Title: Introduction to PKI Based Application Development cyber Security Div' , NIC HQ
1Introduction to PKI Based Application
Development cyber Security Div. , NIC HQ
2An Introduction to Public key cryptography (PKC)
3PKC is based on the following security techniques
- Authentication
- Confidentiality
- Integrity
- Non-repudiation
4Symmetric-key Cryptography
- Data encrypted and decrypted with same key
- Classical examples Caesar cipher, one-time pad,
Enigma Machine
5Asymmetric Key Encryption
- Important to know who should know which key(s)
- In general
- Sender encrypts with recipients public key
- Recipient decrypts with its private key
6Matrix of Keys
7Asymmetric Key Cryptography
8Asymmetric Key Example
- Consider a bank and its customers
- Customers encrypt their messages with banks
public key - Bank decrypts messages with its private key
9Asymmetric Key Cryptography Example
10Public Key Cryptography
- Each user has a key pair, consisting of a public
and private key - Anything encrypted with one key may only be
decrypted by the other. - To make message readable only by B, encrypt
message using B's public key
11Digital Signature Concept
- Sender encrypts message or its fingerprint with
its private key - Guarantees that only the sender could have
created this message - Basis for Non-repudiation
12Basis for Digital Signatures
13Digital Signatures
Signature Generation
Signature Verification
14Message Digest Concept
- Also called as Hash
- Unique representation of a message
- Similar to finger print of a human
15Message Digest Concept
16Message Digest Demands - 1
17Message Digest Demands - 2
18Message Digest Demands - 3
19Message Digest Differences
- Even if the original messages differ minutely,
message digests differ dramatically - Basis for the guarantee of uniqueness
20Message Digest Example
21Message Digest Algorithms
- Basic principle Take the original message, and
reduce it to a smaller fingerprint - Examples MD5, SHA-1
- SHA-1 is considered stronger
22Cryptographic Hash Algorithms
- Reduces a message to a fixed size message digest
- used for authentication and integrity
- digital signatures, with public key algorithms
- Hashed Message Authentication Codes (HMAC) with
secret key
23Hash Standards
- FIPS 180-1
- SHA-1 160-bit hash preferred hash algorithm
today - FIPS 180-2 planned to include larger hash fields
- SHA-1 (160-bit)
- SHA-256
- SHA-384
- SHA-512
24Digital ID ?
- Binds a Subject with a key pair
- Contents of a Digital ID
- Certificate Serial Number
- Subject
- Issuer
- Valid From
- Valid To
25Digital ID ?
- Contents of a Digital ID
- Public key
- Key Usage
- Basic Purpose of Key Digital Signature, Non
Repudiation, CRL signing - Extended Key Usage
- Secure Email, Server Authentication, Client
Authentication, Code Signing, Time Stamping
26Digital ID ?
- Contents of a Digital ID
- Thumbprint
- The CAs signature validating the certificate
- Thumbprint Algorithm
27Developing PKI Applications
- What is CAPICOM
- Digital Signing with CAPICOM
- Data Encryption with CAPICOM
- Accessing Certificate Stores
- Requesting and Installing Digital Certificate
- Demo Digital Signing and Verification
- Java Cryptography
28What is CAPICOM?
- CAPICOM is a new security technology from
Microsoft - Allows an application developer to easily
incorporate digital signing and encryption into
an application - Built on top of MS CAPI
- COM based for every one!
- Visual Basic, Visual Basic script,ASP,C
- Free!
29Supported Platforms
- Windows 95/98 with Internet Explorer 5 or later
- Windows NT 4.0 with SP4
- Windows 2000
- Windows XP
30How to install CAPICOM
- Packaged as an ActiveX control
- Have your app install and register it
- Regsvr32 capicom.dll
- Use in web application, installation and
registration done automatically - One file, size 249 KB
- Redistributable
31What can CAPICOM do?
