Transcript Slide 1

Public Key Infrastructure
Today’s subject - PKI is the answer
Answer ??
For what
and why
4th October 2008
CPE Meet - K S Sesha Prakash
1
Public Key Infrastructure
This session is
Functionally orientated than technical.
Shows why a PKI is needed
Will give a glimpse of PKI structure in India.
My exposure to PKI is from the audits I have conducted
on one of the CA’s and several RA’s across India.
The subject has fascinated me ever since.
I have borrowed information from the sites of CCA, RCAI, IDRBT, WIKIPEDIA
and many other web-sites.
I acknowledge their copyrights to some of the information reproduced here.
4th October 2008
CPE Meet - K S Sesha Prakash
2
Public Key Infrastructure
Cryptography is the root cause for the structure of PKI.
PKI’s have their origins to fulfill the need
• how to share a secret between two &
MORE so between groups without compromise
• how to believe that the information originates from the
very person claiming to have sent it
4th October 2008
CPE Meet - K S Sesha Prakash
3
Public Key Infrastructure
The Paper World
•
•
•
•
•
•
•
A paper document consists of four components
the carrier ( the sheet of paper)
text and pictures ( the physical representation of information)
information about the originator
measures to verify the authenticity (handwriting / written signature)
All the four components are physically connected
So, paper is the document
There is only one original
can be reproduced in innumerable copies
Signature
Supposed to be unique, difficult to be reproduced, not changeable and not
reusable
Its main functions
identification
declaration
proof
The signature is used to identify a person and to associate the person with
the content of that document always relates to a physical person
4th October 2008
CPE Meet - K S Sesha Prakash
4
Public Key Infrastructure
Electronic World
•
Electronic document produced by a computer, is stored in digital form, and
cannot be perceived without using a computer
It can be deleted, modified and rewritten without leaving a mark or trail
Integrity of an electronic document is “genetically” impossible to verify
A copy is indistinguishable from the original
It can’t be sealed in the traditional way, where the author affixes his
signature
•
The functions of identification, declaration, proof of electronic documents
carried out using a digital signature based on cryptography.
4th October 2008
CPE Meet - K S Sesha Prakash
5
Public Key Infrastructure
To Understand, we need to know certain words and their means before proceeding
Plain text
Cipher text
Encryption
Decryption
Algorithm
Key
Key exchange
Symmetric Key
Asymmetric key
Message digest / Hash
Digital Signature
Electronic Signature
Electronic Document
4th October 2008
CPE Meet - K S Sesha Prakash
6
Public Key Infrastructure
Plain text is just plain text
Cipher text is garbled text, which prima facie one will not be able to read / understand
Process of converting the plain text to cipher text is ENCRYPTION
The reverse process is DECRYPTION
If software does the encryption or decryption,
the method adopted is algorithm
Key is the actual secret which can unravel the encryption
4th October 2008
CPE Meet - K S Sesha Prakash
7
Public Key Infrastructure
A Symmetric Key, the same key (or Secret Key) can encrypt
or decrypt the message – Symmetric cryptography
An asymmetric key on the other hand is a pair. One key encrypts and
the other decrypts. The same key cannot encrypt and decrypt.
To distinguish the keys the terminology used is the Private Key and Public Key.
The Private Key is held secret by the owner and the Public Key is distributed.
– Who distributes?
4th October 2008
CPE Meet - K S Sesha Prakash
8
Public Key Infrastructure
A hash or a message digest is a one way hash – it is of fixed length.
It is a unique value for a given data. Any difference would result in a
different value & give the same value every time it is recomputed for
the same data. It cannot be reversed in the sense that you cannot
deduce the original content – hence one way.
The message length is not the criterion.
Hash algorithms return only a fixed length.
The hash value changes even if there is a small change in the content
and returns the same value every time it is recomputed.
