Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Digital Certificates
Public Key Deception Digital Certificates Certificate Authorities Public Key Infrastructures (PKIs)
Moral:
Public key encryption for privacy, confidentiality, authentication, and message integrity only works if
The verifier gets the true partys public key independently of the applicant, From a trusted third party
Digital Certificates
Authenticated Party
5
Certificate Authorities
Unfortunately, certificate authorities are not regulated You must only use certificate authorities you trust Company can be its own certificate authority for internal authentication among its hardware and software systems
Hashing Algorithm
Issuer
Period of Validity
Subject
C=US ST=NY L=Albany O=OFT CN=John Doe
Message Digest
Signature of Issuer
Client Certificates
Also called a personal or browser certificate Signing certificate
Encrypting certificate
Bound to key-pair used for encryption
Certification Hierarchy
What happens if you dont recognize the CA in a certificate or it is not a trusted CA? Suppose CA has a certificate issued by trusted CA2? You may choose to trust CA if you can verify that its certificate is genuine
CA2
CAS CERTIFICATE ISSUED BY CA2
CA
CERTIFICATE HOLDER
10
10
Assert that a true party (named) has the public key contained in the digital certificate
Provides a name-public key pair Therefore prevents public key deception Fields and content are standardized by the ITUT X.509 Standard
11
Each digital certificate has its own digital signature, signed (encrypted) by the private key of the certificate authority
Provides message integrity so that an impostor cannot change the name field in the digital certificate to its own
12
Recap
A digital signature gives the public key of a named party This is needed for public key authentication, to prevent public key deception However, a digital certificate alone does NOT provide authentication
13
14
PKI
To use public key methods, an organization must establish a comprehensive Public Key Infrastructure (PKI)
A PKI automates most aspects of using public key encryption and authentication PKI Uses a PKI Server Server
15
Distributes private keys to applicants securely Often, private keys are embedded in delivered software
16
PKI Server
17
CRL Checks
If applicant gives verifier a digital certificate, The verifier must check the certificate revocation list
PKI Server
18
a type of asymmetric cryptography used to simulate the security properties of a signature in digital, rather than written, form. Digital signature schemes normally give two algorithms, one for signing which involves the user's secret or private key, and one for verifying signatures which involves the user's public key. The output of the signature process is called the "digital signature.
is
an electronic signature that can be used to authenticate the identity of the sender of a message or the signer of a document, and possibly to ensure that the original content of the message or document that has been sent is unchanged. Digital signatures are easily transportable, cannot be imitated by someone else, and can be automatically time-stamped. The ability to ensure that the original signed message arrived means that the sender cannot easily repudiate it later.
19
How it works
The use of digital signatures usually involves two processes, one performed by the signer and the other by the receiver of the digital signature: Digital signature creation uses a hash result derived from and unique to both the signed message and a given private key. For the hash result to be secure, there must be only a negligible possibility that the same digital signature could be created by the combination of any other message or private key. Digital signature verification is the process of checking the digital signature by reference to the original message and a given public key, thereby determining whether the digital signature was created for that same message using the private key that corresponds to the referenced public key.
20
20
Digital Signatures
A handwritten signature is a function of the signer only, not the message Handwritten signatures can be copied and forged The digital equivalent of a handwritten signature would be useless in e-Commerce Must be able to Compare it with the real signature; AND Must be sure it isnt copied or forged How can A prove his identity over the Internet?
21
Generate public/private key pairs Identify and authenticate key subscribers Bind public keys to subscriber by digital certificate Issue, maintain, administer, revoke, suspend, reinstate, and renew digital certificates Create and manage a public key repository
22
Major Ideas
Digital signature = hash of message encrypted with signers private key. Computationally unforgeable Digital certificate = digital identity document issued by a trusted third party. Associates a public key with a real person A digital signatures without a certificate does not prove identity The holder of a certificate must be challenged to prove he knows the correct private key Certificate authorities form trust hierarchies, with certificate paths from sender to recipient, allowing verification of the trust relationship
23
Major Ideas
MANY eCommerce applications do not require verification of identity, but only verification of authorization Digital certificates are useful when identity must be proven or when interacting with multiple parties not known in advance A long-term relationship between two parties does not require a digital certificate; a password is often (not always) sufficient ASN1. is a hidden method of specifying data formats, but used is many applications, including digital certificates
24
25
26
27
Signature Definitions
Digital Signatures
Includes simple passwords or digitized images of handwritten signatures Do not rely on cryptography Not computer-readable characters Electronic Signatures
Most full-featured and secure signature type Electronically signed documents that rely upon public key cryptography (PKC) to authenticate identity Can be encrypted for additional confidentiality
28
PKI is based upon PKC, an internationally accepted method for securing electronic communications PKC involves a pair of mathematically related keys
Very large prime numbers of 1024 characters in length Public key Distributed freely to anyone whom the public key owner wishes to communicate securely
Private Key Known only by the signer Used to sign a message that only the public key can verify
29
30
Contain
User ids Private key Who certificate belongs to When certificate expires
Storage
In a browser On a piece of hardware such as a smart card or a plug-in USB device
Fees
Users pay an annual fee based on their level of security, liability limits also vary by level of security
31