Public Key Distribution: Dr. Risala Tasin Khan Professor Iit, Ju
Public Key Distribution: Dr. Risala Tasin Khan Professor Iit, Ju
Slide-5
Figure: Controlled trusted center
Ways of Distributing Public Key:
Slide-7
Figure: Certification authority
Digital Certificate
A problem in public-key systems is the authenticity of the public key.
❑ An attacker may offer the sender her own public key and pretend that it origins from the
legitimate receiver.
❑ The sender then uses the fake public key to perform her encryption and the attacker can
simply decrypt the message using her private key.
❑ This technique may be used to set up a man-in-the-middle attack in which a third party is
able to monitor and modify the communication between two parties, even when
encryption is used.
In order to thwart an attacker that attempts to substitute her public key for the
victim’s one, digital certificates are used.
❑ A certificate combines user information with the user’s public key and the digital signature
of a trusted third party that guarantees that the key belongs to the mentioned person.
❑ The trusted third party is usually called a certification authority (CA).
❑ A digital certificate is just a file or a software program, digitally signed by a signing
authority, that can be installed in a browser. Once installed, the digital certificate identifies
the user of that browser to websites equipped to check it automatically. It is like an
electronic “credit card” that establishes one’s credentials when doing business on the Web.
Therefore, a digital certificate, issued by a certifying authority, is an electronic
attachment to an electronic message that is used to verify that a user sending a
message is who they claim to be.
Those wishing to send encrypted messages obtain a digital certificate from a
certifying authority.
❑ The certifying authority issues an encrypted digital certificate.
The recipient of an encrypted message uses the certifying authority’s public key to
decode the digital certificate attached to the message.
❑ The recipient verifies it as issued by the certifying authority.
❑ Then it obtains the sender's public key and identification information held within the digital
certificate.
❑ With this information, the recipient can then send an encrypted reply.
The most widely used standard for digital certificates is X.509. Hence, digital
certificates are sometimes called X.509 certificates.
Components of a Digital Certificate
• A typical digital certificate contains several key elements:
1. Certificate Holder’s Information:
• This includes the name, email address, organization, and other identifying details of
the certificate holder.
2. Public Key:
• The public key of the certificate holder, which others can use to encrypt data sent to
them or to verify digital signatures made by the holder.
3. Digital Signature:
• The certificate is signed by a trusted Certificate Authority (CA), which certifies the
authenticity of the certificate.
4. Validity Period:
• Specifies the certificate’s start and expiration dates.
5. Certificate Serial Number:
• A unique number assigned to the certificate, allowing it to be identified and tracked.
How Digital Certificate works
1. Requesting a Certificate:
• The certificate holder (individual or organization) generates a public-private key pair
and sends a Certificate Signing Request (CSR) to a trusted Certificate Authority
(CA) such as VeriSign, DigiCert, or Let’s Encrypt.
2. Issuance by Certificate Authority (CA):
• The CA verifies the identity of the requester through various checks.
• Once verified, the CA issues a digital certificate, binding the requester’s identity to
their public key and signing the certificate with the CA’s own private key.
3. Using the Digital Certificate:
• When someone wants to establish a secure connection (e.g., accessing a website
or sending encrypted data), the server or individual presents their digital certificate.
• The recipient uses the CA’s public key to verify the digital signature on the
certificate. This assures them that the certificate is genuine and hasn’t been
tampered with.
• The recipient can then use the certificate’s public key to establish a secure,
encrypted communication channel or verify a digital signature.
Digital Certificate
For what purposes you can use the digital certificates?
You can use the digital certificate to digitally sign email, documents,
files etc. to prove you were the author, and that they have not been
tampered with.
You can also use some types of certificate as digital ID. Others can
electronically challenge you to prove you know the private key that
fits with the public key in the certificate by encrypting a message
they provide.
❖ The problem with that is, all the information in the certificate is revealed
to whoever you show it to.
❖ If you want to selectively reveal information, you need several
certificates.
❑ You might want one with just your birth date for entry to porn sites, but
no other information. You might want one that revealed only a very
minimal amount of information when dealing with on-line vendors to avoid
being bombarded with junk electronic and snail mail.
Digital certificates can also be used instead of passwords to verify
who you are to some site.
❖ The site challenges you by sending you a message that you digitally sign
and send back. If some spy had snooped on you logging in before, it
would not help him to spoof you, the way it would had you used a
password.
❖ Thus, a digital certificate eliminates remembering multiple passwords and
enhances security, because it can not be guessed, forgotten, forged, or
Slide-12 intercepted.
Digital Certificate
For what purposes you can use the digital certificates (cont…)?
Other types of certificate allow you to encrypt and sign all HTML
traffic leaving your web server, thus proving it came from you and
providing privacy.
❖ Recipients can determine whether data did indeed come from you by
checking the digital signature.
❖ To verify, all they need is a master certificate from the signing authority,
which comes built into their browser or email software. They don't need
to check up your key in an on-line database unless they want to check to
see if the certificate has been revoked.
In many ways, digital certificates are the heart of secure online
transactions.
❖ In shopping on the Internet, buyers need evidence that they can trust the
vendor. Digital certificate establishes a merchant’s identity and thus
ensures secure e-commerce transaction.
❖ MasterCard and Visa have designed the SET certificate that can be used
for secure financial transactions over the web. VeriSign supplies the
certificates.
