on public key infrastructures
play

On Public-Key Infrastructures by Ronald L. Rivest MIT Lab for - PowerPoint PPT Presentation

Aug 19, 2022 •180 likes •549 views

On Public-Key Infrastructures by Ronald L. Rivest MIT Lab for Computer Science (SDSI is joint work with Butler Lampson) 1 1 1 Outline Context and history Motivation and goals SDSI (Simple Distributed Security

  1. On Public-Key Infrastructures by Ronald L. Rivest MIT Lab for Computer Science (SDSI is joint work with Butler Lampson) 1 1 1

  2. Outline  Context and history  Motivation and goals  “SDSI” (Simple Distributed Security Infrastructure): – syntax – public keys (principals) – naming and certificates – groups and access control 2 2 2

  3. The Context  Public-key cryptography invented in 1976 by Diffie, Hellman, and Merkle, enabling: – Digital signatures: private key signs, public key verifies. – Privacy: public key encyrpts, private key decrypts.  But: Are you using the “right” public key? Public keys must be authentic , even though they need not be secret . 3 3 3

  4. How to Obtain the “Right’’ PK?  Directly from its owner  Indirectly, in a signed message from a trusted certification agent (CA): – A certificate (Kohnfelder, 1978) is a digitally signed message from a CA binding a public key to a name: “The public key of Bob Smith is 4321025713765534220867 (signed: CA)’’ – Certificates can be passed around, or managed in directories. 4 4 4

  5. Scaling-Up Problems  How do I find out the CA’s public-key (in an authentic manner)?  How can everyone have a unique name ?  Will these unique names actually be useful to me in identifying the correct public key?  Will these names be easy to use? 5 5 5

  6. Hierarchical “Solution” Hierarchical “Solution”  (PEM, X.509): Use a global hierarchy with one (or few) top-level roots: A B C D  Use certificate chains (root to leaf): A B C D  Names are also hierarchical: A/B/C/D . 6 6 6

  7. Scaling-Up Problems (continued)  Global name spaces are politically and technically difficult to implement.  Legal issues arise if one wants certificates to support commerce or binding contracts. Standards of due care for issuing certificates must be created.  Nonetheless, a global hierarchical PK infrastructure is slowly beginning to appear (e.g. VeriSign). 7 7 7

  8. PGP “Solution”  User chooses name (userid) for his public key: Robert E. Smith <res@xyz.com>  Bottom-up approach where anyone can “certify” a key (and its attached userid).  “Web of trust” algorithm for determining when a key/userid is trusted. 8 8 8

  9. Is There a Better Way?  Reconsider goals...  Standard problem is to implement name key maps : – Given a public key, identify its owner by name – Find public key of a party with given name  But often the “real’’ problem is to build secure distributed computing systems: – Access control is paradigmatic application: should a digitally signed request (e.g. http request for a Web page) be honored? 9 9 9

  10. SDSI (a.k.a. “sudsy”)  S imple D istributed S ecurity I nfrastructure  Effort by Butler Lampson and myself to rethink what’s needed for distributed systems’ security.  Attempts to be fresh design (start with a clean slate). 10 10 10

  11. Motivations for designing SDSI:  Incredibly slow development of PK infrastructure  Sense that existing PK infrastructure proposals are: – too complex (e.g. ASN.1 encodings ) – an inadequate foundation for developing secure distributed systems  A sensed need within W3C security working group for a better PK infrastructure 11 11 11

  12. Related Work  IETF’s “SPKI” (Simple Public Key Infrastructure) working group (esp. Carl Ellison’s work)  Blaze, Feigenbaum, and Lacy’s work on “decentralized trust management”  W3C (world wide web consortium) work on security and on PICS  Evolution of X.509 standards 12 12 12

