Public Key Infrastructure

1
Public Key Infrastructure
Kianoosh Mokhtarian

• Computer Engineering Department
• Sharif University of Technology
• 12/25/2006

2
Motivation

• Who has the private key corresponding to a given
  public key?
• Public Key Infrastructure
• Allows binding of public keys to entities
• Entity a person, a hardware component, a
  service,

3
PKI A relatively complete definition

• A PKI is a set of agreed-upon standards,
  Certification Authorities (CA), structure between
  multiple CAs, methods to discover and validate
  Certification Paths, Operational Protocols,
  Management Protocols, Interoperable Tools and
  supporting Legislation

4
PKI Components

• Four basic components of a PKI
• Certificate Authority
• Generates certificates and revocation lists
• Registration Authority
• Checks users identity to ensure binding is
  correct
• Directory
• Database of certificates and revocation lists
• Archive
• Keeps old certificates and revocation lists for
  use in future

5
Digital Certificate

• Ones Public Key signed by a trusted third party,
  i.e. Certificate Authority
• Certificate Public Key, ID,
• ECAs Private Key(Certificate - Signature)
• Self-signed certificates
• Declaration of Invalidity
• Certificate Revocation List

6
Digital Certificate (contd)

• Issuer name
• Serial number (Unique number from CA)
• Validity period
• Subject (Details of public keys owner)
• Subject Public Key parameters (e.g. RSA)
• Subject Public Key
• Extensions (e.g. key usage, alternative user
  name)
• Signature algorithm parameters (e.g. SHA-1)
• Signature of CA

7
Digital Certificate (contd)
Issuer
Subject
Subject Public Key
Issuer Digital Signature
8
Certificate Revocation List
Revoked Certificates remain in CRL until they
expire
9
Certificate Revocation

• Certificate invalidity
• Certificate Revocation List
• Published by CAs
• Responsibility of users to get (i.e. download) it
• Contains list of invalid certificates along with
  CAs signature

10
Online Certificate Status Protocol (OCSP)

• An alternative to CRLs
• IETF/PKIX standard for a real-time check
• Requires a high available OCSP Server

11
CRL vs. OCSP
CRL
Download CRL
User
CA
CRL
Directory
Certificate IDs to be checked
Download CRL
CRL
User
OCSP Server
CA
Answer about Certificate States
Directory
OCSP
12
Certificate Authority

• A trusted third party
• Must be a secure server
• Signs and publishes certificates
• X.509 identity certificates
• Revokes certificates
• Through Certificate Revocation List
• Many vendors OpenSSL, Netscape, Entrust,
  Verisign, RSA Security,

13
Registration Authority

• Registration Authority
• Verification of user info
• No liability
• Only handles registration, not re-issuance,
  revocation, etc.
• Works with CA

14
Procedure of Getting a Certificate

• Alice creates a key pair and goes to the RA to
  request a certificate
• The RA checks her ID and requests certificate
  from the CA
• The CA sends Alices digital certificate
• Bob wants Alices certificate
• Gets hers
• Makes sure it is not on the revocation list

15
X509

• An ITU-T standard for PKI
• A CA issues a certificate binding a public key
  to
• A particular Distinguished Name
• An Alternative Name, such as an e-mail address or
  a DNS-entry

16
X.509 PKI Certificate Authority

• Basic tasks
• Key Generation
• Digital Certificate Generation and Issuance
• Revocation
• Key Backup and Recovery System
• Cross-Certification

17
X509 PKI Approach to Trust

• Why should I trust a CA?
• Certificate Hierarchies
• Each entity has its own certificate signed by its
  parent CA
• Roots is self-signed
• Each CA may also issue CRLs
• End entities need to find a certificate path to a
  CA they trust

18
X509 PKI Approach to Trust

• Why should I trust a CA?
• Cross-certification
• Increasing complexity

19
Certificate Policies in X509

• Provides the overall guiding principles that an
  organization endorses
• Who may do what and how
• Names a set of rules applicability of a
  certificate
• Digital signature of e-mail
• Encryption of data
• Verification of Web-site identity
• Further issuance of certificates
• delegation of authority

20
Certificate Policies in X509 (contd)

• Certificate Policies
• Critical
• The only ones a digital certificate is used for
• Non-critical policies
• A document which usually has legal effect

21
Certificate Policies in X509 (contd)

• Each PKI implementation should reflect in a CP
  statement
• Purpose of the PKI
• Specific business requirements the PKI addresses
  through
• Security architecture
• Associated trust model and threat profile
• Specific security services the PKI supports

22
Certificate Practice Statement (CPS)

• A document that sets out what happens in practice
  to support the policy statements made in the CP
• How a CA implements a particular CP
• Designed for a few purposes
• Awareness of customers
• Limiting liability
• Outlining procedures for personnel

23
Attribute Certificates

• X509 certificates are for identity
• What about authorization?
• Access to systems
• etc.
• Attribute certificates convey that information
• Short-lived
• Frequently updated

24
Thank You
Any Questions?