Number of relevant issues



Similar documents
Cryptography and Network Security Chapter 15

Key Management and Distribution

Key Management and Distribution

PKI: Public Key Infrastructure

Chapter 6 Electronic Mail Security

Asymmetric cryptosystems fundamental problem: authentication of public keys

Network Security Essentials Chapter 7

Introduction to Network Security Key Management and Distribution

Electronic Mail Security. Security. is one of the most widely used and regarded network services currently message contents are not secure

Part III-a. Universität Klagenfurt - IWAS Multimedia Kommunikation (VK) M. Euchner; Mai Siemens AG 2001, ICN M NT

Digital Certificates (Public Key Infrastructure) Reshma Afshar Indiana State University

Ciphermail S/MIME Setup Guide

Authentication Applications

Cryptography and Network Security Chapter 14. Key Distribution. Key Management and Distribution. Key Distribution Task 4/19/2010

User Guide Supplement. S/MIME Support Package for BlackBerry Smartphones BlackBerry Pearl 8100 Series

PGP from: Cryptography and Network Security

Cryptography and Network Security Chapter 14

UNDERSTANDING PKI: CONCEPTS, STANDARDS, AND DEPLOYMENT CONSIDERATIONS, 2ND EDITION

Brocade Engineering. PKI Tutorial. Jim Kleinsteiber. February 6, Page 1

Public Key Infrastructure. A Brief Overview by Tim Sigmon

CSE543 - Introduction to Computer and Network Security. Module: Public Key Infrastructure

Certificates. Noah Zani, Tim Strasser, Andrés Baumeler

Djigzo S/MIME setup guide

Lecture slides by Lawrie Brown for Cryptography and Network Security, 5/e, by William Stallings, Chapter 14 Key Management and Distribution.

CERTIFICATION PRACTICE STATEMENT UPDATE

Grid Computing - X.509

How To Make A Trustless Certificate Authority Secure

CALIFORNIA SOFTWARE LABS

associate professor BME Híradástechnikai Tanszék Lab of Cryptography and System Security (CrySyS)

Purpose of PKI PUBLIC KEY INFRASTRUCTURE (PKI) Terminology in PKIs. Chain of Certificates

OFFICE OF THE CONTROLLER OF CERTIFICATION AUTHORITIES TECHNICAL REQUIREMENTS FOR AUDIT OF CERTIFICATION AUTHORITIES

HIPAA Security Regulations: Assessing Vendor Capabilities and Negotiating Agreements re: PKI and Security

Lecture 13. Public Key Distribution (certification) PK-based Needham-Schroeder TTP. 3. [N a, A] PKb 6. [N a, N b ] PKa. 7.

Security Yokogawa Users Group Conference & Exhibition Copyright Yokogawa Electric Corporation Sept. 9-11, 2014 Houston, TX - 1 -

Dr. Cunsheng DING HKUST, Hong Kong. Security Protocols. Security Protocols. Cunsheng Ding, HKUST COMP685C

How To Understand And Understand The Security Of A Key Infrastructure

HKUST CA. Certification Practice Statement

Chapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1

Certification Authority. The X.509 standard, PKI and electronic documents. X.509 certificates. X.509 version 3. Critical extensions.

Copyright The McGraw-Hill Companies, Inc. Permission required for reproduction or display. 15.1

Security Digital Certificate Manager

Security Digital Certificate Manager

Introduction to Cryptography

Module 7 Security CS655! 7-1!

DIMACS Security & Cryptography Crash Course, Day 2 Public Key Infrastructure (PKI)

Public-Key Infrastructure

encryption keys, signing keys are not archived, reducing exposure to unauthorized access to the private key.

Lecture VII : Public Key Infrastructure (PKI)

KEY DISTRIBUTION: PKI and SESSION-KEY EXCHANGE. Mihir Bellare UCSD 1

National Certification Authority Framework in Sri Lanka

IT Networks & Security CERT Luncheon Series: Cryptography

Authentication applications Kerberos X.509 Authentication services E mail security IP security Web security

Certificate Policy for. SSL Client & S/MIME Certificates

Understanding digital certificates

Biometrics, Tokens, & Public Key Certificates

Network Security. Gaurav Naik Gus Anderson. College of Engineering. Drexel University, Philadelphia, PA. Drexel University. College of Engineering