  13. SDSI has Simple Syntax A SDSI object (an S-expression ) may be: abc (token) “Bob Dole” (quoted string) (hexadecimal) #4A5B70 (base-64) =TRa5 #03:def (length:verbatim) [unicode] #3415AB8C (with hint) (list) ( RSA-with-MD5: ( E: #03 ) ( N: #42379F3A0721BB17 ) ) 13 13 13

  14. Keys are ``Principals’’  SDSI’s active agents (principals) are keys : specifically, the private keys that sign statements. We identify a principal with the corresponding verification (public) key: ( Principal: ( Public-Key: ( RSA-with-MD5: ( E: #03 ) ( N: #34FBA341FF73 ) ) ) ( Principal-At: “http://abc.def.com/” ) ) 14 14 14

  15. All Keys are Equal*  Each SDSI principal can make signed statements, just like any other principal.  These signed statements may be certificates, requests, or arbitrary S-expressions.  This egalitarian design facilitates rapid “bottom-up” deployment of SDSI.  * Some SDSI principals may have a special syntax, e.g.: VeriSign!! USPS!! 15 15 15

  16. Signed Objects  Signing adds a new signature element to end of list representing object being signed.  A signature can be managed independently of the corresponding signed object.  An object may be multiply-signed.  A signature element may itself be signed (this is used to reconfirm a signature). 16 16 16

  17. Users Deal with Names, not Keys  The point of having names is to allow a convenient understandable user interface.  To make it workable, the user must be allowed to choose names for keys he refers to in ACL’s.  The binding between names and keys is necessarily a careful manual process. (The evidence used may include credentials such as VeriSign or PGP certificates...) 17 17 17

  18. Names in SDSI are local  All names are local to some principal; there is no “global” name space. Each principal has its own local name space.  A principal can use arbitrary local names; there is no need for you and I to give the same name to a public key.  Two important exceptions: – linking of name spaces (indirection) – special treatment for DNS names 18 18 18

  19. Linking of name spaces  A principal can export name/value bindings by issuing corresponding certificates.  SDSI syntax supports linking (indirection); I can refer to keys (values) named: bob bob’s alice bob’s alice’s mother if I have defined bob , bob has defined alice , and alice has defined mother .  ( Sugar for ( ref: bob alice mother ) ) 19 19 19

  20. DNS names get special treatment  A name of the form: billg@microsoft.com is equivalent to the indirect form: DNS!!’s com’s microsoft’s billg  (This assumes that public keys for entities in the DNS have been created, which may happen in the not too distant future.) 20 20 20

  21. Certificates  Certificates are signed statements (signed S- expressions).  Certificates may bind names to values (e.g. to principals or group definitions), may describe the owner of public key, or serve other functions.  A certificate has an issuer (signer) and an expiration date. 21 21 21

  22. Sample Certificate ( Cert: ( Local-Name: “Bob Smith” ) ( Value: ( Principal: ... ) ) ( Signed: ( Object-Hash: ( SHA-1: #34FD4A ) ) ( Date: 1996-03-19T07:00 ) ( Expiration-Date: 2000-01-01T00:00 ) ( Signer: ( Principal: ... ) ) ( Signature: #57ACD1 ) ) ) 22 22 22

  23. Auto-Certificates describe signer ( Auto-Cert: ( Public-Key: ... ) ( Principal-At: http://bu.edu ) ( Server: http://aol.com ) ( Name: “Robert E. Smith” ) ( Postal-Address: ... ) ( Phone: 617-555-1212 ) ( Photo: [image/gif] ... ) ( Email: alice@abc.com ) ( Signed: ... ) ) 23 23 23

  24. On-line orientation  SDSI assumes that each principal can provide on-line service, either directly or (more typically) indirectly through a server.  A SDSI server provides: – access to certificates issued by the principal – access to other objects owned by principal – reconfirmation service for expired certificates (SDSI does not have CRL’s !) 24 24 24

  25. A Simple Query to Server  A server can be queried: “What is the current definition your principal gives to the local name `bob’ ?”  Server replies with: – Most recent certificate defining that name, – a signed reply: “no such definition”, or – a signed reply: “access denied.” 25 25 25

