Standards and Protocols

About This Presentation

Title:

Standards and Protocols

Description:

Standards and Protocols Chapter 7 – PowerPoint PPT presentation

Number of Views:190

Avg rating:3.0/5.0

Slides: 49

Provided by: Just2156

Category:

more less

Transcript and Presenter's Notes

Title: Standards and Protocols

1
Standards and Protocols

Chapter 7

2
Objectives

Identify the standards involved in establishing
an interoperable Internet PKI.
Explain interoperability issues with PKI
standards.
Describe how the common Internet protocols
implement the PKI standards.

3
Key Terms

Certificate
Certificate Authority (CA)
Certificate Revocation List (CRL)
Internet Security Association and Key Management
Protocol (ISAKMP)
IPsec
Pretty Good Privacy (PGP)
Public key infrastructure (PKI)
Secure/Multipurpose Internet Mail Extensions
(S/MIME)
Secure Sockets Layer (SSL)

4
Key Terms (continued)

Transport Layer Security (TLS)
Wired Equivalent Privacy (WEP)
Wireless Application Protocol (WAP)
Wireless Transport Layer Security (WTLS)
X.509

5
Standards and Protocols

Commercial use of the Internet has been one of
the biggest growth industries since the 1990s.
Public key infrastructures (PKI) are implemented
to secure transactions online.
Three categories of standards associated with
PKI
Standards that define the PKI
Standards that define the interface between
applications and the underlying PKI
Other standards

6
Relationships Between PKI Standards and Protocols
7
PKIX Standard and PKCS

Two main standards for implementing PKI.
Both based on X.509 standard.
PKIX produced by Internet Engineering Task Force
(IETF) interactions and operations have four
component types
The user, certificate authority (CA),
registration authority (RA), and the certificate
revocation list (CRLs)
PKCS produced by RSA security.

8
The PKIX Model
9
PKIX Standard

PKIX working group addresses five major areas
Outlines certificate extensions and content not
covered by X.509 v3 and the format of version
Provides certificate management message formats
and protocols, defining the data structures,
management messages, and management functions for
PKIs
Outlines certificate policies and certification
practices statements (CPSs), establishing the
relationship between policies and CPSs
Specifies operational protocols, defining the
protocols for certificate handling
Includes time-stamping and data certification and
validation services

10
Attribute Certificates and Qualified Certificates

Attribute Certificate (AC) is used to grant
permissions using rule-based, role-based, and
rank-based access controls.
ACs are used to implement a privilege management
infrastructure (PMI).
Qualified Certificate (QC) is based on European
Commission term used to identify certificates
with specific legislative uses.
The PKIX QC profile indicates a certificate used
to identify a specific individual with a high
level of assurance in a nonrepudiation service.

11
The PKIX PMI Model
12
Public Key Cryptography Standards (PKCS)

Public Key Cryptography Standards (PKCS) fills
gaps in standards that existed for implementing
PKI.
PKCS is composed of 13 active standards and 2
discontinued standards.

13
15 Public Key Cryptography Standards
Standard Title and Description
PKCS 1 RSA Cryptography Standard Definition of the RSA encryption standard
PKCS 2 Incorporated into PKCS 1, no longer active
PKCS 3 Diffie-Hellman Key Agreement Standard Definition of the Diffie-Hellman key-agreement protocol
PKCS 4 Incorporated into PKCS 1, no longer active
PKCS 5 Password-Based Cryptography Standard Definition of a password-based encryption (PBE) method for generating a secret key
PKCS 6 Extended-Certificate Syntax Standard Definition of an extended certificate syntax that was made obsolete by X.509 v3
14
15 Public Key Cryptography Standards (continued)
Standard Title and Description
PKCS 7 Cryptographic Message Syntax Standard Definition of the cryptographic message standard for encoded messages, regardless of encryption algorithm
PKCS 8 Private-Key Information Syntax Standard Definition of a private key information format, used to store private key information
PKCS 9 Selected Attribute Types Definition of attribute types used in other PKCS standards
PKCS 10 Certification Request Syntax Standard Definition of a syntax for certification requests
PKCS 11 Cryptographic Token Interface Standard Definition of a technology-independent programming interface for cryptographic devices
15
15 Public Key Cryptography Standards (continued)
Standard Title and Description
PKCS 12 Personal Information Exchange Syntax Standard Definition of a format for storage and transport of user privates keys, certificates, and other personal information
PKCS 13 Elliptic Curve Cryptography Standard Description of methods for encrypting and signing messages using elliptic curve cryptography
PKCS 14 Cryptographic Message Syntax Standard Definition of the cryptographic message standard for encoded messages, regardless of encryption algorithm
PKCS 15 Cryptographic Token Information Format Standard Definition of a format for storing cryptographic information in cryptographic tokens
16
X.509

X.509 is the portion of the X.500 standard that
addresses the structure of certificates used for
authentication.
X.509 specifies standard formats for public key
certificates, certificate revocation lists, and
Attribute Certificates.
Version 3 is the current version of the X.509
standard.