Public Key Infrastructure

Certificate Policy and Certification Practice Statement CNRS/CNRS-Projets/Datagrid-fr

CS 392/681 - Computer Security

Securing Service Access with Digital Certificates

Electronic Signature. István Zsolt BERTA Public Key Cryptographic Primi4ves

Ericsson Group Certificate Value Statement

Public Key Infrastructure (PKI)

Certificate Management. PAN-OS Administrator s Guide. Version 7.0

Certificate technology on Pulse Secure Access

Digital Signature Verification using Historic Data

Security Policy Revision Date: 23 April 2009

An LDAP/X.500 based distributed PGP Keyserver

Overview of CSS SSL. SSL Cryptography Overview CHAPTER

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Ford Motor Company CA Certification Practice Statement

Digital Certificates Demystified

CS549: Cryptography and Network Security

Key Management. CSC 490 Special Topics Computer and Network Security. Dr. Xiao Qin. Auburn University

Forging Digital Signatures

Operating a CSP in Switzerland or Playing in the champions league of IT Security

Certum QCA PKI Disclosure Statement

DigiCert Certification Practice Statement

NIST Test Personal Identity Verification (PIV) Cards

Computer and Network Security. Outline

Public Key Cryptography in Practice. c Eli Biham - May 3, Public Key Cryptography in Practice (13)

A Noval Approach for S/MIME

PUBLIC-KEY CERTIFICATES

Certification Practice Statement

TELSTRA RSS CA Subscriber Agreement (SA)

- X.509 PKI SECURITY GATEWAY. Certificate Policy (CP) & Certification Practice Statement (CPS) Edition 1.1

Advantage Security Certification Practice Statement

A Guide to Secure

CSC/ECE 574 Computer and Network Security. What Is PKI. Certification Authorities (CA)

Certificate technology on Junos Pulse Secure Access

Configuring Digital Certificates

TR-GRID CERTIFICATION AUTHORITY

THE RSA ROOT SIGNING SERVICE Certification Practice Statement For RSA Certificate Authorities (CAs) Published By: RSA Security Inc.

Reducing Certificate Revocation Cost using NPKI

CSC574 - Computer and Network Security Module: Public Key Infrastructure

Security. Issues:

Using etoken for SSL Web Authentication. SSL V3.0 Overview

Design of one trust center

Electronic Mail Security

CS 356 Lecture 28 Internet Authentication. Spring 2013

Transcription:

Electronic signature Lecture 8 Number of relevant issues cryptography itself algorithms for signing documents key management generating keys, distribution, key revocation security policy certificates may contain special attributes that are not standardised administrative security how to access CA private keys physical security central computer must be in a very secure place archiving documents, certificates, revocation lists, legal status of the signatures 1

Electronic v Digital Signature the distinction comes from existing European law electronic signature any information identifying sender of a message, e.g. signatures (text strings) as we know them from emails digital signature signature based on cryptography, satisfying several security properties, e.g. unforgebility Analogy to Hand-written Signatures Notion hand-written signature digital signature message paper with writing electronic data signature scribble written message based on public key by hand cryptography + msg itself device for brain capability, private key signing practice, hand skills device for knowledge, experience, public key certificate verifying vision/eye, signature card 2

Public Key Infrastructures complex technologies covering key management problems related to digital signatures first OTS products appeared in nineties high price no applications very hard to sell in first years currently dozens of PKI solutions Entrust, Verisign, RSA, IBM, Czech Republic 1.CA run by PVT, most of the banks is running own PKI Several Standards X.509 hierarchical structure hard to penetrate, if it happened, it would be massive PGP each user creates a domain of trust easier to get inside the system SPKI/SDSI names are unique only in a certain context more intuitive handling of names 3

X.509 Systems PKCS X.509 RFC S/MIME P1363 proprietary RSA FIPS ANSI Cryptographic Message Syntax encrypted and signed messages PKCS#7 S/MIME draft RFC 2630 Standard EU Standards according to areas PKI - X.509, PKCS#10, #12 (#6, #9) electronic mail - CMS, S/MIME drafts algorithm - PKCS#1, P1363, FIPS, ANSI communication protocols - X.509, SSL, RFC,... 4