This assures message INTEGRITY
4th October 2008
CPE Meet - K S Sesha Prakash
9
Public Key Infrastructure
Large volume messages or data is normally encrypted by Symmetric
Cryptography and DES (Data Encryption Standard) or Triple DES or
AES (Advanced Encryption Standard).
You have a key (symmetric key) which works both ways here.
This Ensures CONFIDENTIALITY
This Symmetric Key is to be a secret between two person only. If is
More it becomes difficult to pin down a message to a single person.
Hence each pair should have one key. If the community is large?
No. of Keys required is - No. of people N*(N-1) / 2 Keys
2 persons – 1 Key : 3 persons – 3*(3-1) / 2 ie., 4 Keys
10 persons – 10*(10-1) / 2 ie., 45 Keys
1000 persons – 1000*(1000-1) / 2 ie., 4,99,500 Keys
How to distribute these key? & How will you remember whose key is to be applied
to which message
More so, if the parties are geographically far apart and instantly (internet)
Possibility of interchange and therefore key compromise
4th October 2008
CPE Meet - K S Sesha Prakash
10
Public Key Infrastructure
Large volumes of either data or text messages cannot be viably done by
asymmetric cryptography due to requirement of large computing resources.
Hence, it is commercially used for small amount of data or text.
Now you have a pair of keys, one a private key & the other a public key.
-----BEGIN RSA PRIVATE KEY----MIIBOwIBAAJBAL2wXgtEGWTa/AwoSd9sdMULcaTBDxXvQbZPedno8AbpcaZNIkSU
4aq/rGQZzwM8wnUTwQSvfRrLwTKsS0X7xQkCAwEAAQJAMUkV5k93WaEcQ/xj1U1U
ua3ThT80MDrOFBRqUJgZZXHnlCt7/e72eeXmVZD6Brm9HRLCcMNbwdWXM5omNvsX
EQIhAOc/xbqqByFgmFIKfl7MiZ5iJTu+XXDYvSTN+8v4et2rAiEA0f3Yhqw/3lhH
s+ajFO5rZpo9fJ9Li5vR+l5LcOnHLBsCIQC5I2h1kqzUvxYUEMytrwm64Q64Lyd2
Mj/0GGmwGoabswIgP6NTPDT1Qhe02yM5Jv2+FKEHoz3PMibtspdi+3wNfSMCIQDP
LH8G7XRMAthvEGPfO9ojqj84/FuHkpMs4OOi32Jwtg==
-----END RSA PRIVATE KEY---------BEGIN PUBLIC KEY----MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBAL2wXgtEGWTa/AwoSd9sdMULcaTBDxXv
QbZPedno8AbpcaZNIkSU4aq/rGQZzwM8wnUTwQSvfRrLwTKsS0X7xQkCAwEAAQ==
-----END PUBLIC KEY-----
The Private Key is held secret by the owner and the Public Key is distributed
This ensures NON REPUDIATION. The private key should always be a secret.
So now it is possible to send the public key with encrypted message over
unsecured channels also.
4th October 2008
CPE Meet - K S Sesha Prakash
11
Public Key Infrastructure
Digital signature is the message hash and Symmetric key of the message
– both are encrypted and signed by the private key.
A digital signature is not unique to an individual. It is unique to a message
Ex. Of digital signatures of same person on different documents is as under
I agree
efcc61c1c03db8d8ea8569545c073c814a0ed755
My place of birth is at Gwalior.
fe1188eecd44ee23e13c4b6655edc8cd5cdb6f25
I am 62 years old.
0e6d7d56c4520756f59235b6ae981cdb5f9820a0
I am an Engineer.
ea0ae29b3b2c20fc018aaca45c3746a057b893e7
I am a Engineer.
01f1d8abd9c2e6130870842055d97d315dff1ea3
As against the digital signature an Electronic or digitized signature described by
many court rulings is the actual signature which can be scanned and reproduced
4th October 2008
CPE Meet - K S Sesha Prakash
12
Public Key Infrastructure
To summarize :
When a message is sent or received, we need to ensure the following:
Data integrity – is about data not changed since the time it was sent by the
originator and received by the recipient - Hash / Message hash addresses
this.
