cs 590/490 network security
DESCRIPTION
Digital Certificate, CA (Certificate Authority Root CA and chain of CA trust. CS 590/490 Network Security. Department of Computer Science Southern Illinois University Edwardsville Fall, 2007 Dr. Hiroshi Fujinoki E-mail: [email protected]. Certificate/001. Digital Certificate. Certificate - PowerPoint PPT PresentationTRANSCRIPT
CS 590/490 Network Security
Digital Certificate, CA (Certificate AuthorityRoot CA and chain of CA trust
Department of Computer ScienceSouthern Illinois University Edwardsville
Fall, 2007
Dr. Hiroshi FujinokiE-mail: [email protected]
Certificate/001
CS 590/490 Network SecurityDigital Certificate
• A set of information that securely identifies a host in a network
What is (Digital) Certificate?
• Certificate is a text (ASCII-coded) document file
• When you talk to a network host, you use a certificate of the host to confirm the identity of the host you talked to.
Your Host Another Host
You talked to this host“Are you there?”
Another host replies
“I’m here.”
• Masquerading• M-in-M
Certificateof this hostI see. It’s
you!
Certificate/002
CS 590/490 Network SecurityDigital Certificate
• A set of information that securely identifies a host in a network
What is (Digital) Certificate?
• Certificate is a text (ASCII-coded) document file
• When you talk to a network host, you use a certificate of the host to confirm the identity of the host you talked to.
Your Host Another Host
You talked to this host“Are you there?”
Another host replies
“I’m here.”
• Masquerading• M-in-M
Certificateof this host
Certificateof your host
I see. It’syou!
I see. It’syou!
Certificate/003
CS 590/490 Network Security
secretkey
publickey
P1
publickey
serveryour host
S1
P1
Digital Certificate
• Expected procedure in the asymmetric public-key cryptography
Certificate/004
CS 590/490 Network Security
P1
serveryour host
S1
P1
S2
P2
• IP-Spoofing
• M-in-M
P2
You got a wrongpublic key
You believe you got thepublic key of this server
Digital Certificate
• What can happen to the asymmetric public-key cryptography
Certificate/005
Router
The actual format of a certificate is defined by ITUT X.509 Certificate Format
CS 590/490 Network SecurityDigital Certificate
- Your name (or name of your organization)
What information is in a certificate?
- Network ID (IP address in the Internet) - Your e-mail address and URL (for your web site)
- Geographical location of your organization (or your host)
• Your public key
• Information about the CA who issued this certificate
• Information about you (or your organization)
• Digital signature by the CA who issued this certificate
Certificate/006
CertificateAuthority
CS 590/490 Network SecurityMerchant’shost (server)
Client’shost (browser)
CA creates a certificate for this merchant
S1
P1
Digital Certificate
S2
P2P2
HASH
CA encrypts this certificate using its PRIVATE key
Encrypt
CA issues (transmits) this certificates to the merchant
The merchant sends its certificate to you
HASH
Compare
P2
P1
Decrypt
(hash) digestof the server’scertificate
A client contacts this merchant for business
A
Digital Signatureof this CA
Extracted DigitalSignature of the CA
Re-Constructed DigitalSignature of the CA
Initiate the hybridencryption with
this server
Request for issuing a certificate for this merchant (must pay $$$)
P2P2P2
Certificate/007
Digital Certificate
Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: md5WithRSAEncryption Issuer: C=JP, ST=Aichi-Ken, L=Nagoya, O=NIT, OU=TEST depth, CN=ailab second cert/[email protected] Validity Not Before: Sep 22 05:31:34 1998 GMT Not After : Sep 22 05:31:34 1999 GMT Subject: C=JP, ST=Aichi-Ken, O=nitech.ac.jp, OU=ailab, CN=test7.second/Email=7.second@mars Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (512 bit) Modulus (512 bit): 00:bd:06:2b:bc:35:55:0b:d7:c4:d6:09:a5:b7:5c: 57:2a:0a:e5:7d:8c:2e:ed:8f:df:c3:ca:37:63:bb: ae:b1:ac:94:54:40:da:7b:71:16:ff:e7:68:5e:00: 49:54:43:70:b7:a1:35:0a:e3:53:4d:4c:86:d2:90: e8:18:39:55:2b Exponent: 65537 (0x10001) X509v3 extensions: Netscape CA Revocation URL: .#http://www.cryptsoft.com/ca-crl.pem Netscape Comment: ..This is a comment Netscape Cert Type: ...@ Signature Algorithm: md5WithRSAEncryption e7:04:71:f0:9a:d5:da:5e:50:c5:13:20:97:8c:ff:69:fa:18: 2a:9d:b8:75:22:d7:f4:d5:87:4a:7c:c4:3a:7f:b7:72:0f:a3: f3:f4:82:60:8e:e0:f8:10:36:9f:d9:a8:c3:b2:83:50:3d:dd: 5c:b8:29:b7:79:49:03:13:6d:83
Declare the beginning of a certificate
ITU-T X.509 Version 3 certificate format
Unique Certificate Serial #
Which hash and encryption are used for the signature
Name of the CA who issued this certificate
Name of the server this certificate is issued to
This is the public-key information for the server!
This is the digital signature signedby this CA (not by this server)
Encryption algorithm you need to usewhen you talk to this server
CS 590/490 Network Security
Certificate/008
CertificateAuthority
CS 590/490 Network SecurityMerchant’shost (server)
Client’shost (browser)
S1
P1
S2
P2
CA issues (transmits) this certificates to the merchant
P1
Request for issuing a certificate for this merchant (must pay $$$)
P2P2P2
How can you be sure thatthis CA is a legitimate CA?
When (or how) did you getthe public-key of this CA?
Digital Certificate
If you are going to getthe public-key throughthe network, how you
are sure this key is fromthe CA?
Certificate/009
CS 590/490 Network Security
CertificateAuthority
Merchant’shost (server)
S2
P2
Request for issuing a certificate for this merchant (must pay $$$)
P2P2P2
Digital Certificate
This is the certificatefor this merchant
Certificate forthis CA
CA’s use certificate to issue certificate to merchant
• Merchants confirm identify of the CA’s using the CA’s certificate when merchants request the CA’s to issue the merchant’s certificate!
Certificate/010
CertificateAuthority
CS 590/490 Network Security
Merchant’shost (server)
S2
P2
Certificate forthis CA Request for the certificate issued
to this CA
This CA sends its certificate to this merchant
P2P2P2
This is the certificatefor this merchant
HASH
CompareDecrypt
Extracted DigitalSignature of the CA
Re-Constructed DigitalSignature of the CA
P
We need the publickey for this decryption
S
P
Digital Certificate
You can (should) not getthe public-key from this CA
Certificate/011
CertificateAuthority
CS 590/490 Network Security
Merchant’shost (server)
S1
P1
S2
P2
Request for the certificate issued
to this CA
This CA sends its certificate to this merchant
P2P2P2
This is the certificatefor this merchant
HASH
CompareDecrypt
Extracted DigitalSignature of the CA
Re-Constructed DigitalSignature of the CA
AnotherCertificateAuthority
S3
P3
P3
P3
How can this merchantbe sure that P3 is from Y?
X
Y
AnotherCertificateAuthority
AnotherCertificateAuthority
AnotherCertificateAuthority
CA X requests Y to issue a certificate for X!