Design evolution idealistic assumptions there is a central CA, trusted by everyone PEM, X.509 one CA => one policy, certificates do not contain any policies realisation - central CA will never be PKCS #6, X.509v2, 3 creation of a homogenous system - PKI is quite a bite new standards around X.509 establishment of national PKI schemes Current state fragmentation => incompleteness, redundancy X.509, PKCS #10 missing requests for revocation, certificate request is only for RSA, there are not assumed different purposes for keys (e.g. signing, encryption) Unified model based on certificate request (CRMF) allowing all current security properties definition of a complete set of messages for PKI management new concepts and their support by new protocols 5

What are the problems implementations of even basic standards are incomplete MS monopoly => common user cannot professionally (securely) use certificates absurd customer requirements for MS compatibility (money talks) Example certificate import simple!?? pointless number of formats (names?) - DER, BER, 509, p7c,... binary and with based64, eventually with various other data Certificate request 1/2 PKI message PKI header PKI body Protection Extra certificates version sender recipient despatch time protection alg transaction no. sender nonce recipient nonce 6

Certificate request 2/2 signing CertReq ID data to be signed algorithm ID signature certificate request proof of possesion Register info certificate template Controls Signed message content type content version client identification alg. characteristics attributes signature algorithm signature version alg. characteristics nested content set of certificates set of CRL info of signatories 7

PKI high level view CA root CA 11 CA 12 CA 21 CA 22 CA 23 CA 31 Certification tree diagram Certification authority certificate repositories Diagram PKI of CA 11 Repository LDAP CA 11 Repository WWW : RA 1 RA 2... RA n Repository k certificate owners PKI clients 8

Uptime Signatures CA hierarchy - example...... E-mail users Uptime root cert Uptime Certificates servers Barclays... customers Visa Int l Visa UK county council... Peter, Juraj NatWest... customers vet inspection... surgeons Cross certification CA 11 CA 12 CA 21 CA 22 CA 23 CA 31 cross certification 9

Certificate types hierarchical root CA certificate certificates for signing Web Server certificates user certificates root cert. CA signing certificates certificate chains server certificates client certificates certificate obtained from a server 10

is it in our local database??? Certificate validity explicit statement valid from valid to (e.g. 050814132432) we can revoke a certificate if needed we tell CA the certificate is not valid any more! original X.509 list of revoked certificates - CRL 11

Key/certificate verification conservative: key/certificate is valid only when a solid proof is introduced real-time confirmation from CA useful for disputes, fast transactions Online Certificate Status Protocol OCSP liberal: key/certificate is valid until revocation is demonstrated CRL list of revoked certificates Revocation is a problem of utmost importance!!! X.509 problems complexity! technology certificate revocation implicit assumption certificate is valid how to detect disclosure of private keys time delay after certificate revocation time delay for distribution of CRLs amount of data periodically distributed by CA secure devices secure HW providing crypto and verification of certificate validity/limits of its usage problems related to principles, PKI and X.509 is built on administration usage and running of a PKI system can be very general security privacy the technology breaches some general security properties/requirements 12

X.509 problems - registration existing conflicts one key of CA v dozens keys of registration authorities (RA) RA security is not equal to that of CA (costs and management) a clerk is responsible for registration process registration requirements are higher than those for police identification RA security is less important than security of CA just a stupid attacker (or a weird one) would targeted the whole PKI structure Some issues we haven t touched (notary) time-stamps archiving signed documents short term long term legal disputes 13

Case study bank clients authentication typical authentication 1:n (n clients authenticating towards a bank) Solution 1 authentication calculator for each client allows secure authentication of bank transactions just symmetric crypto used simple scheme and relatively easy implementation Solution 2 using certificates a couple of bank visits (usually 2-3) symmetric, as well as asymmetric crypto needed just SW implementation implies lower security of authentication scheme Different case n:n or n:m authentication there is no single centre quite complicated key management if symmetric algorithms used see VISA system PKI may solve the problem if there is a centre with limited availability transactions take their time 14

what about private key when it is lost? when it is compromised? when one changes employer? when it is deposited/stored by a third party? when it is claimed by a court? when one is out-of-office? when where to go: technology using blacklist (CRL) is (should be) obsolete certification chains, cross certification will never fully meet expectations we do need certificates but information about actual status of the key! Internet browser security is more than doubtful 15

where to go: legislation electronic signature laws are hasty it is not always (in most cases) needed and a bad law causes more problems than solves => next lecture 16

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information