17
X.509 Certificate Components
Field Name Field Description
Certificate Signature X.509 version used for this certificate Version 1 0, Version 2 1, Version 3 2
Serial Number A nonnegative integer assigned by the certificate issuer that must be unique to the certificate.
Signature Algorithm Algorithm Parameters (optional) The algorithm identifier for the algorithm used by the CA to sign the certificate. The optional Parameters field is used to provide the cryptographic algorithm parameters used in generating the signature.
Issuer Identification for the entity that signed and issued the certificate. This must be a distinguished name within the hierarchy of CAs.
18
X.509 Certificate Components (continued)
Validity Not valid before time Not valid after time Validity specifies a period of time during which the certificate is valid, using a not valid before time and a not valid after time (expressed in UTC or in a generalized time).
Subject The name for the certificate owner.
Subject Public Key Info This field consists of an encryption algorithm identifier followed by a bit string for the public key.
Issuer Unique ID Optional for versions 2 and 3a unique bit-string identifier for the CA that issued the certificate.
Subject Unique ID Optional for versions 2 and 3a unique bit-string identifier for the subject of the certificate.
19
X.509 Certificate Components (continued)
Extension ID Critical Extension Value Optional for version 3the extension area consists of a sequence of extension fields containing an extension identifier, a Boolean field indicating whether the extension is critical, and an octet string representing the value of the extension. Extensions can be defined in standards or defined and registered by organizations or communities.
Thumbprint Algorithm Parameters (optional) This field identifies the algorithm used by the CA to sign this certificate. This field must match the algorithm identified in the Signature Algorithm field.
Thumbprint The signature is the bit-string hash value obtained when the CA signed the certificate. The signature certifies the contents of the certificate, binding the public key to the subject.
20
Certificates Authorities (CA)

The root CA issues its own certificate.
Certificates can be traced through a path to the
root CA.
Each entity that is issued a certificate must be
uniquely identifiable.
CAs determine what identifier is unique.

21
Secure Sockets Layer (SSL) and Transport Layer
Security (TLS)

Provide secure connections between the client and
server for exchanging information
Provide authentication and confidentiality of
information transfers
Provide data integrity and security over
networksby encrypting network connections at the
transport layer

22
SSL/TLS

TLS SSL are not interchangeable TLS is the
more modern of the two.
TLS is superior to SSL since SSLs use of hashing
forces a reliance on MD5 rather than SHA1.
TLS is composed of two parts.
TLS Record Protocol
TLS Handshake Protocol

23
TLS Record Protocol

TLS Record protocol send data by
Fragmenting message data into manageable blocks
Optionally compressing the data
Applying a message authentication code (MAC) to
the data
Encrypting the data
Transmitting the results
Received data is decrypted, verified,
decompressed, and reassembled and sent on to the
higher-level client.

24
TLS Handshake Protocol
25
Internet Security Association and Key Management
Protocol (ISAKMP)

Provides a method for implementing a key exchange
protocol and for negotiating a security policy
Defines procedures and packet formats to
negotiate, establish, modify, and delete security
associates

26
ISAKMP (continued)

ISAKMP supports SAs at all layers of the network
stack.
A Security Association (SA) is a relationship in
which two or more entities define how they will
communicate securely through a two step process
Entities agree on how to secure messages
Entities determine the SAs for protocols to be
used for remainder of communications

27
ISAKMP Header Format
28
Certificate Management Protocol (CMP)

A protocol to obtain X.509 certificates in a PKI.
Provides the following certificate operations
CA establishment, including creation of the
initial CRL and export of the public key for the
CA
Certification of an end-entity
CMP also defines mechanisms for performing these
operations, either online or offline using files,
e-mail, tokens, or web operations.

29
The XML Key Management Specification XKMS

Defines services to manage PKI operations within
XML
Used for authentication and verification of
electronic signatures
Allows certificates to be managed, registered, or
revoked
Services accessible via XML protocol, which is
often easier to interface with than PKI

30
The XML Key Management Specification XKMS
(continued)

Functions on three tiers of service
Tier 0 is the retrieval method provides a means
for retrieving key information by embedding
references to the key within the XML signature.
Tier 1 is called the locate service XKMS serves
as a relay between the client and the PKI.
Tier 2 is called the validate service XKMS is
actively involved in verifying the relation
between the PKI information and the document
containing the XML signature.

