Digital certificates We have previously considered topics such as user authentication, document integrity checks, and encryption. The introduction of solutions to each of these topics serves to improve the reliability of networked resources and increase our confidence in on- line transactions. While these innovations are helpful, they are not sufficient to replicate the sort of user authentication we would have in face-to- face encounters, nor would they irrefutably connect a person or business to a particular document or transaction, something quite necessary when financial transactions are involved or legally binding contracts are established. in-person authentication process ultimately relies on the existence and reliability of government-issued identification such as a driver’s license or passport; the government in this way serves as an authority that certifies identity. These government-issued documents are issued based upon yet other documents supplied during the application process Thus there is a hierarchy of certification that reinforces the notion that a driver’s license is an acceptable form of identification. “in-person” verification can be done in a matter of seconds, and becomes a routine affair. However, replicating this procedure on-line is more difficult. The on-line version can’t visually compare your face to your ID, nor compare your signature to the previously approved government- sanctioned version of your signature. So what is needed is an on-line mechanism that provides a similar sort of assurance from an authority that can say, essentially “you don’t know this guy, but I do, and he’s okay by me”. That authority in the on-line environment is known as a “certificate authority” (CA), an agency whose integrity must be beyond reproach. A certificate authority establishes protocols to ascertain the identity of registrants, and supports on-line verification that the identity has been proven to the CA. The Certificate Authority essentially says “I checked this person out, and verified that he is who he says he is, you have my word on it”. To acquire a digital certificate, an individual or organization registers with a certificate authority and presents proof of identity. The CA requests specific information of the registrant, investigates it, and then issues a digital certificate that confirms that the CA has verified the information independently. The certificate would typically include the following information: The registrant’s name Additional personal information such as an e-mail address for a person or a URL for a web server A unique registration number The name of the certificate authority The public key of the registrant Dates that reflect certificate validity (start and expiration dates) A digital signature “seal” from the CA that verifies authenticity of the certificate The exchange of digital certificates is a facility embedded into web browser functionality, such that the existence of certificates is easily detected and the certificates are automatically exchanged and verified with little or no intervention on the part of the user. By including the public key of the holder in the certificate, secure communications can be established even with unknown parties. The certificate authority includes its own digital signature such that any modifications to the certificate, such as changing the expiration date or personal data of the holder, are readily detected and would thereby invalidate the certificate. You can readily view a web site’s digital certificate through the browser whenever the “lock” icon located in the lower portion of the browser window is in the “closed” position. This would signify that the link has been encrypted using the Secure Sockets Layer (SSL) encryption strategy. A graphic image of the digital certificate used to help establish the SSL connection can be viewed by clicking on the lock icon. There are three generally accepted levels of authentication associated with the certification process. Level 1 – The combination of a user ID and password is usually described as “level one” security. As noted in the section on user authentication, a user ID and password are not sufficiently secure as they don’t really authenticate users at all. Applications that rely on Level 1 security are therefore subject to higher levels of risk and increased incidence of fraud. It is possible for someone to obtain a Level 1 digital certificate, but the certificate would attest to little more than the fact that the person paid a fee and has an e-mail account. Level 2 – The Certificate Authority performs a more thorough confirmation of the identity of the applicant, typically through arrangements with a trusted third party such as a financial institution, and in this way can confirm through such accounts and cross- references that the individual is who they claim to be, and can then issue a Level 2 digital certificate. Level 3 – Attests that the holder physically appeared in person, and presented official government-issued identification (thus attaining the same degree of authentication as in the bank teller example). Level 3 validation may also include biometric identification. One of the most important and most frequent uses of digital certificates is to confirm that a particular public key belongs to a specific individual or web server, thus inhibiting potential misrepresentation or “spoofing” activities. A second major use of digital certificates is in the verification of “digital signatures” Digital signatures are used to satisfy the on- line requirements for the functions served by traditional physical signatures. A popular