Lecture 5 Public Key Infrastructure
Lecture 5 Public Key Infrastructure
The most distinct feature of Public Key Infrastructure (PKI) is that it uses a pair of keys to achieve the
underlying security service. The key pair comprises of private key and public key.
Since the public keys are in open domain, they are likely to be abused. It is, thus, necessary to establish
and maintain some kind of trusted infrastructure to manage these keys.
Key Management
It goes without saying that the security of any cryptosystem depends upon how securely its keys are
managed. Without secure procedures for the handling of cryptographic keys, the benefits of the use of
strong cryptographic schemes are potentially lost.
It is observed that cryptographic schemes are rarely compromised through weaknesses in their design.
However, they are often compromised through poor key management.
There are some important aspects of key management which are as follows −
Cryptographic keys are nothing but special pieces of data. Key management refers to the secure
administration of cryptographic keys.
Key management deals with entire key lifecycle as depicted in the following illustration −
There are two specific requirements of key management for public key cryptography.
Secrecy of private keys. Throughout the key lifecycle, secret keys must remain secret from all
parties except those who are owner and are authorized to use them.
Assurance of public keys. The public keys are in open domain and seen as public pieces of data.
By default there are no assurances of whether a public key is correct, with whom it can be
associated, or what it can be used for. Thus key management of public keys needs to focus much
more explicitly on assurance of purpose of public keys.
The most crucial requirement of ‘assurance of public key’ can be achieved through the public-key
infrastructure (PKI), a key management systems for supporting public-key cryptography.
Public Key Infrastructure (PKI)
PKI provides assurance of public key. It provides the identification of public keys and their distribution.
An anatomy of PKI comprises of the following components.
Digital Certificate
For analogy, a certificate can be considered as the ID card issued to the person. People use ID cards such
as a driver's license, passport to prove their identity. A digital certificate does the same basic thing in the
electronic world, but with one difference.
Digital Certificates are not only issued to people but they can be issued to computers, software packages
or anything else that need to prove the identity in the electronic world.
Digital certificates are based on the ITU standard X.509 which defines a standard certificate
format for public key certificates and certification validation. Hence digital certificates are
sometimes also referred to as X.509 certificates.
Public key pertaining to the user client is stored in digital certificates by The Certification
Authority (CA) along with other relevant information such as client information, expiration date,
usage, issuer etc.
CA digitally signs this entire information and includes digital signature in the certificate.
Anyone who needs the assurance about the public key and associated information of client, he
carries out the signature validation process using CA’s public key. Successful validation assures
that the public key given in the certificate belongs to the person whose details are given in the
certificate.
The process of obtaining Digital Certificate by a person/entity is depicted in the following illustration.
As shown in the illustration, the CA accepts the application from a client to certify his public key. The
CA, after duly verifying identity of client, issues a digital certificate to that client.
Certifying Authority (CA)
As discussed above, the CA issues certificate to a client and assist other users to verify the certificate.
The CA takes responsibility for identifying correctly the identity of the client asking for a certificate to
be issued, and ensures that the information contained within the certificate is correct and digitally signs
it.
Key Functions of CA
The key functions of a CA are as follows −
Generating key pairs − The CA may generate a key pair independently or jointly with the
client.
Issuing digital certificates − The CA could be thought of as the PKI equivalent of a passport
agency − the CA issues a certificate after client provides the credentials to confirm his identity.
The CA then signs the certificate to prevent modification of the details contained in the
certificate.
Publishing Certificates − The CA need to publish certificates so that users can find them. There
are two ways of achieving this. One is to publish certificates in the equivalent of an electronic
telephone directory. The other is to send your certificate out to those people you think might
need it by one means or another.
Verifying Certificates − The CA makes its public key available in environment to assist
verification of his signature on clients’ digital certificate.
Revocation of Certificates − At times, CA revokes the certificate issued due to some reason
such as compromise of private key by user or loss of trust in the client. After revocation, CA
maintains the list of all revoked certificate that is available to the environment.
Classes of Certificates
There are four typical classes of certificate −
Class 1 − These certificates can be easily acquired by supplying an email address.
Class 2 − These certificates require additional personal information to be supplied.
Class 3 − These certificates can only be purchased after checks have been made about the
requestor’s identity.
Class 4 − They may be used by governments and financial organizations needing very high
levels of trust.
Registration Authority (RA)
CA may use a third-party Registration Authority (RA) to perform the necessary checks on the person or
company requesting the certificate to confirm their identity. The RA may appear to the client as a CA,
but they do not actually sign the certificate that is issued.
Certificate Management System (CMS)
It is the management system through which certificates are published, temporarily or permanently
suspended, renewed, or revoked. Certificate management systems do not normally delete certificates
because it may be necessary to prove their status at a point in time, perhaps for legal reasons. A CA
along with associated RA runs certificate management systems to be able to track their responsibilities
and liabilities.
Private Key Tokens
While the public key of a client is stored on the certificate, the associated secret private key can be stored
on the key owner’s computer. This method is generally not adopted. If an attacker gains access to the
computer, he can easily gain access to private key. For this reason, a private key is stored on secure
removable storage token access to which is protected through a password.