- Digitally sign data
- With software key, smart card, token
- Uses PKCS7 for interop
- Verify Digitally sign data
- Check certificate revocation
- Encrypt data
- Uses a password
- Uses a public key(for enveloping)
- Access Certificate Stores
- You dont have to use CAPICOM everywhere
- Mix and match CAPICOM, CAPI and other toolkit
32Digital signing in CAPICOM
33Main Objects in Signing
- Certificate
- Represents an X.509 certificate
- Signer
- Represents a Signer
- Authenticated attributes
- Additional meta-data included with signature
- Examples document name,description,signing time
- Protected with the content by the signature
- SignedData
- Object used to sign data
34Steps for Digitally Signing
- Which certificate to use
- Where to store the signature
- More than one signer
- How to validate a digital signature
35Supported Certificates
- Use any X.509 certificate
- Issued from anywhere
- From a certificate authority(NICCA,Verisign)
- From Windows 2000 PKI
- Use a self signed certificate
- Use any device to store the private key
- Can utilize whatever CAPI supports
- Software keys
- Smart cards
- USB tokens
36Which Certificate to use
- Application can preselect
- Enumerate Certificate in store and select
- Let CAPICOM do it
- If only one certificate, CAPICOM will use it
- If more than one certificate, CAPICOM will pop
certificate selection dialog
37Certificate Selection Dialog
38Certificate view Dialog
39What Is A Signature?
40Where to store SignatureAttached Signature
- Signature stored as PKCS 7 format
- Data stored with signature
- Only one file to manage
- Must extract the original data to use it
- This is done through verify operation
41Where to store SignatureDetached Signature
- Data and signature stored seperately
- Signature stored in PKCS 7 format
- Both files are required to verify signature
- Easier to store in separate fields in the
database
42More than one signer?
- Can store one or more signature
- SignedData.Sign() creates primary signature
- Add other signature by calling SignedData.Cosign()
- Cosigning is useful when multiple parties are
signing a contract
43Multiple signers, continued
- Can also layer signature where one attached
signature is input to another signing operation. - Inner signature cannot be removed.
44Digital Signature Verification
- Signature verification consists of
- Integrity check on the signed message
- Whether data changed?
- Certificate chain must be valid
- All certificates in chain can be found
- No chaining errors
- Revocation Check
- Repeat for each signer
45Certificate validity checking
- SignedData.verify() does not do a revocation
check. - Use CertificateStatus Object
46Encryption in CAPICOM
47Encryption
- Two ways to encrypt data
- Encrypt with a password
- Symmetric encryption
- Shared secret
- Encrypt with a public key
- Asymmetric encryption
- Only recipients can decode message
48Symmetric encryption
- Encrypts with a password
- Use a long password for better symmetric keys
- Use a random salt
- Supported algorithms
- RC2(40 bit, 60 bit, or 128 bit)
- RC4(40 bit, 60 bit, or 128 bit)
- DES
- Triple DES
- Underlying platform must support the algorithms.
49Symmetric Encryption
Decrypt with Symmetric Key
Encrypt with Symmetric Key
Encryption
Decryption
50Data Enveloping
- Combines symmetric and asymmetric encryption
- Message encrypted with symmetric key because
asymmetric encryption is slow - Symmetric key is encrypted using public key
stored in recipients certificate - Recipients decode the symmetric key with their
private key
51Data EnvelopingStep one Encrypt message
52Data Enveloping Step two encrypt the symmetric
key to the recipients
Step Two Encrypt the Symmetric Key to the
Recipients
Symmetric Key
Encryption
53Data EnvelopingStep three Put it All together
54Managing Certificate Stores
- Named, permanent storage for a collection of
certificates - Several predefined Stores
- My store houses certificates with private keys
- Root store houses trusted, self-signed
certificates - Application can define their own
- Logical stores and Physical stores
- Each logical store has one or more physical store
- HKLM\Software\Microsoft\SystemCertificates
- Logical stores support inheritance
55Logical, Physical stores and inheritance
Current User store inherits from Local Computer
store
56Certificate Stores
- Two viewing Tools
- MMC certificate snap in(certmgr.msc)
- Internet explorer certificate manager
- Tools-gtoptions-gtContent-gtCertificates
- CAPICOM
- Store.open
- Store Location(User, Machine, AD, Memory)
- Store Name(user string or predefined constants)
- Open mode read only, read-write
57Demo Digital Signing and Verification
58Cryptography with Java
- Two main technologies are JCA AND JCE.