  26. Reconfirmation of Certificates  SDSI certificates have an expiration date, and may have a reconfirmation period.  A certificate is valid before expiration, as long as most recent signature is not older than reconfirmation period.  A principal (or one of its authorized servers) may reconfirm certificate by supplying a fresh reconfirmation signature . 26 26 26

  27. Access Control for Web Pages  Motivating application for design of SDSI.  Discretionary access control: server maintains an access-control list (ACL) for each object (e.g. web page) managed.  A central question: how to make ACL’s easy to create, understand, and maintain? (If it’s not easy, it won’t happen.)  Solution: named groups of principals 27 27 27

  28. Groups define sets of principals  Distributed version of UNIX “user groups”  A principal may define a local name to refer to a group of principals: – using names of other principals: friends = ( Group: bob alice tom ) – using names of other groups, and algebra: enemies = ( Group: ( OR: mgrs vps ) )  Defining principal can export group definitions, so you may say: friends = ( Group: ron ron’s friends ) 28 28 28

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Communicating the value of research infrastructures to the public, to policy makers and to various

Communicating the value of research infrastructures to the public, to policy makers and to various

Communicating the value of research infrastructures to the public, to policy makers and to various sectors of society Andrew Smith, Head of External Relations www.elixir-europe.org Matching treatments to cancers One in 10 women in the EU

556 views • 16 slides
Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group,

Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group,

Next-Generation Secure Public-Key Infrastructures Pawe Szaachowski Network Security Group, ETH Zrich Public Key Infrastructure (PKI) Scalability issues with symmetric crypto Distribution Challenges in managing n secrets

757 views • 39 slides
Public Key Infrastructures Using PKC to solve network security problems Distributing public

Public Key Infrastructures Using PKC to solve network security problems Distributing public

Public Key Infrastructures Using PKC to solve network security problems Distributing public keys P keys allow parties to share secrets over unprotected channels Extremely useful in an open network: Parties are not under a single

420 views • 21 slides
Surbana Jurong Investing in Public Health Infrastructures Pang Yee Ean Pandemic Healthcare

Surbana Jurong Investing in Public Health Infrastructures Pang Yee Ean Pandemic Healthcare

Surbana Jurong Investing in Public Health Infrastructures Pang Yee Ean Pandemic Healthcare Control System Fiscal Budget Economy Public Health as Priority for Infrastructure Funding MY PUNGGOL WATERWAY, SINGAPORE Singapores longest

284 views • 17 slides
Public Interest Tech = who gets to build critical digital infrastructures where, with which

Public Interest Tech = who gets to build critical digital infrastructures where, with which

Public Interest Tech = who gets to build critical digital infrastructures where, with which resources, to whose benefit, at what expense? Why am i here? Mostly: https://medium.com/@katharina.meyer/von-moonshots-und-protot

389 views • 17 slides
HPC Infrastructures HPC Infrastructures Moreno Baricevic CNR-INFM DEMOCRITOS, Trieste NETTAB

HPC Infrastructures HPC Infrastructures Moreno Baricevic CNR-INFM DEMOCRITOS, Trieste NETTAB

Distributed Applications, Web Services, Tools and GRID Infrastructures for Bioinformatics HPC Infrastructures HPC Infrastructures Moreno Baricevic CNR-INFM DEMOCRITOS, Trieste NETTAB 2006 - Santa Margherita di Pula (CA) - July 10-13, 2006

820 views • 40 slides
Public Key Infrastructures Foundations for secure e-commerce (bmevihim219) Dr. Levente Buttyn

Public Key Infrastructures Foundations for secure e-commerce (bmevihim219) Dr. Levente Buttyn

Public Key Infrastructures Foundations for secure e-commerce (bmevihim219) Dr. Levente Buttyn associate professor BME Hlzati Rendszerek s Szolgltatsok Tanszk Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu,

