pki: pub lic k ey infr astr uctur epeople.ku.edu/~wes/acs/pki-check-slides.pdf · business pr...

Post on 10-May-2020

0 Views

Category:

Documents

0 Downloads

Preview:

Click to see full reader

TRANSCRIPT

Wes HubertInformation Services

The University of Kansas

PKI: Public Key Infrastructure

What is it, and why should I care?

Conference on Higher EducationComputing in KansasJune 3, 2004

Why?

PKI adoption will continue growing to support highly sensitive or regulated

business processes. However, the dream of using it for general-purpose

authentication and ubiquitous digital signatures is still several years in the

future and not a certainty.

Public Key Infrastructure: Making Progress, But Many Challenges RemainDan Blum and Gerry Gebel, Burton GroupMarch 2003 ECAR report

PKI adoption hurdles are lower than ever, and the benefits are greater than ever.

The time has come to stop studying and testing and take the plunge.

EDUCAUSE Review March/April 2004

PKI: A Technology Whose Time Has Come in Higher EducationMark Franklin, Larry Levine, Denise Anthony, and Robert BrentrupDartmouth College

You should know enough about PKI to determine which view applies to your

current situation.

BenefitsStrong authentication

HIPAA, FERPA, etc.

Protection from “sniffing” attacks

S/MIME secure email

Signing, encryption

Work with other PKI developments

Inter-university use of PKI

Kansas government PKI use

Grant signing requirements

Hurdles

Certification Authority Issues

Outsource, Buy, or Build?

Key/Certificate Management

Policy Development

Registration of users (vetting)

Finding compatible applications

User key management

Common PKI UseEstablishing SSL Connections

Authenticates web server to browser

Uses CA root built into browser

University buys certificates from CA

Protection is only for data transfer

Does not authenticate user

Does not authenticate a specific service

User-level: Individual CA Certs/Keys

Non-PKI Keys/Certificates

Argus Server Authentication

Certificates for server-to-server authentication

Locally generated keys and certs

No direct user involvement

Argus User Authentication

NOT certificate-based

User-level: PGP, GPG, SSH

Higher Education Organizations for PKINMI-EDIT

NSF Middleware Initiative Enterprise and Desktop Integration Technologies

Members

EDUCAUSE

Internet 2

SURA (SE Univ Research Assoc)

HEPKI-TAG

Coordinates many PKI developments

Higher Education Initiatives

USHER

US Higher Education Root

Follow-on to CREN as CA

InCommon

Shibboleth Federation

CA Signs Institutional Shib Certs

HEBCA

Higher Education Bridge Certification Authority

USHER Certificates

Low

Few constraints on campus operations

Suitable for many campus needs

Good for learning

Basic

CP places more constraints on use

HEBCA peering

Both will issue only institutional certs

HEBCA Trust

HEBCA

HECPInCommon

Campus Campus

HECA

FBCA

Fd Root CA

Agency CAAgency CA

Kansas Government PKIDistributed across several agencies

Information Technology Executive Council (ITEC)

Responsible for Kansas Certificate Policy

Office of Secretary of State (SOS)

Responsible for CA services contract

Information Network of Kansas (INK)

Responsible for KS Info Consortium contract

KIC manages official state web site

www.accesskansas.org

Kansas Government PKIDistributed across several agencies

General state PKI information online at: http://da.state.ks.us/itab/PKIMain.htm

Agencies using service act as Local Registration Authority

Current end-entity certs $40/year

Kansas Government PKI

Agencies using PKI

State Treasurer’s Office

“The Vault” Extranet

Department of Revenue

E-Lein

Department of Transportation

Kansas Government PKI

Identity Management Security Levels

Level 1

Virtual Vetting (no physical presence)

Level 2

Physical Vetting; LRA

Level 3, 4

Not yet issuing

Kansas Statutes

Chapter 16. Contracts and PromisesArticle 16. Electronic Transactions

Electronic Signature [16-1602(i)]

Digital Signature [16-1602(e)]

If a law requires a signature, an electronic signature satisfies the law. [16-1607(d)]

http://www.kslegislature.org/cgi-bin/statutes/index.cgi/

Electronic Signature

... an electronic sound, symbol or process attached to or logically associated with a record and executed or adopted by a person with the intent to sign the record.

Digital Signature

... a type of electronic signature consisting of a transformation of an electronic message using an asymmetric crypto system such that a person having the initial message and the signer's public key can accurately determine whether: ! ! ! (1) ! The transformation was created using the private key that corresponds to the signer's public key; and ! ! ! (2) ! the initial message has not been altered since the transformation was made.

Given a choice between security and convenience,

users will choose convenience.

A system of CAs (and, optionally, RAs and other supporting servers and agents) that perform some set of certificate management, archive

management, key management, and token management functions for a

community of users in an application of asymmetric cryptography.