Certificate forthis CA
Certificate/012
CertificateAuthorityCertificateAuthorityCertificateAuthority
R
CS 590/490 Network Security
CertificateAuthorityCertificateAuthorityCertificateAuthority
Merchant’shost (server)
Root CA
The CA who does not have the parent CA
Digital Certificate
(a) Your browser must have the pre-installed certificate of the root CA
(b) If your browser does not have the certificate of the root CA, you must make your own decision of you accept (trust) the certificate of not
S3
P3
S3S3S3
P3P3
P3P3
P4P4P4
P4P4P4
P5P5P5
P5P5P5
S6
P6
S6S6S6
P6P6P6
P6P6P6
P6P6P6
P3P3
X
CertificateAuthorityCertificateAuthorityCertificateAuthority
Y
CertificateAuthorityCertificateAuthorityCertificateAuthority
Z
S5
P5
S5S5
P5P5P5
S4
P4
S4S4
P4P4P4
Certificate/013
This implies that your browser (or your local host)does not have the pre-installed certificate for this site
and you have to decide if you trust this site or not
CS 590/490 Network Security
Certificate/014
CS 590/490 Network Security
Certificate/015
Pressing this “OK” means youdecided to trust this un-recognizedcertificate (because your browser
does not have any information for it)
CS 590/490 Network Security
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
Root CADigital Certificate
a chainof trust
Certificate/016
a new certificatearrives
find the CA who issuedthis new certificate
Do I have thepublic-key of
this CA?
NO
decrypt the encryptedsignature of this certificate
calculate themessage digest
of this certificate
the decryptedsignature anddigest match?
YES
check the validdate of the certificate
certificateeffective?
unsuccessfulauthentication
NO
extract the public-key for a merchant(or next lower CA)
YES
YES
NO
Start hybrid encryption
• If this is the certificate for a merchant
• This is the certificate for a CA
Decrypt the digitalsignature of the lowerCA using the public-key
CS 590/490 Network Security
Certificate/017
a new certificatearrives
find the CA who issuedthis new certificate
Do I have thepublic-key of
this CA?
YES
NO
unsuccessfulauthentication
YES
NO
Is this aroot CA?
NO
Request the certificate(public-key) of this CA
accept the public-keyin the certificate
(to the next slide)
CS 590/490 Network Security
Do you trust this certificate?
Certificate/018
NO
decrypt the encryptedsignature of this certificate
calculate themessage digest
of this certificate
the decryptedsignature anddigest match?
YES
check the validdate of the certificate
certificateeffective?
NO
extract the public-key for a merchant(or next lower CA)
YES
• If this is the certificate for a merchant
Start hybrid encryption
• This is the certificate for a CA
Decrypt the digitalsignature of the lowerCA using the public-key
unsuccessfulauthentication
CS 590/490 Network Security
The onlydifference
Certificate/019
CS 590/490 Network Security
Certificate/020
“issued to” and “issued by” are all same
“issued to” and “issued by” are different
For root CA’s
For non-root CA’s
CertificateAuthority
CS 590/490 Network Security
Client’shost (browser)
S1
P1
P1
Digital Certificate
Pi
Pk
When (or how) did you getthe public-key of this CA?
If you are going to getthe public-key throughthe network, how you
are sure this key is fromthe CA?
CertificateAuthorityCertificateAuthorityCertificateAuthority
Y
X
CertificateAuthorityCertificateAuthorityCertificateAuthority
Z
CertificateAuthorityCertificateAuthorityCertificateAuthority
PN
Root CAR
Certificate of X
Merchant’s certificate
PiPi
P1P1P1
Certificate/021
Your browser shouldhave the certificate forall the major root-CA’s
Digital Certificate
Certificate Authority (CA)
Public CA
Private CA
• The CA’s approved by the government
- Root CA’s
- The certificates of many of the root CA’s are pre-installed in client browsers
• CA’s certified by a root CA
• The CA’s that do not belong to either of the two categories in the above
CS 590/490 Network Security
Certificate/022
Digital Certificate
Internet
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CertificateAuthorityCertificateAuthorityCertificateAuthority
CA’s in the Internetshould be public CA’s
gatewayrouter
edge router
Client hostswithin a local
network domain
Application server
internalmasquerader
CertificateAuthorityCertificateAuthorityCertificateAuthority
Your localnetwork domain
CS 590/490 Network Security
Certificate/023