538 views • 25 slides
Outline Spatial Data Infrastructures Spatial Data Infrastructures Some Questions on SDIs

Outline Spatial Data Infrastructures Spatial Data Infrastructures Some Questions on SDIs

Outline Spatial Data Infrastructures Spatial Data Infrastructures Some Questions on SDIs Value Chain for GI production Is there a Future for World Wide Web and its Impact Spatial Data Infrastructures? The Geospatial Web

214 views • 5 slides
Information Infrastructures Week 1 LBSC 671 Creating Information Infrastructures Tonight

Information Infrastructures Week 1 LBSC 671 Creating Information Infrastructures Tonight

Information Infrastructures Week 1 LBSC 671 Creating Information Infrastructures Tonight Whats this class about? Pieces of the puzzle All the usual stuff (syllabus, grading, ) Information Wisdom Knowledge

368 views • 36 slides
Interoperation with Interoperation with Infrastructures: Infrastructures: NDGF-EGEE NDGF-EGEE

Interoperation with Interoperation with Infrastructures: Infrastructures: NDGF-EGEE NDGF-EGEE

Interoperation with Interoperation with Infrastructures: Infrastructures: NDGF-EGEE NDGF-EGEE Michael Grnager, PhD Technical Coordinator, NDGF International Symposium on Grid Computing 08 Taipei , April 11 th 2008 Outline Outline

616 views • 50 slides
Modeling Public Key Infrastructures in the Real World John Marchesini and Sean Smith BindView

Modeling Public Key Infrastructures in the Real World John Marchesini and Sean Smith BindView

Modeling Public Key Infrastructures in the Real World John Marchesini and Sean Smith BindView Corporation Dept. of Computer Science - Dartmouth College Making Trust Judgements PKIs give users information to make trust judgements Based

293 views • 12 slides
e- -Infrastructures Infrastructures Taking stock and looking ahead an European perspective p

e- -Infrastructures Infrastructures Taking stock and looking ahead an European perspective p

e- -Infrastructures Infrastructures Taking stock and looking ahead an European perspective p p p CHAIN EU-IndiaGrid2 Workshop CHAIN EU IndiaGrid2 Workshop on Research Applications of High Speed Connectivity Across Europe, India and

216 views • 20 slides
Carlos Dapena Gonzlez Infrastructures Manager cdapena@parcdelalba.cat

Carlos Dapena Gonzlez Infrastructures Manager cdapena@parcdelalba.cat

Carlos Dapena Gonzlez Infrastructures Manager cdapena@parcdelalba.cat www.barcelonasynchrotronpark.com @BSP_en May 2020 BARCELONA &lt; Barcelona DC Cluster Parc de lAlba is a 408-hectare public park made of 3 areas with 3 main

484 views • 14 slides
Exploring Potentials and Challenges of Blockchain-based Public Key Infrastructures Thomas Hepp,

Exploring Potentials and Challenges of Blockchain-based Public Key Infrastructures Thomas Hepp,

Exploring Potentials and Challenges of Blockchain-based Public Key Infrastructures Thomas Hepp, Fabian Sph, Alexander Schnhals, Ph Philip Ehret , and Bela Gipp WHOS BEHIND THE RESEARCH? Bela Gipp Thomas Hepp Alexander Schoenhals

424 views • 19 slides
The Web Week 10 LBSC 671 Creating Information Infrastructures Virtual Private Networks a

The Web Week 10 LBSC 671 Creating Information Infrastructures Virtual Private Networks a

The Web Week 10 LBSC 671 Creating Information Infrastructures Virtual Private Networks a secure private network over the public Internet Public Internet Intranet virtual leased line Intranet Tonight Think about what the Web

758 views • 63 slides
Software Upgrades of Beam and Ir Irradiation Test In Infrastructures in in AID IDA-2020

Software Upgrades of Beam and Ir Irradiation Test In Infrastructures in in AID IDA-2020

