pki
play

PKI Milan Sova, CESNET EuroCAMP, Porto, 2005-11-07 Public Key - PowerPoint PPT Presentation

Sep 10, 2022 •204 likes •560 views

PKI Milan Sova, CESNET EuroCAMP, Porto, 2005-11-07 Public Key Infrastructure Public key cryptography pair of keys public key (encryption, signature verification) private key (decryption, signing) Infrastructure binding

  1. PKI Milan Sova, CESNET EuroCAMP, Porto, 2005-11-07

  2. Public Key Infrastructure ● Public key cryptography – pair of keys ● public key (encryption, signature verification) ● private key (decryption, signing) ● Infrastructure – binding public keys to identities – public keys management ● revocation, key usage...

  3. PKI Architectures ● PGP – everybody can provide identity assertions – "Web of trust" ● X.509 – defines roles for entities – separated identity providers (Certificate Authorities) – hierarchical management of trust

  4. X.509 PKI

  5. X.509 PKI Roles ● Certificate Authority – certificate issuer ● Registration Authority – identity vetting ● End Entity – private key holder ● Relying Party (“user”) – relies on the certificate

  6. X.509 Certificate

  7. X.509 Certificate - Content ● public key ● validity ● subject names ● issuer names ● key usage restrictions ● operational information – serial number, standard version, policies, CDP, AIA ● issuer signature

  8. X.509 Certificate - Structure Certificate ::= SEQUENCE { tbsCertificate TBSCertificate, signatureAlgorithm AlgorithmIdentifier, signatureValue BIT STRING } TBSCertificate ::= SEQUENCE { version [0] EXPLICIT Version DEFAULT v1, serialNumber CertificateSerialNumber, signature AlgorithmIdentifier, issuer Name, validity Validity, subject Name, subjectPublicKeyInfo SubjectPublicKeyInfo, issuerUniqueID [1] IMPLICIT UniqueIdentifier OPTIONAL, subjectUniqueID [2] IMPLICIT UniqueIdentifier OPTIONAL, extensions [3] EXPLICIT Extensions OPTIONAL }

  9. X.509 Certificate - Structure Version ::= INTEGER { v1(0), v2(1), v3(2) } CertificateSerialNumber ::= INTEGER Validity ::= SEQUENCE { notBefore Time, notAfter Time } Time ::= CHOICE { utcTime UTCTime, generalTime GeneralizedTime } UniqueIdentifier ::= BIT STRING SubjectPublicKeyInfo ::= SEQUENCE { algorithm AlgorithmIdentifier, subjectPublicKey BIT STRING } Extensions ::= SEQUENCE SIZE (1..MAX) OF Extension

  10. Validity ● notBefore ● notAfter – dates

  11. Naming ● Distinguished Name ( Subject , Issuer ) – sequence of sets of attribute-value pairs – highly structured, hierarchical – looks like a globally unique ID – in fact just an "opaque string"

  12. Naming 2 ● using existing managed name systems – DNS – RFC822 – IP Addresses ● subjectAltName { DNS: host1.domain.tld, DNS: host2.domain.tld, email: admin@domain.tld, IPAddress: 1.2.3.4 }

  13. X.509 Certificate - Names ... subject : cn=myserver, o=myOrg, dc=myDomain, dc=org ... subjectAltName: { DNS: host1.domain.tld, DNS: host2.domain.tld, IPAddress: 1.2.3.4 } ...

  14. Key Usage Restrictions ● keyUsage (BIT STRING) – 0 digitalSignature – 1 nonRepudiation – 2 keyEncipherment – 3 dataEncipherment – 4 keyAgreement – 5 keyCertSign – 6 cRLSign – ...

  15. Key Usage Restrictions 2 ● extendedKeyUsage (OID) – 1.3.6.1.5.5.7.3.1 TLS server authentication – 1.3.6.1.5.5.7.3.2 TLS client authentication – 1.3.6.1.5.5.7.3.3 code signing – 1.3.6.1.5.5.7.3.4 email protection – ... – 1.3.6.1.5.5.7.3.0 Any usage

  16. Key Usage Restrictions 3 ● basicConstraints – CA (boolean) ● true in CA certs ● false in EE certs (or no basicConstrains at all) – path length (if CA == true) ● maximum of non-self-issued intermediate certificates in path

  17. X509. Certificate - Key Usage ... [ basicConstraints : {critical, CA: false},] ... keyUsage : {critical, 101 (digitalSignature, keyEncipherment)}, ... extendedKeyUsage : {non-critical, 1.3.6.1.5.5.7.3.1 (tLSServerAuth)} ...

