Lecture 15: PKI and Certificates Flashcards
What do public key infrastructures imply?
The use of public digital certificates
Digital signatures provide these certificates
What types of certificates are standardised and used in most network security applications
X.509 certificates
Give NIST’s definition of a public key infrastructrue
the key management environment for public key information of a public key cryptographic system
What is key management concerned with?
The lifecycle of cryptographic keys –> generation, distribution, storage and destruction of keys
What legal or business (trusted) entities may be involved in PKI?
1) registration authorities (RAs)
2) validation authorities (VAs)
3) certification authorities (CAs)
What do registration authorities do i.t.o PKIs?
vouching for the identity of a user
What does PKI stand for?
public key infrastructure
What do validation authorities do i.t.o PKIs?
verify that identity
What do certification authorities do i.t.o PKIs?
issuing digital certificates (certifying the public key of the user)
How can we be confident of the correct binding between a public key and its owner?
–> e.g. when using a public key to encrypt a message or to verify a digital signature
achieved through using digital certificates
What do digital certificates contain?
1) public key
2) owner identity
3) signature alg
4) validity period
….
Who signs digital certificates?
certification authority (CA)
–> CA should be trusted by the certificate verifier
What does a CA do?
creates, issues and revokes certificates for subscribers and other CAs
What does CA stand for?
certification authority
What must a CA have?
a certification practice statement (CPS)
What does CPS stand for?
certification practice statement
What issues does a CPS cover?
<strong>1)</strong> checks performance before certificate issue
<strong>2)</strong> physical, personnel and procedural security controls for the CA
<strong>3)</strong> technical and key pair protection and management controls
<strong>4)</strong> certificate revocation management procedures
<strong>5)</strong> accreditation info
<strong>6)</strong> legal and privacy issues and liability limitations
Outline the X.509 standard
Most widely used certificate standard
Originally ITU standard
Now RFC 5280
Current version (3) allows flexible extensions
What are the important fields in X.509 certificates? (8)
1) version number
2) serial number (set by CA)
3) signature algorithm identifier (alg used to digitally sign)
4) issue name (of the CA)
5) subject name (of the user to which the certificates is issued
6) public key info
7) validity period
8) digital signature (of the certificate, generated by CA)
Explain the digital certificate example on slide 10 in set 15
See slide 10 in set 15
Explain the digital certificate example on slide 11 in set 15
See slide 11 in set 15
How do you verify a certificate?
1) by checking that the CA’s signature is valid
2) by checking that any conditions set in the certificate are correct
What must be done in order to verify a certificate?
The user of the certificate must have the correct public key of the CA
Does it matter how the user obtains the certifcate?
no
Can public directories store certificates?
Yes
Often, the owner of the public key sends the certificate to the user
How is a certification path set up?
Suppose that the public key of the CA ca0 is not already known and trusted
Then, ca0’s public key can be certified by another Ca ca1
In turn, ca1’s public key can be certified by another CA ca2
Thus, a chain of trust is set up, known as certification path
can –> … –> ca2 –> ca1 –> ca0
Given that an entity has a copy of can’s public key and a chain of trust exists between can and ca0, how does obtain a trusted copy of ca0’s public key?
The chain of trust is used with certificates for all intermediate CAs to obtain a trusted copy of ca0’s public key
Explain the process of a phishing attack
See slide 14 in set 15
What is an extended validation certificate?
Signed by specific intermediate CA
What is the browser indication of an extended validation certificate?
A colour in the address bar to indicate that the certificate has been issued at a specified level
No technical difference between the certificate
What is revocation of a digital certificate?
Declaring a certificate invalid even though its validity period is current
Who has to check which certificates have been revoked?
the user
What is the CRL?
each CA periodically issues a list of revoked certificates which can be downloaded and then checked by clients before using a certificate
What does CRL stand for?
certification revocation list
What is the OCSP?
a server maintains a current list of revoked certificates and responds to request about specific certificates
What does OCSP stand for?
online certificate status protocol
What does public key pinning allow browsers to do?
fix a certain time the public key used to verify certificates for certain sites
What does public key pinning prevent?
attacks due to compromised CAs
What browsers support public key pinning?
Firefox and others
Previously supported by Chrome, but Google announced to remove it in 2017
Explain hierarchical PKI
Top to bottom:
Root CA
Intermediate CAs
Users
A CA certifies the public key of the entity below
See the tree diagram on slide 19 in set 15
In a non-hierarchical PKI, how is certification done?
certification done between any CAs
–> X can certify Y’s public key, or Z can certify Y’s public key –> like path example
Explain the browser PKI
Multiple hierarchies with preloaded public keys as root CAs
Intermediate CAs can be added
Users can also add their own certificates
Most servers send their public key and certificates to the browser at the start of a secure communication using TLS protocol
Where is OpenPGP PKI used?
Used in email security e.g. P2P NW
What does the certificate in OpenPGP PKI include?
ID, public key, validity period, self-signature
Does OpenPGP PKI have certification authorities?
NO
Keys signed by anyone
certified by as many pairs as possible
Where are the keys stored in OpenPGP PKI?
various key servers
What is OpenPGP PKI often known as?
web of trust