misconception about digital signatures is that they are simply the “scanned” version of a physical signature. This notion is reinforced when retail stores have their customers sign a digital pad rather than a charge slip, and the clerks describe the process as a “digital” signature. Not to confuse the matter, but a “digital” signature is distinct from a “digital signature”, as we will see. A hand-written physical signature is required in situations such as financial transactions and signing binding commitments wherein the signature provides a legally-binding “affirmative act” that serves as non- repudiable evidence that binds the signer to the document. A “digital signature” serves much the same purpose as a traditional hand-written signature, in that it demonstrably connects a person to a particular document or transaction. A digital signature must therefore satisfy the legal expectations for traditional signatures, but also meet additional criteria: 1) It must authenticate the message or document so as to ensure its integrity and detect any tampering. 2) It must authenticate the signer so as to verify identity even (particularly) if the signer is not present. 3) It should provide the “affirmative act” that associates a specific document with a particular signer.And all of this must be accomplished in an efficient and secure manner. The creation of a digital signature involves several steps. Recall that in the section on document integrity we learned about “message digest functions”. Message digest functions are a form of “hash” functions that take a variable length text document as input and produce an output that can be viewed as relatively unique and distinctive, thus serving as a sort of “fingerprint” of that document. If even the slightest change is made to the document, the message digest output would also be changed. A message digest function is used to authenticate a document. In preparing a digital signature, a particular document (or “message”) is identified, and a “fingerprint” computed using a message digest function. The private key of the signer is then used to encrypt the “fingerprint” of the document, and by so doing serves to authenticate the identity of the signer as only the signer would possess the private key. The document and the associated digital signature together form the “affirmative act” necessary to meet legal expectations. The digital signature by itself, not connected to the document, is meaningless, as the signature is used to connect the signer to a specific document. The recipient of a digitally signed message can then decrypt the signature using the public key of the signer, thereby yielding the “fingerprint” of the document. This is where a digital certificate might be used to verify that it is the right key from the right person. Remember that only the public key of the signer can be used to decrypt a message that has been encrypted using the signer’s private key, thus this serves to verify the identity of the signer. The same message digest function would be run on the document itself, yielding a new result. If the new result and the decrypted old value are the same then this result serves to verify that the document is authentic and unaltered. A digital signature can be more reliable than the corresponding traditional signature, as while it is possible to forge a hand-written signature, a digital signature is much more difficult to forge. By attaching a digital signature to a document it is possible for the recipient to confirm the authenticity and integrity of the document, and verify the identity of the sender with a degree of confidence much higher than by using physical signatures. The growing potential for and significance of digital signatures was acknowledged in a federal law that authorized the use of digital signatures in a wide range of legally binding transactions that would otherwise have required a physical written signature.  The Electronic Signatures in Global and National Commerce Act (E-Sign) took effect on October 1, 2000. The law was motivated by the recognition that the use of digital signatures would expedite the handling of a wide range of transactions and potentially save billions of dollars in processing costs associated with traditional signature collection methods. However, the law does include several situations, primarily involving life-changing or threatening scenarios, where digital signatures are not acceptable, including but not limited to the following: The creation and execution of wills and trusts Adoptions, divorce, or other matters of family law Cancellation or termination of utility services (water, heat, power) Actions against the primary residence of an individual (eviction, foreclosure, etc.) Cancellation or termination of health or life insurance benefits The use of digital signatures is growing rapidly as the number of on-line transactions increases and the need to protect and secure these transactions becomes more important. Combined with the increased efficiency and tremendous cost savings involved, it is likely that digital signatures will become a routine component of a wide range of on-line transactions. The emerging standard for digital certificates can be found in RFC 2459 “Internet X.509 Public Key Infrastructure Certificate and CRL Protocol. Note that the X.509 protocol is not yet a standard; the details are still undergoing development. A compendium of specific development tasks along with target dates and related background documents for X.509 and the dozen or so RFCs on relevant technical problems can be found at http://www.ietf.org/html.charters/pkix- charter.html.