november 1, 2006sarah wahl / graduate student uccs1 public key infrastructure by sarah wahl

November 1, 2006 Sarah Wahl / Graduate Student UCCS

1

Public Key InfrastructurePublic Key Infrastructure

By

Sarah Wahl


2

What is PKI?What is PKI?

• An arrangement that provides for trusted third party vetting of, and vouching for, user identities

• PKI consists of client software, server software such as a certificate authority, hardware (e.g., smart cards) and operational procedures


3

Public Key…Public Key…

• Public key encryption — keeping a message secret from anyone that does not possess a specific private key.

• Public key digital signature — allowing anyone to verify that a message was created with a specific private key.

• Key agreement — generally, allowing two parties that may not initially share a secret key to agree on one.


4

Public Key Encryption Public Key Encryption

• On a high level, a user signs his message with his private key, and when the message gets to the other side the end user decrypts the message using the public key, which is published by the Certificate Authority.


5

KeysKeys


6

Keys ContinuedKeys Continued

• Like a mail slot. Anyone can put a message in the slot, but only owner can access the messages.

• Public Key• The published key. (Where the mail slot is

located)

• Private Key• The secret key (The owner’s key that can

unlock the mail slot)


7

Identity CertificatesIdentity Certificates

• A certificate which uses a digital signature to bind together a public key with an identity

• Identity being information on the user- name, organization etc.


8

Certificate AuthoritiesCertificate Authorities

• Verify an applicant's credentials, so that users (relying parties) can trust the information in the CA's certificates

• This is essential to the PKI scheme, if the CA is compromised then their signed certificates can’t be trusted.


9

Certificate Authorities Cont.Certificate Authorities Cont.

• It is not always possible to reach back to the original Certificate Authority.

• Key Chain, or Certificate Authority Chain.

• Allows a user to get a certificate from another source.

• Certificate Authority delegates authority to others.


10

CertificatesCertificates

• Self-Signed• Certificate signed by certificate’s author

• Root Certificate• an unsigned public key certificate

• Authorization Certificates• (also known as an attribute certificate) digitally

written permission from the issuer to use a service or a resource that the issuer controls or has access to use


11

Classes of CertificatesClasses of Certificates

• Class 1 for individuals, intended for email

• Class 2 for organizations, for which proof of identity is required

• Class 3 for servers and software signing, for which independent verification and checking of identity and authority is done by the issuing certificate authority (CA).


12

Digital SignaturesDigital Signatures

• Can be used as a broad term encompassing message authentication codes, file integrity hashes and digital pen pad devices.

• For this discussion a digital signatures is a term to mean cryptographically based signature assurance scheme

• Used like a notary endorsement


13

Is it a Valid Certificate?Is it a Valid Certificate?

• Check the certificate revocation list (CRL)

• This is a list of certificates that are no longer valid.

• This list is published by 3rd parties (CA).


14

OCSPOCSP

• Online Certificate Status Protocol

• An Internet protocol used for obtaining the revocation status of an X.509 digital certificate.

• It is described in RFC 2560 and is on the Internet standards track. It was created as an alternative to CRLs


15

X.509 CertificateX.509 Certificate

• A certificate typically includes:• The public key being signed.• A name, which can refer to a person,

a computer or an organization.• A validity period.• The location (URL) of a revocation

center.• The digital signature of the certificate,

produced by the CA's private key.


16

The Future of PKI: ECCThe Future of PKI: ECC

• First, the fact that the security and practicality of a given asymmetric cryptosystems relies upon the difference in difficulty between doing a given operation and its inverse.


17

Elliptical Curve CryptographyElliptical Curve Cryptography

• Second, the fact that the difference in difficulty between the forward and the inverse operation in a given system is a function of the key length in use, due to the fact that the difficulty of the forward and the inverse operations increase as very different functions of the key length; the inverse operations get harder faster.


18

ECC ContinuedECC Continued

• Third, the fact that as you are forced to use longer key lengths to adjust to the greater processing power now available to attack the cryptosystem, even the 'legitimate' forward operations get harder, and require greater resources (chip space and/or processor time), though by a lesser degree than do the inverse operations.


19

Comparison of AlgorithmsComparison of Algorithms

• The difficulty of the forward and inverse operations is at the centre of asymmetric schemes.

• RSA, it's integer multiplication (forward) and factorization (inverse)

• Diffie Hellman it's discrete exponentiation (forward) and log (inverse).

• ECC it's point multiplication (forward) and the elliptic curve discrete logarithm problem (inverse).


20

Key SizesKey Sizes


21

ECDSA vs. RSA (ms)ECDSA vs. RSA (ms)


22

How ECC WorksHow ECC Works

• The way that the elliptic curve operations are defined is what gives ECC its higher security at smaller key sizes.

• An elliptic curve is defined in a standard, two dimensional x,y Cartesian coordinate system by an equation of the form:

• y2 = x3 + ax + b


23

Elliptical Curve ExampleElliptical Curve Example


24

How ECC Works Continued How ECC Works Continued

• Point multiplication is simply calculating kP, where k is an integer and P is a point on the elliptic curve defined in the prime field.

• This is the operation which is the key to the use of elliptic curves for asymmetric cryptography — the critical operation which is itself fairly simple, but whose inverse is very difficult.


25

The dominant operation in ECC cryptographic schemes is point multiplication.

The dominant operation in ECC cryptographic schemes is point multiplication.


26

Why Use ECC?Why Use ECC?

• It’s More Secure!

• It’s Much Faster!!


27

ConclusionConclusion

• PKI is an ever changing infrastructure.

• There are new software algorithms being developed.

• Different methods for interacting with the Certificate Authority.


28

QuestionsQuestions

• Any Questions or Comments?


29

ResourcesResources

http://en.wikipedia.org/wiki/Public_key_infrastructure

http://www.deviceforge.com/articles/AT4234154468.html

http://csrc.nist.gov/pki

http://homes.esat.kuleuven.be/~fvercaut/talks/HECC.pdf

november 1, 2006sarah wahl / graduate student uccs1 public key infrastructure by sarah wahl

Documents

sarah wahl slide

secret key

key chain

published key

owners key

key agreement

specific private key

public key digital signature