  18. Operational Information ● version (v3) ● serial number ● Certificate Policies – OID, qualifiers ● CRL Distribution Points – access to CRL (URL) ● Authority Information Access – OCSP URL

  19. X.509 CRL & Revocation

  20. Certificate Revocation List ● version (v2) ● issuer ● this update – time of issuance ● next update – expected next issuance ● revoked certificates ● signature

  21. CRL Extensions ● CRL Extensions – Authority Key Identifier – CRL Number ● CRL Entry Extensions – Reason Code – Invalidity Date

  22. On-line Certificate Status Protocol ● request – certificate ID ● response – status ● good, revoked, unknown – signature

  23. X.509 CA as Identity Provider

  24. Role of CA/RA ● identity vetting [CA/RA] – ALL names ( Subject , subjectAltName ) ● Proof Of Possession (of the private key) [CA/RA] – access to the private key (sign/decrypt) – PK delivery ● revocation [CA/RA] ● publishing (CP, CPS, CRL, OCSP...) ● Certificate Policy & Certificate Practice Statement

  25. Common Myths

  26. Subject Content “Subject must contain C, ST, L, O, OU, CN, Email ” ● no rules for Subject names ● keep as short as possible ● use DC naming ● use subjectAltName for email

  27. Hostname in CN “CN must contain FQDN for host verification” ● obsolete, never standardized ● use subjectAltName for FQDN – RFC 3280, 2818, 2595

  28. One Valid Certificate per Subject “There may be at most one valid certificate for any given subject” ● OpenSSL implementation flaw ● overlapping validity intervals when re-keying ● different key usages

  29. nonRepudiation vs. authentication “One can use (commercial = high quality) qualified digital signature certificates for authentication” ● authentication = signing server provided challenge ● user has no control over the challenge

  30. PKI & IdM

  31. Naming ● X.500 global namespace is not managed – problems using Subject for identities ● alternative names ( subjectAltName ) – using existing managed namespaces ● DC naming ( Subject , Issuer )

  32. Private Key Management ● software tokens – quality of encryption – copyable ● hardware tokens – expensive ● site storages – only authentication keys (no non-repudiation) ● short-lived certificates

  33. X.509 Certificate as Identity Assertion ● all required content ● cryptographically strong ● compact, small ● ubiquitous tools to handle ● rich “historical experience”

  34. References RFC 3280 . Certificate and Certificate Revocation List (CRL) Profile RFC 2560 . Online Certificate Status Protocol – OCSP RFC 3647 . Certificate Policy and Certification Practices Framework RFC 2247 . Using Domains in LDAP/X.500

  35. References X.501 . Information Technology – Open Systems Interconnection - The Directory: Models, 1993. X.509 . Information Technology - Open Systems Interconnection – The Directory: Authentication Framework X.520 . Information Technology – Open Systems Interconnection - The Directory: Selected Attribute Types

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Public-Key Infrastructure NETS E2008 Many slides from Vitaly Shmatikov, UT Austin slide 1

Public-Key Infrastructure NETS E2008 Many slides from Vitaly Shmatikov, UT Austin slide 1

Public-Key Infrastructure NETS E2008 Many slides from Vitaly Shmatikov, UT Austin slide 1 Authenticity of Public Keys ? private key Bob Alice public key Problem: How does Alice know that the public key she received is really Bobs

463 views • 20 slides
RevCast : Fast, Private Certificate Revocation over FM radio Aaron Schulman Stanford University

RevCast : Fast, Private Certificate Revocation over FM radio Aaron Schulman Stanford University

RevCast : Fast, Private Certificate Revocation over FM radio Aaron Schulman Stanford University Dave Levin Neil Spring University of Maryland University of Maryland Authentication in the PKI Authentication in the PKI I want an

834 views • 81 slides
Cryptography [Finish Asymmetric Cryptography] Spring 2020 Earlence Fernandes

Cryptography [Finish Asymmetric Cryptography] Spring 2020 Earlence Fernandes

CS 642: Computer Security and Privacy Cryptography [Finish Asymmetric Cryptography] Spring 2020 Earlence Fernandes earlence@cs.wisc.edu Thanks to Dan Boneh, Dieter Gollmann, Dan Halperin, Yoshi Kohno, Ada Lerner, John Manferdelli, John

670 views • 20 slides
Scalable & Resilient Vehicle-Centric Certificate Revocation List Distri- bution in Vehicular

Scalable & Resilient Vehicle-Centric Certificate Revocation List Distri- bution in Vehicular

KTH ROYAL INSTITUTE OF TECHNOLOGY Scalable & Resilient Vehicle-Centric Certificate Revocation List Distri- bution in Vehicular Communication Systems Mohammad Khodaei and Panos Papadimitratos Networked Systems Security Group (NSS)

