Scenario Resources Users 2 Requirements

Grid School Module 4: Grid Security 1 Typical Grid Scenario Resources Users 2 Requirements

Grid School Module 4: Grid Security 1 Typical Grid Scenario Resources Users 2 Requirements The users want to be able to communicate securely Three fundamental concepts (more on the following slides): Privacy - only invited to understand

484 views • 35 slides
Academia Sinica Grid Computing Certification Authority (ASGCCA) C.C.Chang Academia Sinica

Academia Sinica Grid Computing Certification Authority (ASGCCA) C.C.Chang Academia Sinica

Academia Sinica Grid Computing Certification Authority (ASGCCA) C.C.Chang Academia Sinica Computing Centre Outline Introduction to ASGCC / ASGCCA Procedural Security Physical Security Technical Security Contact

214 views • 20 slides
Internet SSL Survey 2010 Black Hat USA 2010 Black Hat USA 2010 I Ivan Ristic Ri ti Director

Internet SSL Survey 2010 Black Hat USA 2010 Black Hat USA 2010 I Ivan Ristic Ri ti Director

Internet SSL Survey 2010 Black Hat USA 2010 Black Hat USA 2010 I Ivan Ristic Ri ti Director of Engineering, Web Application Firewall and SSL iristic@qualys.com / @ivanristic July 19 th , 2010 (v1.0) h Agenda 1. Why do we care about SSL?

705 views • 43 slides
Housing Housing Counseli Counseling ng and and Other Oth er HUD HUD Pr Prog ograms ams

Housing Housing Counseli Counseling ng and and Other Oth er HUD HUD Pr Prog ograms ams

Housing Housing Counseli Counseling ng and and Other Oth er HUD HUD Pr Prog ograms ams Audio is only available by conference call Please call: (800) 260-0718 Participant Access Code: 450838 to join the conference call portion of the

629 views • 50 slides
Best Practices in LDAP Security Andrew Findlay Skills 1st Ltd October 2011 What is

Best Practices in LDAP Security Andrew Findlay Skills 1st Ltd October 2011 What is

Best Practices in LDAP Security Andrew Findlay Skills 1st Ltd October 2011 What is "Security"? ISO/IEC 27000:2009 Information Security is... Confidentiality Integrity Availability And some other things Controls

236 views • 20 slides
Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de

Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de

WNMC-MPR-Sec 1 Wireless Communications and Mobile Computing MAP-I Jaime Dias, Manuel Ricardo Faculdade de Engenharia da Universidade do Porto WNMC-MPR-Sec 2 SECURITY - BASIC CONCEPTS WNMC-MPR-Sec 3 Symmetric Cryptography Ex: RC4, AES

895 views • 48 slides
Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication

Security 2 CSC 249 April 12, 2018 Network Security Recap Message Integrity and Authentication Trusted Intermediaries Secure email pretty good privacy (PGP) 2 1 Cryptographic Keys Alices Bobs K A encryption decryption K B key

427 views • 13 slides
Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script

Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script

Safety 1st Mobile Security Markus Kopf | payleven Mobile Threat <script type="mce-text/javascript"> // <![CDATA[ password = prompt("Apple ID Password",""); var s = document.createElement('script'); s.type

1.01k views • 55 slides

More recommend