Advanced European Infrastructures for Detectors at Accelerators Software Upgrades of Beam and Ir Irradiation Test In Infrastructures in in AID IDA-2020 Blerina Gkotse 1,2 , Georgi Gorine 1 , Pierre Jouvelot 2 , Isidre Mateu 2 , Giuseppe

231 views • 11 slides
Curricular Practical Training (CPT) How Do I Obtain CPT Authorization? HOW DO I OBTAIN CPT

Curricular Practical Training (CPT) How Do I Obtain CPT Authorization? HOW DO I OBTAIN CPT

Curricular Practical Training (CPT) How Do I Obtain CPT Authorization? HOW DO I OBTAIN CPT AUTHORIZATION? 1. Register for and attend a MANDATORY CPT Information Session. You can register and find dates on Handshake by Mid-February YOU

320 views • 17 slides
2020 020-2021 SECC A Applicati tion R Review March 4 4, 2 2020 020 IMPORTANT D T DATE

2020 020-2021 SECC A Applicati tion R Review March 4 4, 2 2020 020 IMPORTANT D T DATE

2020 020-2021 SECC A Applicati tion R Review March 4 4, 2 2020 020 IMPORTANT D T DATE TES Applications are due by 5p.m. on April 3, 2020 For an initial review. Secondary and Final Review April 24, 2020 All corrective

344 views • 6 slides
SY306 Web and Databases for Cyber Operations Set #10: Cookies in JavaScript and Python

SY306 Web and Databases for Cyber Operations Set #10: Cookies in JavaScript and Python

SY306 Web and Databases for Cyber Operations Set #10: Cookies in JavaScript and Python https://www.w3schools.com/js/js_cookies.asp https://docs.python.org/3/library/http.cookies.html

138 views • 9 slides
Affinity Group December 18, 2018 The University of Wisconsin Service Center will Serve

Affinity Group December 18, 2018 The University of Wisconsin Service Center will Serve

Affinity Group December 18, 2018 The University of Wisconsin Service Center will Serve the people of the University of Wisconsin System Collaborate by being supportive and constructive Act with Integrity always and in all

417 views • 26 slides
SESSION 9: OPTION PRICING BASICS Aswath Damodaran The ingredients that make an option 2

SESSION 9: OPTION PRICING BASICS Aswath Damodaran The ingredients that make an option 2

Aswath Damodaran 1 SESSION 9: OPTION PRICING BASICS Aswath Damodaran The ingredients that make an option 2 An option provides the holder with the right to buy or sell a specified quantity of an underlying asset at a fixed price

764 views • 16 slides
Providing access to IT-services for guests Two solutions for guest users provisioning

Providing access to IT-services for guests Two solutions for guest users provisioning

Providing access to IT-services for guests Two solutions for guest users provisioning Jasmina Hodzic, University of Oslo Background University of Oslo About 7 500 employees (staff and faculty) About 33 000 students

338 views • 20 slides
Client-side Verification of Credit Card Payment Information CS453 Electronic Commerce Homework #2

Client-side Verification of Credit Card Payment Information CS453 Electronic Commerce Homework #2

Client-side Verification of Credit Card Payment Information CS453 Electronic Commerce Homework #2 JavaScript Due: by 8pm Tuesday, July 21, 2009, via Collab Collaboration rules: For summer term, you must work individually on this assignment.

211 views • 4 slides
FY 2019 COMPETITIVE GRANTS Q &amp; A Presented by October 17, 2018 Erica A. McCormick, TSLAC

FY 2019 COMPETITIVE GRANTS Q &amp; A Presented by October 17, 2018 Erica A. McCormick, TSLAC

FY 2019 COMPETITIVE GRANTS Q &amp; A Presented by October 17, 2018 Erica A. McCormick, TSLAC Grants Administrator WHAT WELL COVER Action items Contracts Calendar Publicity Performance measures Financial reporting

606 views • 36 slides

More recommend