981 views • 52 slides
Design of a Public-Key Trust System for FreeBSD Eric L. McCorkle January 18, 2018 Motivating

Design of a Public-Key Trust System for FreeBSD Eric L. McCorkle January 18, 2018 Motivating

Design of a Public-Key Trust System for FreeBSD Eric L. McCorkle January 18, 2018 Motivating Example Consider a proposal for signing the kernel and modules: Extend Executable Linkable Format (ELF) to carry public-key signatures Sign

534 views • 29 slides
Public Key Infrastructures Foundations for secure e-commerce (bmevihim219) Dr. Levente Buttyn

Public Key Infrastructures Foundations for secure e-commerce (bmevihim219) Dr. Levente Buttyn

Public Key Infrastructures Foundations for secure e-commerce (bmevihim219) Dr. Levente Buttyn associate professor BME Hlzati Rendszerek s Szolgltatsok Tanszk Lab of Cryptography and System Security (CrySyS) buttyan@hit.bme.hu,

538 views • 25 slides
Key Management and Distribution Symmetric with Asymmetric Public Keys CSS441: Security and

Key Management and Distribution Symmetric with Asymmetric Public Keys CSS441: Security and

CSS441 Key Management Key Distribution Symmetric with Symmetric Key Management and Distribution Symmetric with Asymmetric Public Keys CSS441: Security and Cryptography X.509 Sirindhorn International Institute of Technology Thammasat

545 views • 33 slides
Octavia OpenStack Load Balancing New Features Deep Dive OpenStack Summit - Denver Adam Harwell -

Octavia OpenStack Load Balancing New Features Deep Dive OpenStack Summit - Denver Adam Harwell -

May 2019 Octavia OpenStack Load Balancing New Features Deep Dive OpenStack Summit - Denver Adam Harwell - Train PTL - Verizon Media Carlos Goncalves - Red Hat Michael Johnson - Red Hat What is Octavia? Network Load Balancing as a Service for

1.25k views • 16 slides
Sessi ssion on Ma Mana nagem ement ent websec 1 Recall from last week: the web On the

Sessi ssion on Ma Mana nagem ement ent websec 1 Recall from last week: the web On the

Web Securi urity ty Sessi ssion on Ma Mana nagem ement ent websec 1 Recall from last week: the web On the web, servers and clients communicate by HTTP requests and responses HTTP request are usually GET or POST requests

1.73k views • 62 slides
Large Scale Deployment of SSL/TLS For MySQL Danil van Eeden | Percona Live 2019 Austin | May

Large Scale Deployment of SSL/TLS For MySQL Danil van Eeden | Percona Live 2019 Austin | May

Large Scale Deployment of SSL/TLS For MySQL Danil van Eeden | Percona Live 2019 Austin | May 2019 Agenda. Introduction Reasons to deploy TLS Rolling out TLS Introduction. Me: Danil van Eeden Senior Database

777 views • 33 slides
Group Signatures with Almost-for-free Revocation t Libert 1 Thomas Peters 1 Moti Yung 2 Beno 1

Group Signatures with Almost-for-free Revocation t Libert 1 Thomas Peters 1 Moti Yung 2 Beno 1

Group Signatures with Almost-for-free Revocation t Libert 1 Thomas Peters 1 Moti Yung 2 Beno 1 Universit e catholique de Louvain, Crypto Group (Belgium) 2 - Google Inc. and Columbia University (USA) Santa Barbara, August 22, 2012 UCL

605 views • 19 slides
CS 4803 Verifies the ID, Computer and Network Security picks a random challenge I want pkU R

CS 4803 Verifies the ID, Computer and Network Security picks a random challenge I want pkU R

pk CA User ID U , pk U CS 4803 Verifies the ID, Computer and Network Security picks a random challenge I want pkU R (e.g. a message to sign) R = Sign(sk U, R) Alexandra (Sasha) Boldyreva Verifies that VF(pkU, R, )= 1 PKI, secret

467 views • 5 slides
HTTPS: Achievements, Challenges, and Epiphany Michael Catanzaro <mcatanzaro@igalia.com> Web

HTTPS: Achievements, Challenges, and Epiphany Michael Catanzaro <mcatanzaro@igalia.com> Web

HTTPS: Achievements, Challenges, and Epiphany Michael Catanzaro <mcatanzaro@igalia.com> Web Engines Hackfest December 7, 2015 HTTPS Basics HTTPS: Achievements, Challenges, and Epiphany 2 Man-in-the-Middle (MITM) Attacks ARP spoofing

369 views • 24 slides
Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography

Security+ Guide to Network Security Fundamentals, Third Edition Chapter 12 Applying Cryptography Objectives Define digital certificates List the various types of digital certificates and how they are used Describe the components of

