12-1©2007 Raj JainCSE571SWashington University in St. LouisPublic Key Infrastructures Public Key Infrastructures (PKI)(PKI)Raj Jain Washington University in Saint LouisSaint Louis, MO [email protected]/Video recordings of this lecture are available at:http://www.cse.wustl.edu/~jain/cse571-07/12-2©2007 Raj JainCSE571SWashington University in St. LouisOverviewOverview! PKI, X.509 and PKIX! PKI Trust Models! Object ID and X.509 Policies! X.500 ! X.509 Certificate Fields and Extensions! Authorizations, Anonymous groups, Blind Signatures12-3©2007 Raj JainCSE571SWashington University in St. LouisWhat is PKI?What is PKI?! Infrastructure to find public keys! S/MIME, PGP, SSL use asymmetric cryptography and make use of PKI! Certificate authorities! Standards for certificates12-4©2007 Raj JainCSE571SWashington University in St. LouisX.509 and PKIXX.509 and PKIX! X.509 is the ISO standard for Certificate formats! PKIX is the IETF group on PKI! PKIX adopted X.509 and a subset of its options! PKIX is a "Profile" of X.509! TLS, IPSec, SSH, HTTPS, Smartcard, EAP, CableLabs, use X.50912-5©2007 Raj JainCSE571SWashington University in St. LouisConceptsConcepts! Subject: Whose certificate is it?! Target: Whose certificate do we want?! Relying Party: Who wants to check the certificate! Verifier: Relying Party! Issuer: Who issued the certificate?! Certification Authority: Issuer! Trust Anchor: The CA that we trust! Root CA: Issuer = Self! Principal: Subject, Verifier, Issuer12-6©2007 Raj JainCSE571SWashington University in St. LouisPKI Trust ModelsPKI Trust Models! How Many CAs?" Monopoly = One" Oligarchy = Many" Anarchy = Any! How is the name space divided among CAs?" Top-Down" Bottom-Up12-7©2007 Raj JainCSE571SWashington University in St. LouisMonopoly Model: Single Root CAMonopoly Model: Single Root CA! Registrars to check identity! Delegated CAs! Issues:" Single point of failure" Whole world cannot trust just one organization" You may not want internal principals to be certified by external CACACACA12-8©2007 Raj JainCSE571SWashington University in St. LouisOligarchyOligarchy! Multiple Root CA's! Used in browsers! Can select which root CA's to trust! No Monopoly ⇒ Price efficientCACACACACACACACACA12-9©2007 Raj JainCSE571SWashington University in St. LouisOligarchy ExampleOligarchy Example12-10©2007 Raj JainCSE571SWashington University in St. LouisAnarchy ModelAnarchy Model! User driven! Used in PGP! Trust Ring, Web of Trust! Volunteer DatabasesU2U6 U3U1U5 U412-11©2007 Raj JainCSE571SWashington University in St. LouisName ConstraintsName Constraints! Which part of name space?! 1. Top Down:! 2. Bottom-Up:" Two-way certification: Parent → Child, Child → Parent" Cross links12-12©2007 Raj JainCSE571SWashington University in St. LouisRelative NamesRelative NamesH to J: ! Absolute: D/B/E/J or A/B/E/J! Relative:../../E/J⇒ No changes required if the parents change nameABCDIEFGHJKLMNO12-13©2007 Raj JainCSE571SWashington University in St. LouisOIDOID! Object Identifier! Identify objects by a universally unique sequence of numbers! Similar to what is done in SNMP to name objects12-14©2007 Raj JainCSE571SWashington University in St. LouisGlobal Naming Hierarchy [SNMP]Global Naming Hierarchy [SNMP]fddimib (73)fddi (15)dod (6)internet (1)directory (1) mgmt(2) experimental (3)private (4)mib (1)system (1) interfaces (2) transmission(10)ccitt(0) iso (1) joint-iso-ccitt (2)standard (0)iso9314 (9314)fddiMIB (1)org (3)fddi (8)12-15©2007 Raj JainCSE571SWashington University in St. LouisX.509 PoliciesX.509 Policies! Policies in X.509 are identified by OID! Company X! X.1 = Security Level! X.1.1 = Confidential! X.1.2 = Secret! X.1.3 = Public12-16©2007 Raj JainCSE571SWashington University in St. LouisX.509 RevocationsX.509 Revocations! Certificate Revocation Lists:" Too much work on the client " Too much traffic on the net⇒ Not used! On-Line Revocation Server (OLRS):" On-line Certificate Status Protocol (OCSP)" RFC 2560" Provides current information" Saves traffic on the net" Also allows chaining of OCSP responders12-17©2007 Raj JainCSE571SWashington University in St. LouisX.500X.500! Series of standards covering directory services! Similar to white/yellow pages! Directory Access Protocol (DAP) designed by ISO! Lightweight Directory Access Protocol (LDAP) designed by IETF! LDAPv3 is RFC4510! Each entry has a "Distinguished Name" and a set of attributes! Formed by combining Relative distinguished names! X.500 Example: C= US, O=WUSTL, OU=CSE, CN=Raj Jain! DNS Example: [email protected]©2007 Raj JainCSE571SWashington University in St. LouisX.509 Certificate FieldsX.509 Certificate Fields! Version: X.509 Version 1, 2, or 3! Serial Number: Certificate Serial #! Signature: Signing algorithm! Issuer:! Validity:! Subject: Issued to! Subject Public Key Info: Algorithm/parameters, and Public Key! Issuer Unique Identifier: OID of the Issuer (not used)! Subject Unique Identifier: OID of the subject (not used)! Algorithm Identifier: Signature algorithm (again)! Encrypted: Signature! Extensions: Only in Version 3. Specified by OID12-19©2007 Raj JainCSE571SWashington University in St. LouisX.509 ExtensionsX.509 Extensions! Authority Key Identifier: Serial # of CA's key! Subject Key Identifier: Uniquely identifies the subjects key. Serial # or hash.! Key Usage: Allowed usage - email, business, ...! Private Key Usage Period: Timestamps for when key can be used (similar to validity)! Certificate Policies! Policy Mappings: from Issuer's domain to subject's domain! Subject Alt Name: Alternative name. DNS.! Subject Directory Attributes: Other attributes12-20©2007 Raj JainCSE571SWashington University in St. LouisX.509 Extensions (Cont)X.509 Extensions (Cont)! Basic Constraints: Whether CA and length of chain! Name Constraints: Permitted and excluded subtrees! Policy Constraints: OIDs! Extended Key Usage: Additional key usages! CRL Distribution Points:! Inhibit Any Policy: “Any Policy” is not allowed! Freshest CRL: How to obtain incremental CRLs! Authority Info Access: How to find info on issuers! Subject Info Access: How to find info on subject12-21©2007 Raj JainCSE571SWashington University in St. LouisSample X.509 CertificateSample X.509 CertificateInternet Explorer12-22©2007 Raj JainCSE571SWashington University in St. LouisX.509 Sample (Cont)X.509 Sample (Cont)12-23©2007 Raj JainCSE571SWashington University in St. LouisX.509 CRL FieldsX.509 CRL Fields! Signature: Signature Algorithm
View Full Document