Different vendors often use different and sometimes proprietary storage formats for storing keys. For
example, Entrust uses the proprietary .epf format, while Verisign, GlobalSign, and Baltimore use the
standard .p12 format.
Hierarchy of CA
With vast networks and requirements of global communications, it is practically not feasible to have
only one trusted CA from whom all users obtain their certificates. Secondly, availability of only one CA
may lead to difficulties if CA is compromised.
In such case, the hierarchical certification model is of interest since it allows public key certificates to be
used in environments where two communicating parties do not have trust relationships with the same
CA.
The root CA is at the top of the CA hierarchy and the root CA's certificate is a self-signed
certificate.
The CAs, which are directly subordinate to the root CA (For example, CA1 and CA2) have CA
certificates that are signed by the root CA.
The CAs under the subordinate CAs in the hierarchy (For example, CA5 and CA6) have their
CA certificates signed by the higher-level subordinate CAs.
Certificate authority (CA) hierarchies are reflected in certificate chains. A certificate chain traces a path
of certificates from a branch in the hierarchy to the root of the hierarchy.
The following illustration shows a CA hierarchy with a certificate chain leading from an entity
certificate through two subordinate CA certificates (CA6 and CA3) to the CA certificate for the root CA.
Verifying a certificate chain is the process of ensuring that a specific certificate chain is valid, correctly
signed, and trustworthy. The following procedure verifies a certificate chain, beginning with the
certificate that is presented for authentication −
A client whose authenticity is being verified supplies his certificate, generally along with the
chain of certificates up to Root CA.
Verifier takes the certificate and validates by using public key of issuer. The issuer’s public key
is found in the issuer’s certificate which is in the chain next to client’s certificate.
Now if the higher CA who has signed the issuer’s certificate, is trusted by the verifier,
verification is successful and stops here.
Else, the issuer's certificate is verified in a similar manner as done for client in above steps. This
process continues till either trusted CA is found in between or else it continues till Root CA.
Modern cryptography provides a robust set of techniques to ensure that the malevolent intentions of the
adversary are thwarted while ensuring the legitimate users get access to information. Here in this
chapter, we will discuss the benefits that we draw from cryptography, its limitations, as well as the
future of cryptography.
Cryptography – Benefits
Cryptography is an essential information security tool. It provides the four most basic services of
information security −
Confidentiality − Encryption technique can guard the information and communication from
unauthorized revelation and access of information.
Authentication − The cryptographic techniques such as MAC and digital signatures can protect
information against spoofing and forgeries.
Data Integrity − The cryptographic hash functions are playing vital role in assuring the users
about the data integrity.
Non-repudiation − The digital signature provides the non-repudiation service to guard against
the dispute that may arise due to denial of passing message by the sender.
All these fundamental services offered by cryptography has enabled the conduct of business over the
networks using the computer systems in extremely efficient and effective manner.
Cryptography – Drawbacks
Apart from the four fundamental elements of information security, there are other issues that affect the
effective use of information −
A strongly encrypted, authentic, and digitally signed information can be difficult to access even
for a legitimate user at a crucial time of decision-making. The network or the computer system
can be attacked and rendered non-functional by an intruder.
High availability, one of the fundamental aspects of information security, cannot be ensured
through the use of cryptography. Other methods are needed to guard against the threats such as
denial of service or complete breakdown of information system.
Another fundamental need of information security of selective access control also cannot be
realized through the use of cryptography. Administrative controls and procedures are required to
be exercised for the same.
Cryptography does not guard against the vulnerabilities and threats that emerge from the poor
design of systems, protocols, and procedures. These need to be fixed through proper design and
setting up of a defensive infrastructure.
Cryptography comes at cost. The cost is in terms of time and money −
o Addition of cryptographic techniques in the information processing leads to delay.
o The use of public key cryptography requires setting up and maintenance of public key
infrastructure requiring the handsome financial budget.
The security of cryptographic technique is based on the computational difficulty of mathematical
problems. Any breakthrough in solving such mathematical problems or increasing the
computing power can render a cryptographic technique vulnerable.
Future of Cryptography
Elliptic Curve Cryptography (ECC) has already been invented but its advantages and disadvantages
are not yet fully understood. ECC allows to perform encryption and decryption in a drastically lesser
time, thus allowing a higher amount of data to be passed with equal security. However, as other methods
of encryption, ECC must also be tested and proven secure before it is accepted for governmental,
commercial, and private use.
Quantum computation is the new phenomenon. While modern computers store data using a binary
format called a "bit" in which a "1" or a "0" can be stored; a quantum computer stores data using a
quantum superposition of multiple states. These multiple valued states are stored in "quantum bits" or
"qubits". This allows the computation of numbers to be several orders of magnitude faster than
traditional transistor processors.
To comprehend the power of quantum computer, consider RSA-640, a number with 193 digits, which
can be factored by eighty 2.2GHz computers over the span of 5 months, one quantum computer would
factor in less than 17 seconds. Numbers that would typically take billions of years to compute could only
take a matter of hours or even minutes with a fully developed quantum computer.
In view of these facts, modern cryptography will have to look for computationally harder problems or
devise completely new techniques of archiving the goals presently served by modern cryptography.