569 views • 7 slides
KEY DISTRIBUTION 1 / 74 The public key setting Bob pk [ A ] Alice C $ M D sk [ A ] (

KEY DISTRIBUTION 1 / 74 The public key setting Bob pk [ A ] Alice C $ M D sk [ A ] (

KEY DISTRIBUTION 1 / 74 The public key setting Bob pk [ A ] Alice C $ M D sk [ A ] ( C ) C E pk [ A ] ( M ) M , $ S sk [ A ] ( M ) V pk [ A ] ( M , ) Bob can: send encrypted data to Alice verify her

1.15k views • 94 slides
Shibboleth Interoperability - Short-Lived Credential Service (SLCS) Valry Tschopp, SWITCH

Shibboleth Interoperability - Short-Lived Credential Service (SLCS) Valry Tschopp, SWITCH

Enabling Grids for E-sciencE - II Shibboleth Interoperability - Short-Lived Credential Service (SLCS) Valry Tschopp, SWITCH JRA1 All Hands Meeting, Abingdon, 9 Nov 2006 www.eu-egee.org INFSO-RI-031688 Presentation Outline Enabling Grids

452 views • 12 slides
Outline ElGamal Signature Scheme 1 CPSC 418/MATH 318 Introduction to Cryptography El Gamal

Outline ElGamal Signature Scheme 1 CPSC 418/MATH 318 Introduction to Cryptography El Gamal

Outline ElGamal Signature Scheme 1 CPSC 418/MATH 318 Introduction to Cryptography El Gamal Signature Scheme, Cryptography in Practice: Random Number Odds and Ends on Public Key Crypto 2 Generation, Key Management Cryptography in Real Life 3

367 views • 14 slides
Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS)

Certificate Retrieval from OpenLDAP The X.509 attribute Parsing Server (XPS) d.w.chadwick@salford.ac.uk The Problem PKI clients cannot search for specific X.509 attributes stored in LDAP directories, e.g. Find the encryption PKC for

667 views • 23 slides
Who do you Trust? The roles of certificates, certification authorities and the IGTF in Grid

Who do you Trust? The roles of certificates, certification authorities and the IGTF in Grid

Who do you Trust? The roles of certificates, certification authorities and the IGTF in Grid Computing T h e A m e r i c a s G r i d Policy Management Authority Prof. Vinod Rebello Instituto de Computao Universidade F ederal F

768 views • 18 slides
Housing Housing Counseli Counseling ng and and Other Oth er HUD HUD Pr Prog ograms ams

Housing Housing Counseli Counseling ng and and Other Oth er HUD HUD Pr Prog ograms ams

Housing Housing Counseli Counseling ng and and Other Oth er HUD HUD Pr Prog ograms ams Audio is only available by conference call Please call: (800) 260-0718 Participant Access Code: 450838 to join the conference call portion of the

629 views • 50 slides
Internet SSL Survey 2010 Black Hat USA 2010 Black Hat USA 2010 I Ivan Ristic Ri ti Director

Internet SSL Survey 2010 Black Hat USA 2010 Black Hat USA 2010 I Ivan Ristic Ri ti Director

Internet SSL Survey 2010 Black Hat USA 2010 Black Hat USA 2010 I Ivan Ristic Ri ti Director of Engineering, Web Application Firewall and SSL iristic@qualys.com / @ivanristic July 19 th , 2010 (v1.0) h Agenda 1. Why do we care about SSL?

705 views • 43 slides
Academia Sinica Grid Computing Certification Authority (ASGCCA) C.C.Chang Academia Sinica

Academia Sinica Grid Computing Certification Authority (ASGCCA) C.C.Chang Academia Sinica

Academia Sinica Grid Computing Certification Authority (ASGCCA) C.C.Chang Academia Sinica Computing Centre Outline Introduction to ASGCC / ASGCCA Procedural Security Physical Security Technical Security Contact

214 views • 20 slides
Grid School Module 4: Grid Security 1 Typical Grid Scenario Resources Users 2 Requirements

Grid School Module 4: Grid Security 1 Typical Grid Scenario Resources Users 2 Requirements

Grid School Module 4: Grid Security 1 Typical Grid Scenario Resources Users 2 Requirements The users want to be able to communicate securely Three fundamental concepts (more on the following slides): Privacy - only invited to understand

484 views • 35 slides
Network Security: Public Key Infrastructure Guevara Noubir Northeastern University

Network Security: Public Key Infrastructure Guevara Noubir Northeastern University

Network Security: Public Key Infrastructure Guevara Noubir Northeastern University noubir@ccs.neu.edu Network Security Slides adapted from Radia Perlmans slides Key Distribution - Secret Keys What if there are millions of users and

624 views • 14 slides

More recommend