Docstoc

Public-Key Infrastructure _PKI_

Document Sample
Public-Key Infrastructure _PKI_ Powered By Docstoc
					Public-Key Infrastructure (PKI)




SMU          CSE 5349/7349
                 What is PKI?
• Pervasive security infrastructure whose
  services are implemented and delivered
  using public-key concepts and techniques
                                        -(C. Adams, S. Lloyd)
      – Secure sign-on
      – End-user transparency
      – Comprehensive security




SMU                     CSE 5349/7349
             Business Drivers
•   Cost savings
•   Inter-operability
•   Uniformity
•   Potential for validation/testing
•   Choice of provider

      Consider the analogy with BUS architecture vs.
                     point-to-point links

SMU                    CSE 5349/7349
       Components and Services
•   Certification authority
•   Certificate repository
•   Certificate revocation
•   Key backup and recovery
•   Automatic key update
•   Key history
•   Cross-certification
•   Support for non-repudiation
•   Time stamping

SMU                    CSE 5349/7349
                  Certificates
• Certificate vs. signature
• Types of certificates
      – X.509 (v1, v2, v3)
      – Simple Public Key Infrastructure (SPKI)
        certificates
      – PGP certificates
      – Attribute certificates



SMU                     CSE 5349/7349
              Certificate Format
•   Version number
•   Serial number
•   Signature algorithm identifier
•   Issuer name
•   Period of validity
•   Subject name
•   Subject’s public-key info.
•   Issuer unique ID
•   Subject unique ID
•   Extensions
•   Signature

SMU                         CSE 5349/7349
          Key/Certificate Life Cycle
• Initialization
      –   Registration
      –   Key-pair generation (where?)
      –   Certificate creation and dissemination
      –   Key backup
• Issued
      – Certificate retrieval
      – Certificate validation
• Cancellation
      – Expiration
      – Revocation
      – History and archive
SMU                           CSE 5349/7349
      Certificate Path Processing
• Eventual objective is to determine whether
  the key in a given certificate can be
  trusted
      – Path construction – aggregation of certificates
        to form a complete path
      – Path validation – validating each certificate in
        the path
      Target certificate is trusted only if every
        certificate in the path are trustworthy

SMU                      CSE 5349/7349
               X.509 Hierarchy
• Forward certificates
      – Certificate of X generated by other CAs
• Reverse certificates
      – Certificates of other CAs generated by X
• Example from the book (showed in last
  class)



SMU                     CSE 5349/7349
      Authentication Procedures
• One-way
• Two-way
• Three-way




SMU             CSE 5349/7349
                Problems with PKI
• Hierarchical model of trust
      – Chain of partial trust ending in one “fully trusted” entity
• Identifier associated with the key pair
      – Unique distinguished name within the namespace
• Private-key insecurity
      – Has to protect the private key
• Technical and Implementation difficulties
      – Assumption of global namespace
      – Difficulty in detecting key compromise
      – Inefficient revocation

SMU                           CSE 5349/7349
            PKI Problems (cont’d)
• Limited assurance provided in reality
      – CA’s generally protected in case of failure
      – What certificate assure (usually)
         • A particular message was generated by an entity that had
           available to it a particular private key; and
         • CA that provided the certificate has, at some time in the
           past, had grounds for believing that that private key was
           associated with a particular entity.
         • CA that provided the certificate has, at some time in the
           past, had grounds for believing that the entity had some
           kind of right to use that identifier, or had used that
           identifier in the past; and
         • CA that provided the certificate has, at some time in the
           past, had grounds for believing that the entity had access
           to the appropriate private key.


SMU                           CSE 5349/7349
                   Problems (cont’d)
      – What it does not ensure
          • Private key was originally available to other entities as well as the
            entity to which it purports to be 'bound';
          • Private key is now available to other entities as well as the entity to
            which it purports to be 'bound';
          • Private key invocation that gave rise to a particular message was
            performed by the entity; and
          • Private key invocation that gave rise to a particular message was
            performed with the entity's free and informed consent.
• Privacy invasiveness
      – Just to talk to your buddy securely, you may need to tell your
        life story to a third party!
• Idiosyncrasy:
      – In order to have trust in the party you are transacting with,
        you are expected to have trust in organizations you have no
        relationship with at all


SMU                                CSE 5349/7349
       What is Really Needed!
•   Minimal Use of Identifiers
•   Minimal Registration Requirements
•   Mechanisms for Persistent Anonymity
•   Value Authentication without Identity
•   Attribute Authentication without Identity
•   Recourse in case of violation



SMU                 CSE 5349/7349
          Alternatives to PKI
•   Web of trust like in PGP
•   Simple Distributed PKI (SDPKI)
•   Login ID, password
•   Biometrics
•   Other form of cetificates




SMU                 CSE 5349/7349

				
DOCUMENT INFO
Shared By:
Categories:
Tags:
Stats:
views:10
posted:8/24/2011
language:English
pages:15