Public Key Cryptology LFTSP 2001 IS 7'2

1
Public Key CryptologyLFTSP 2001 IS 7.2

• Presenter Dr Scott Knight
• Royal Military College of Canada
• Electrical and Computer Engineering

2
References

• Carlisle Adams, Steve Lloyd, Understanding
  Public-Key Infrastructure, Macmillan Technical
  Publishing, 1999.
• Phil Zimmerman, PGP Guide Book V6.5.1, An
  Introduction to Cryptography.
• David E DePlanche, Options Analysis of the
  Canadian forces Public-Key Infrastructure, Thesis
  RMC, April 2000.

3
The Secret Key Weakness
Alice
Bob
4
Asymmetric Cypher

• Encryption key and decryption key are related but
  computationally infeasible to derive one from the
  other
• Concept of a Public/Private key pair

5
Public Key Cryptosystems
Secret Key Cryptosystems
plaintext
plaintext
Pu
Pu encipher
DES encipher
DES key
ciphertext
ciphertext
Pr
DES decipher
Pr decipher
plaintext
plaintext
6
Public Key Cryptosystems
PrAlice
PrBob
Alice
Bob
Public Key Directory Alice PuAlice Bob
Pubob Carol PuCarol
Carol
PrCarol
7
A Comparison
It is possible to combine public key and private
key cryptosystems in a hybrid approach that has
the benefits of both.
8
Keys

• Really big numbers (bits)
• Work with cryptographic algorithms to produce
  specific ciphertext
• The bigger the number the more secure is the
  ciphertext for a given algorithm
• Thus public and secret key size unrelated
• 80 bit secret 1024 bit public

9
Hash Functions

• A one-way hash function takes variable-length
  input, for example a message of any length, even
  thousands or millions of bits and produces a
  fixed-length output say, 160-bits
• A hash function ensures that, if the information
  is changed in any way even by just one bit an
  entirely different output value is produced.

10
Potential Services

• Security between strangers
• Encryption
• Digital Signature
• Data Integrity
• Key Establishment
• Exchange of Secret Key

11
Mechanisms Authentication -Digital Signature
12
Mechanisms Authentication -Digital Signature
Verification
13
Hybrid Systems(Digital Envelopes)

• Faster
• Handles distribution lists

encrypt using DES-style crypto
14
Assumptions

• Implicit to this point is that entity Bob has an
  identity that is known and understood by Alice
• Alice must be able to associate a public key
  unambiguously and correctly with Bob
• Alice must be capable of retrieving Bobs key
  from a public repository

15
Public-Key Cryptosystem
16
Man in the Middle attack
17
Digital Certificates

• A certificate is some information signed by
  some authority
• Often the signed information is a public key
• i.e. A Public Key Certificate (PKC)
• A certificate is a stamp of approval from some
  other trusted individual
• If we can trust some entity to establish the
  relationship between an individuals identity and
  his/her pubic key we can solve the
  man-in-the-middle problem
• We need to trust at least one key
• but, we only need to really trust one key

18
Certification Authority (CA)

• An authority trusted with establishing the link
  between an individuals identification
  credentials and a public key
• in accordance with some policy
• Digitally signs public-key certificate
• ITU Standard X.509 provides a public key
  certificate standard

19
Certificate Repository

• Directory Server Agent (DSA)
• this is a certificate repository
• Solves problem of making certificates available
• On-line server, like a phone directory or the
  internet Domain Name System (DNS)
• e.g. ITU Standard X.500 directory service
• We have to consider the revocation of
  certificates that become invalid
• Certificate Revocation Lists (CRLs)

20
Certification Authority
DSA
CA
21
Functional PKI may contain

• Certification Authority
• Certificate Repository
• Certificate Revocation
• Key Backup and Recovery
• Automatic Key Update
• Key History
• Cross-Certification
• Support for Non-Repudiation
• Time Stamping
• Client Software

22
Certificate Revocation

• When binding of key needs to be broken
• Identity change
• Suspected security compromise
• User population needs to be aware
• Unless certificates are for one time use only
  revocation check is required
• CRLs are held on the DSA

23
Key Backup and Recovery

• Loss of private key
• Forgotten passwords
• Destruction of medium holding key
• Backup and recovery of private decryption keys
  but not signing keys

24
Automatic Key Update

• Certificate has finite lifetime
• Theoretical reasons
• Practical estimations
• Automatic seamless update of certificate is
  preferred
• Reduces burden on user to set-up

25
Key History

• Multiple old certificates and at least one
  current certificate exist
• Important for data recovery
• Automatic seamless implementation is preferred

26
Support for Non-Repudiation

• Users perform actions intended to be irrevocably
  associated with their identity (Digital
  signature)
• For business to run normally users cannot
  arbitrarily break this association at any time in
  the future
• Must not be able to deny that the signature
  really came from owner
• This the property known as non-repudiation

27
Time Stamping

• One of the critical elements in the support of
  non-repudiation services is the use of secure
  time stamping, from a trusted time source
• The authoritative source of time for a PKI could
  be implemented by a secure time stamping server
  whose certificate is verifiable by the community
  of PKI users.

28
Client Software

• A PKI may be viewed as a collection of servers
  that will do the following
• The CA will provide certification services
• The repository will hold certificates and
  revocation information
• The backup and recovery server will enable the
  proper management of key histories
• The time stamp server will associate
  authoritative time information with documents
• Thus client software will need to exist to access
  and implement these services correctly, it exists
  outside every application.

29
Cross-Certification

• Not likely that a single global PKI will exist
• Likely that some will need to be interconnected
• Need to form trust relationships between formerly
  unrelated PKIs
• Cross-certification enables users of one PKI
  community to validate the certificates of users
  in another PKI community

30
Validity and Trust

• Validity is confidence that a public key
  certificate belongs to its purported owner.
  Validity is essential in a public key environment
  where you must constantly establish whether or
  not a particular certificate is authentic.
• You validate certificates. You trust people. More
  specifically you trust people to validate
  certificates for you. You trust the CA to
  establish certificate validity.

31
Trust Models

• Direct Trust
• Hierarchical trust
• Distributed trust
• User Centric trust

32
Direct Trust
33
User Centric Trust
34
Hierarchical Trust
35
Distributed Trust
36
Public Key CryptologyLFTSP 2001 IS 7.2

• Presenter Dr Scott Knight
• Royal Military College of Canada
• Electrical and Computer Engineering