Confidentiality – Encryption (preferably Symmetric Cryptography) addresses
this as only the recipient can decrypt the message/data. We assume that the
key is available only with both the originator and the recipient.
Non-repudiation – The key pair (Public and Private ie., Asymmetric
Cryptography) addresses this. Only the originator can encrypt the
message / data with his private key
4th October 2008
CPE Meet - K S Sesha Prakash
13
Public Key Infrastructure
Identification and authentication – In a small community this is easily
addressed through out of band channels.
However, within the global community, this becomes difficult.
Key Transport / Key distribution – as above, possible in a small
community
and not in a global community.
In global communities, how to ensure the originator is genuine ie., whom to trust?
PKI will address these issues.
4th October 2008
CPE Meet - K S Sesha Prakash
14
Public Key Infrastructure
Information Technology Act
• IT Act 2000 : Basic legal framework for E-Commerce - promotes trust
in electronic environment – gazetted on 9th June 2000
• IT Act creates a conducive environment for promoting E-Commerce in
the country.
Acceptance of electronic documents as evidence in a court of law.
Acceptance of electronic signatures at par with handwritten
signatures
Acceptance of electronic documents by the government.
Defines digital signatures based on asymmetric public key
cryptography
Provides for the creation of Certifying Authorities to issue public key
certificates – digital certificates for electronic authentication of
users in electronic commerce.
4th October 2008
CPE Meet - K S Sesha Prakash
15
Public Key Infrastructure
The Controller of Certifying Authorities (CCA)
• Appointed by the Central Government under section 17 of the IT Act.
• Came into existence on November 1, 2000.
• Aims at promoting the growth of E-Commerce and E-Governance
through the wide use of digital signatures.
4th October 2008
CPE Meet - K S Sesha Prakash
16
Public Key Infrastructure
Trust in Electronic Environment in India
• Controller of Certification Authorities in position : Root of trust,
National Repository
• Licensed CAs
• Digital signatures for signing documents
• Certificates, CRLs for access by relying parties
• PKI operational
• Other provisions of the IT Act – Cybercrimes not to go unpunished
4th October 2008
CPE Meet - K S Sesha Prakash
17
PKI Hierarchy in India
CCA
Directory of
Certificates
CA
CA
Directory of
Certificates
CRLs
CA
RA
Subscriber
4th October 2008
Subscriber
Relying
Party
CPE Meet - K S Sesha Prakash
Subscriber
18
Public Key Infrastructure
Seven CA’s has been licensed
• Safescrypt - A subsidiary of Satyam Infoway
• National Informatics Center (NIC) - Govt. of India
• Institute for Development & Research in Banking
Technology (IDRBT) – A society of RBI
• Tata Consultancy Services (TCS)
•MTNL
• Customs & Central Excise
• (n) Code Solutions - (A div. of Gujarat Narmada
Valley Fertilizers Co. Ltd.)
4th October 2008
CPE Meet - K S Sesha Prakash
19
PKI Standards
Public Key Cryptography
 RSA - Asymmetric Cryptosystem
 Diffie-Hellman - Asymmetric Cryptosystem
 Elliptic Curve Discrete Logarithm Cryptosystem
Digital Signature Standards
 RSA, DSA and EC Signature Algorithms
 MD5, SHA-1 - Hashing Algorithms
Directory Services (LDAP ver 3)
 X.500 for publication of Public Key Certificates and Certificate Revocation Lists
 X.509 version 3 Public Key Certificates
 X.509 version 2 Certificate Revocation Lists
PKCS family of standards for Public Key Cryptography from RSA
 PKCS#1 – PKCS#13 (Public Key Cryptography Standard)
Federal Information Processing Standards (FIPS)
 FIPS 140-1 level 3 and above for Security Requirement of Cryptographic Modules
4th October 2008
CPE Meet - K S Sesha Prakash
20
Public Key Infrastructure
Controller of Certifying Authorities as the highest authority of the
Trust structure in India.
