application of attribute certificates in s/mime greg colla & michael zolotarev baltimore...
TRANSCRIPT
Application of Attribute Certificates in S/MIME
Greg Colla & Michael Zolotarev
Baltimore Technologies
47th IETF ConferenceAdelaide, March 2000
IETF47, Mar 2000, Adelaide
Overview
• S/MIME and PK Certificates• S/MIME Problems• Secure mail requirements• Possible solutions• E-mail Attribute Certificates• Practical Implementation• Issues
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
S/MIME Certificate Usage
Verification – check signer’s e-mail address against sender’s addressEncryption – obtaining “encryptee’s” public key certificate
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
S/MIME Problems• Multiple e-mail addresses
– User has multiple e-mail addresses
• Maintenance of e-mail addresses– Change company name (and Internet domain)
• Security Proxy– a proxy signs and decrypts on behalf of many
users
• Privacy/Spam
[email protected]@dev.foo.com
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Essential RequirementsAddress Aliasing:Associate a single entity with multiple e-mail addresses, with a single PKC.
Secure Proxying:Associate multiple entities, each with their own e-mail address, with a common PKC.
Address Sharing:Associate multiple entities, each with their own PKC, with a single e-mail address.
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Solution Criteria
• Cryptographically bound association between an e-mail address and a public key
• Unambiguous reference from e-mail address to PK certificate(s)
• Dynamic extension of address set• Practical aspects
– Generation, distribution, publication, retrieval, verification
• Minimum of changes to current standards• Utilize existing infrastructure
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Overview of Possible Solutions
1. Embed e-mail address into entity’s certa) One e-mail address per certificate, each with
same public key
b) One certificate with multiple e-mail addresses
2. AddressPKC association signed by entity– Authenticated attributes
3. AddressPKC association signed by TTP– Attribute Certificate
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Attribute Certificates
• Flexible• Scalable• Standards Based• Available
Infrastructure
TTP (AA)
Owner
E-mail address
Signature
Other Attributes
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Cryptographically bind e-mail addresses withGateway’s PK certificate
cn=Gateway
AC
[email protected]@foo.com
AC
E-mail Attribute CertificatesAttribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
E-mail Attribute Certificates
Cryptographically bind e-mail addresses with entity’s PK certificate
cn=Alice
AC
[email protected]@dev.foo.com
AC
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Practical Implementation (1/5)
• Generation– Generation by an Attribute Authority(AA)
• TTP attests that the address is associated with the entity
• Request– By or on behalf of entity– Automatically by security proxy– By relying party (LAAP)
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Practical Implementation (2/5)
• Distribution & Retrieval– Generate by AA, publish in LDAP– Distribute as part of signed message– Retrieval based on e-mail address
• Validity & Revocation– Validity: as long as the PKC & e-mail
address remain valid – Revocation: use available standards
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Practical Implementation (3/5)
Retrieving attribute and PK certificates from LDAP
1.Use the from: or to: address from message as a search index
2.Request the directory to retrieve all attribute certificates from the matching entries
3.Out of all returned attribute certificates, select those with required e-mail address
4.Retrieve PK certificates referenced by selected attribute certificates
[email protected][email protected]=
attributeCertificate=
Alice’s new LDAP entry
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Practical Implementation (4/5)
Message Verification Walkthrough
– Retrieve e-mail AC(s) using sender’s address as index
– Retrieve PKC(s) referenced by AC(s)– Identify signing certificate– Validate ...– Validate the message
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Practical Implementation (5/5)
Message Encryption Walkthrough
– Retrieve e-mail AC(s) using recipient’s address as index
– Validate ...– Retrieve PKC(s) referenced by valid e-
mail AC(s)– Validate ...– Encrypt the message using valid
encryption certificate(s)
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Other Considerations
• Privacy– Remove private information from PK
certificate– Different access control on PK certificate than
e-mail AC in directory– Different directories for email ACs and PKCs
• Security– Need to ensure that content of e-mail AC is
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Comparison with existing Infrastructure
Existing• Multiple addresses in certificate• Re-issue keys in new certificate
with new e-mail address Supported by existing PK and
S/MIME infrastructure Difficult for large number of e-
mail addresses (ie security proxies)
Difficult to separate internal and external e-mail addresses
Contra to legislation in some countries
Proposed• Store E-mail address in e-mail
AC, which references PKC
• Issue e-mail AC’s as required Flexible method for
maintaining e-mail addresses Infrastructure available Supplements current S/MIME
infrastructure Supports security proxies Defined mechanism to retrieve
PKC’s from directory, AA Additions required to
processing module’s logic
Attribute Certificates & S/MIME
IETF47, Mar 2000, Adelaide
Summary
• Maintenance of e-mail addresses limits S/MIME usability
• Attribute Certificates cryptographically bind e-mail addresses with PK certificates
• E-mail Attribute Certificates provide a flexible solution for maintaining e-mail addresses
• Supplements current infrastructure
• Localized modifications required to S/MIME components to utilize E-mail ACs
• E-mail ACs can be used to solve other S/MIME limitations
Attribute Certificates & S/MIME