Slide-13
Digital Certificate
Different Classes of Digital Certificate:
A digital certificate can be issued (for a fee) in one of FOUR classes:
1. Class 1 Certificate:
❖ Certificates of this class are the quickest and simplest to issue
because they contain minimum checks on the user’s background.
Only the name, address and e-mail address of the user are checked.
Think of it as a library card.
2. Class 2 Certificate:
❖ Certificates of this class check for information like real name, SSN
(social security number), and date of birth of the user. They require
proof of physical address, locale, and e-mail address as well. This is
more like a credit card, because the company giving out the
certificate will consult with a credit database for verification with a
third party.
3. Class 3 Certificate:
❖ Certificates of this class are the strongest type in terms of specifics.
They are like a driver’s license: To get them, you need to prove
exactly who you are and that you are responsible. Organizations
whose specialty is the security business foresee class 3 certificates
being used for things like loans acquired online and other sensitive
transactions.
4. Class 4 Certificate:
❖ Certificates of this class are the most thorough. In addition to class 3
requirements, the certificate authority checks on things like the
Slide-14 user’s position at work.
X.509 Digital Certificate
Slide-15
Common Components of X.509
Certificate
An X.509 certificate typically contains the following elements:
1. Version: Identifies the version of the X.509 standard being used (usually version 3 in
modern systems).
2. Serial Number: A unique identifier assigned by the Certificate Authority (CA) to distinguish
this certificate from others.
3. Signature Algorithm: Specifies the cryptographic algorithm (e.g., SHA-256) that the CA
used to sign the certificate.
4. Issuer: Details about the Certificate Authority that issued the certificate, including its name
and potentially other identifying information.
5. Validity Period: Specifies the start and end dates for which the certificate is valid. After the
expiration date, the certificate is no longer trusted.
6. Subject: Information about the entity the certificate is issued to (e.g., a user, a website, or
an organization). This can include details such as the organization name, domain name,
and location.
7. .
1. Subject Public Key Info: Contains the subject's public key and the
algorithm used to generate it. This key is used for secure
communications with the subject.
2. Extensions (Version 3 only): Optional fields that provide additional
information about the certificate’s capabilities.
3. Signature:
This field is made of three sections-
• The first section contains all other fields in the certificate.
• The second section contains the digest of the first section encrypted with
the CA’s public key.
• The third section contains the algorithm identifier used to create the
second section
X.509 Certificate
Format of X.509 Certificate:
Figure below shows the format of X.509 certificate.
Slide-19
X.509 Certificate
Certificate Revocation:
In some cases a certificate must be revoked before its expiration.
Here are some examples:
a) The user’s (subject’s) private key (corresponding to the public key listed in
the certificate) might have been comprised.
b) The CA is no longer willing to certify the user. For example, the user’s
certificate relates to an organization that she no longer works for.
c) The CA’s private key, which can verify certificates, may have been
compromised. In this case, the CA needs to revoke all unexpired
certificates.
❖ When a user wants to use a certificate, she first needs to check the
directory of the corresponding CA for the last certificate revocation list.
Slide-20
X.509 Certificate
Certificate Revocation Format (cont…):
❑ Issuer name:
This field is the same as the one in the certificate.
❑ Revoked certificate.
This is a repeated list of all unexpired certificates that ha been revoked. Each
list contains two sections: user certificate serial number and revocation date.
❑ Signature.
This field is the same as the one in the certificate list.
Slide-21
Certificate Authority
Selecting a Certificate Vendor:
Slide-22
Public-key Infrastructure (PKI)
Public-Key Infrastructure (PKI) is a model for creating, distributing,
and revoking certificates based on the X.509.
The Internet Engineering Task Force has created the Public-Key
Infrastructure X.509 (PKIX).
Duties of PKI:
Several duties have been defined for a PKI. The most important ones
are shown in the figure below:
❑ Certificates’ issuing, renewal, and revocation: These are
duties defined in the X.509. Because the PKIX is based
on X.509, it needs to handle all duties related to
certificates.
❑ Keys’ storage and update: A PKI
should be a storage place for private
keys of those members that need to
hold their private keys somewhere
safe. In addition, a PKI is responsible
for updating these keys on members’
demands.
❑ Providing access control: A PKI can provide different levels of access to the
information stored in its database. For example, an organization PKI may
provide access to the whole database for the top management, but limited
access for employees.
Slide-24
Public Key Infrastructure (PKI)
Trust Model:
It is not possible to have just one CA issuing all certificates for all
users in the world.
There should be many CAs, each responsible for creating, storing,
issuing, and revoking a limited number of certificates.
The trust model defines rules that specify how a user can verify a
certificate received from a CA.
Hierarchical Model:
In this model, there is a tree-type structure with a root CA.
The root CA has a self-signed, self-issued certificate; it needs to be
trusted by other CAs and users for the system to work.
Slide-25
Public Key Infrastructure (PKI)
Hierarchical Model (cont..):
Figure below shows a trust model of this kind with three hierarchical
levels. The number of levels can be more than three in a real situation.
❑ The figure shows that the CA (the root) has signed certificates for CA1,
CA2, and CA3; CA 1 has signed certificates for User1, User2, and User3;
and so on. PKI uses X<<Y>> as the notation to mean the certificate issued
by authority X for entity Y.
Example-1:
Show how User1, knowing only the public key of the CA (the root), can
obtain a verified copy of User3’s public key.
Solution:
User3 sends a chain of certificates, CA<<CA1>> and CA1<<User3>>,
to User1.
Slide-27