All CA’s in India are under the Umbrella of the CCA.
The CCA is under the Ministry of Commerce.
CCA to CA is the equivalent of
Registrar of companies to Limited companies
Registrar of firm to partnerships
Registrar of societies to societies and associations
We need to know the terms
CA – Certifying Authority
RA – Registration Authority
PKI repository
CRL – Certificate Revocation List
4th October 2008
CPE Meet - K S Sesha Prakash
21
Public Key Infrastructure
• Some Trusted Agency is required which certifies the association of
an individual with the key pair.
Certifying Authority (CA)
• This association is done by issuing a certificate to the user by the
CA
Public key certificate (PKC)
• All public key certificates are digitally signed by the CA
4th October 2008
CPE Meet - K S Sesha Prakash
22
Public Key Infrastructure
Certifying Authority
• Must be widely known and trusted
• Must have well defined Identification process before
issuing the certificate
• Provides online access to all the certificates issued
• Provides online access to the list of certificates
revoked
• Displays online the license issued by the Controller
• Displays online approved Certification Practice
Statement (CPS)
• Must adhere to IT Act/Rules/Regulations and
Guidelines
4th October 2008
CPE Meet - K S Sesha Prakash
23
Public Key Infrastructure
Paper
4th October 2008
IDRBT Certificate
CPE Meet - K S Sesha Prakash
Electronic
24
Public Key Infrastructure
Public-Key Certification
User Certificate
Serial No.
User
Name &
other
credentials
Certificate
Request
User’s
Public
key
Public
Private
Key pair
Generation
4th October 2008
Public
Certificate
Database
User Name
Signed
by using
CA’s
private
key
User’s Email
Address
User’s
Public Key
Publis
h
License issued
by CCA
User 1 certificate
CA’s Name
Certificate
Class
Validity
User 2 certificate
.
Web site of CA
Digital
Signature
of CA
CPE Meet - K S Sesha Prakash
25
Public Key Infrastructure
Registration Authority
The CA has to ensure the identity of the holder of the key pair to enroll
The CA itself may have the facility to do so
The CA may hive the arm of processing the identity of a Key Pair holder to
an Registration Authority or RA
The RA in such an event follows a set of processes to identify the person
with the key pair
Only when the RA is convinced, it will request the CA to issue the Digital
Certificate for the Public key held by the applicant person.
A pictographic representation of the process
How a Digital Certificate is downloaded from the net.
4th October 2008
CPE Meet - K S Sesha Prakash
26
Public Key Infrastructure
Classes of Certificates:
Class 1 Certificate
Class 2 Certificate
Class 3 Certificate – for servers, objects and Code
Types of Certificates:
Signing certificate
Encryption certificate
Web Server Certificate
Client Certificate
Object Signing Certificate
4th October 2008
CPE Meet - K S Sesha Prakash
27
Public Key Infrastructure
PKI Architecture
Enterprise architecture
Hierarchical Infrastructure (Root CA)
Mesh infrastructure (Cross Certificate Pair)
Bride PKI architecture
Bridge CA -Principle CA
Peer CA
Subordinate CA
A Bridge CA may not be trusted by himself. You trust because your
Principle CA has issued a self signed certificate to the Bridge CA & The
Bridge CA to the Principle CA
4th October 2008
CPE Meet - K S Sesha Prakash
28
Public Key Infrastructure
PLEASE MAKE IT A POINT TO VOTE
– It is your only Weapon
- It is in your hand to make
Democracy survive
4th October 2008
CPE Meet - K S Sesha Prakash
29
Public Key Infrastructure
OPEN FORUM
– Any Question?
4th October 2008
CPE Meet - K S Sesha Prakash
30