Public Key Infrastructure

(RFC2828 Definition)

Traditional Cryptography

Symmetric

Same key that encrypts, decrypts

Key is always secret

Problems

Exchanging key with trusted parties

Same key gives everyone access

Access includes ability to modify

Traditional Cryptography

DES (Data Encryption Standard)

IBM, NIST, NSA 1970s

56-bit key

Triple DES, 112-bit effective key size

AES (Advanced Encryption Standard)

Rijndael

128/192/256-bit key sizes

Public Key Cryptography

Diffie-Hellman 1976

Asymmetric

Two keys: one private, one public

Each decrypts what other encrypts

Problems

Much slower than symmetric

Key management

Public Keys Provide

Confidentiality

Protection again unauthorized access

Integrity

Protection against unauthorized changes

Authentication

Verification of an identity

Nonrepudiation

Cannot deny private key was used

Key Management

Generating Keys

Authenticating Public Keys

Distributing Keys

Generating KeysKeys are generated in pairs

Private/Public

Keeping private keys secret

Ideally no one but owner ever has key

Problems

convenience

escrow

recovery

Authenticating Public KeysX.509 Certificates

Bind public keys to identity information

Contents Include

Version Number

Public Key

Owner’s Name

Initial / Final Dates Valid

... other information ...

Signed by issuing CA

Digital Credentials

Private Key

For exclusive use of owner

MUST be kept secure

Public Key Certificate

Available to everyone

Links key with owner’s identity

Trust must be established somehow

Distributing CredentialsPKCS#12

Standard for secure transportation of user identity information

Wraps data in password-protected object

Content can include

Keys

Certificates

Passwords

PKCS#12 Package

X.509 Certificate

Public Key

Identity Info

Other Info

CA Signature

Private Key

Credential Package

Certificate ManagementDistribution

User to user (e.g. email)

LDAP directories

Revoking Certificates

Certificate Revocation Lists (CRL)

Online Cert Status Protocol (OCSP)

Keys and Certificates are not the same

Certificates not used for private keys

Credential GenerationKey Generation

Private Key Public Key ID Information

CertificateSigningRequest

Public Key Certificate

CA Private Key

CA Signing

PKCS#12Generation

PKCS#12ObjectPackage

Public Key Infrastructure

Solves some problems of public keys

Establishing owner’s identity

Defining validity dates, uses

Based on trusted third party

Signing may be through multiple levels

CA cert may sign other CA certs

Must end at trusted root CA

Certification Authority Functions

Register Users

Directly or through Registration Authority

Issue Public Key Certificates

Revoke Certificates

Publish revocation information

Archive Key and Certificate Data

Retrieve archives when appropriate

May or may not ever have user private key

Policies and ProceduresCertificate Policy Statement

Broad specification of policy objectives

Accepted by CA & relying party

Certification Practices Statement

Detailed practices for issuing certificates

Certificate lifetime, revocation, etc.

KU as Certification Authority

Strong authentication for campus services

Registration already done via Registrar & Human Resources

A natural extension of current I/A/A activity

KU Online ID, AMS, Argus, LDAP

Policy framework: EDUCAUSE, I2

Build on open source foundation

KU Root CA

KU Intermediate CA

KU Institutional CA

User Certificates

KU Personal CA

User Certificates

Other potential uses

KU Certificate Hierarchy

KU Root Certificate

Available on web at:

https://www.ku.edu/kuca

Currently root/anchor certificate

Must be installed into client system

Plan USHER-based path in future

Corresponding private key:

Used only to sign Intermediate CA Cert

Now stored only on encrypted CD

KU Digital Credential Process

Action Initiated by LocationTest Request User Web

Approval CA ServerID Request User WebGeneration CA Offline CANotification CA Email

Retrieval User WebInstallation User User’s PC

Use User Application

S/Mime Email

Normal Email is like a postcard

Message encryption seals the envelope

Digital signature adds unique “sealing wax” stamp

Message

Message Digest

Compute

Transmitted Message

(Original message encrypted digest

Sender!sPrivate Key

Encrypted Message Digest

Encrypt

Sender!s Cert(Public Key)

(Optional-- may be obtained by other means)

optional sender cert)

Signing Process

Message(with encrypted digest)(optional public key cert)

Message Digest

Compute

Encrypted Message Digest

(Extract)

Sender!s Cert(Public Key)

Verify throughCA Root Cert

Decrypt

Message Digest

Compare

The message digests match only if 1) Sender!s private key signed the message 2) The message has not been altered

Signature Verification

MessageGenerate(Random)

Symmetric Key

Encrypted Message

Encrypt

(Key)(Data)

Encrypt

Recipient!s Cert(Public Key)

EncryptedSymmetric Key

(One for each recipient)

(Key)(Data)

Transmitted Message

(Encrypted message Encrypted key)

Encryption Process

Transmitted Message

(Encrypted message Encrypted key)

Recipient!sPrivate Key

Symmetric Key

Decrypt

EncryptedSymmetric Key

(Key)(Data)

Extract

Encrypted Message

Message

Decrypt

(Key)(Data)

Decryption Process

top related