31
XKMS Tier 0 Retrieval
32
XKMS Tier 1 Retrieval
33
XKMS Tier 2 Locate Service
34
Secure/Multipurpose Internet Mail Extensions
(S/MIME)

Provides a way to send and receive encrypted and
signed mime data.
Undergone several revisions, most recent
completed in 2004 by IETF and requires
Requires the use of Advanced Encryption Standard
(AES)
Frequent changes have made the standard difficult
to implement.

35
IETF S/MIME v3 Specifications

Includes specifications for all the following
Cryptographic Message Syntax (CMS)
S/MIME v3 message specification
S/MIME v3 certificate-handling specification
Enhanced security services (ESS) for S/MIME

36
Pretty Good Privacy (PGP)

Program used to encrypt and decrypt e-mails and
files
Provides the ability to digitally sign a message
How PGP works
Creator uses encryption program to create a key
pair.
Public key designed to give freely to others
Private key designed to be known only be the
creator
Messages encrypted by the sender using the
recipients public key.
The recipients private key is used to decrypt the
message.

37
How PGP Works

PGP uses a variation of the standard public key
encryption process.
An individual (here called the creator) uses the
encryption program to create a pair of keys.
One key is known as the public key and is
designed to be given freely to others.
The other key is called the private key and is
designed to be known only by the creator.
Individuals who want to send a private message
to the creator encrypt the message using the
creators public key.
The algorithm is designed such that only the
private key can decrypt the message, so only the
creator will be able to decrypt it.

38
HTTPS

Uses SSL to secure Hypertext Transfer Protocol
(HTTP) communications
Uses TCP port 443
Supports 40-bit RC4 encryption algorithm and
128-bit encryption

39
IPsec

Collection of IP security features designed to
introduce security at the network layer
Optional in IPv4, required in IPv6
Two types of security service
Transport mode can be used to ensure
authentication and confidentiality for data
alone.
Tunnel mode can be used to ensure authentication
and confidentiality for both data and header.

40
Certificate Enrollment Protocol (CEP)

Designed to support certificate issuance,
distribution, and revocation using existing
technologies
Uses PKCS 7 and PKCS 10 to define common
message syntax

41
Federal Information Processing Standards
Publications (FIPS)

Describes various standards for data
communication issues.
Issued through the National Institute of
Standards and Technology (NIST).
Three main categories of FIPS publications
Hardware and software standards/guidelines
Data standards/guidelines
Computer security standards/guidelines
Products sold to U.S. government must comply to
relevant FIPS standards.

42
Wireless Transport Layer Security (WTLS)

Provides security for Wireless Application
Protocol (WAP)
Implemented due to the limited memory and
processing of WAP-enabled phones
Implemented in one of three classes
Class 1 anonymous authentication
Class 2 server authentication
Class 3 server and client authentication
Class 3 the strongest form of WTLS

43
Point-to-Point Tunneling Protocol (PPTP)

It allows the encapsulation of one packet inside
another to hide the original packet.
Its use is widespread and its easy to configure.

44
Wired Equivalent Privacy (WEP)

Used to protect wireless communications from
being intercepted
Used to prevent unauthorized access to the
wireless network
Part of the original 802.11 standard
WEP 1 supported 64 bit encryption WEP 2 supports
128 bit encryption
Both WEP 1 and WEP 2 vulnerable to various attack
vectors

45
WEP Security Issues

Wireless networking with 802.11 is common.
WEP is an optional security protocol with
significant issues
It uses a 24-bit initialization vector as a seed.
This allows for more than 16 million vectors.
At modern networks speeds it does not take long
for initialization vectors to repeat.
The secret key is only 40 bits, and is also
quickly breakable.
Some provides use 128-bit WEP but is almost
equally vulnerable.

46
ISO/IEC 27002 - Formerly ISO 17799

Standard designed for creating and implementing
security policies
Contains material on 12 subject areas
Risk assessment - Determine the impact of risks
Security policy - Guidance and policy provided
by management
Organization of information security Governance
- Structure to implement security policy
Asset management - Inventory and classification
of assets
Human resources security - Policies and
procedures addressing security for employees
including hire, change, departure

47
ISO/IEC 27002 - Formerly ISO 17799 (continued)