- JCA is part of JRE
- JCE is an extension to JCA
- JCE adds simple encryption and decryption to JCA
59JCA(Java cryptographic Architecture)
- JCA is composed of number of classes in
java.security package and its sub-packages. - Provides APIs for functions like digital
signatures and message digests. - Important classes are MessageDigest, Signature,
KeyPairGenerator etc
60Message Digest Example
- Import java.security.
- //Use the MD5 algorithm
- MessageDigest md MessageDigest.getInstance(MD5
) - byte buf Message.getBytes()
- //Update the data
- Md.update(byte)
- //after input is ready, digest the data
- Byte digestBuf md.digest()
61JCE(Java Cryptographic Ex tension)
- JCE is an extension to JCA
- JCE contains the classes in the javax.crypto
package and its sub-packages - It includes classes like Cipher, KeyGenarator,
Mac etc
62Encryption example
- import java.security.
- import javax.crypto.
- // Get the key Generator
- KeyGenerator keyGenerator KeyGenerator.getInstan
ce(Blowfish) - //Generate a key
- Key key KeyGenerator.generateKey()
- //Get the Cipher and initialise it with key
63Encryption Example ctd.
- Cipher cipher Cipher.getInstance(Blowfish/ECB/P
KCS5Padding) - cipher.init(Cipher.ENCRYPT_MODE, key)
- // assume data to encrypt is myData
- Byte cipherText cipher.doFinal(myData)
64Tour Management System
65Existing Procedure
- Manual
- Time Consuming
- Management of Information
- Reports , Locating information
66eTour Features
- Web enabled system
- Workflow based system
- Digital Signature enabled
- Ensures integrity, authenticity and non
repudiation - Connects to existing Directory Server for
authentication - Supports Air as well as Train Travel
- Mail alert at every stage
67Roles supported
- Initiating officer
- HOD
- HOG
- DG
- DDO
68State Diagram Air Travel
HOD Forwards
HOG Forwards
Request Forwarded
Request Forwarded
DG Approves
DDO Processes
Request Processed
Request Approved
69State Diagram Train Travel
HOD Forwards
DDO Processes
Request Processed
Request Approved
70eTour Features
- Initiating officer may initiate a request.
- HOD may forward the request
- HOG may forward the request
- DG may approve the request
- DDO may update the request
- DDO may print the Tour Sheet
- Multiple DDOs supported
71Security features
- Shows last logon date and time
- Digital Signature
- Certificate Based Logon Support
- Automatic CRL download
- User Certificate Mapping
- Client side and server side validation
- Configurable CAs
72Tour Procedure Air Approval
- Initiating officer fills up the form and submit
it to HOD - HOD may forward it either to HOG or DG
- HOD may forward
- DG may finally approve
73Tour Procedure Train Approval
- Initiating officer fills up the form and submit
it to HOD - HOD may approve
74Login process
Auth with Directory
Application Server
Fetch registered Certificates.
Directory Authentication, Certificates
Submit auth info
Launch Application
Database Roles , Data , work flow
Client
75 Digital Signature Verification
Application Server
Fetch CRL
CA Repository
Submit Signed Form
Database
Client
76Certificate Based Logon
Application Server
2. Fetch cert list
5. Verify Signature,check CRL log results.
6. Launch app / logout
Database
Directory
3. Send logon String to be signed , certificate
list and scripts
1. Submit login name
4. Sign and send login String
Client
77 Platform Information
Application Server Tomcat , JAVA , JSP on
windows 2000
LDAP,HTTP
CA Repository
Database SQL Server
Client IE , CAPICOM , JScript
78Thank you!Cyber Security DivisionNIC HQ