Sec+ Chapter 07: Cryptography and the Public Key Infrastructure Flashcards
Cryptography
The practice of encoding information in a manner that it cannot be decoded without access to the required decryption key. Consists of two main operations:
1) Encryption: Transforms plain text information into ciphertext using an encryption key
2) Decryption: Transforms ciphertext back into plain text with a decryption key
4 goals of cryptography
1) Confidentiality: Used to protect information from prying eyes
2) Integrity: Used to ensure data isn’t maliciously or unintentionally altered
3) Authentication: Validate the identity of individuals
4) Nonrepudiation: Ensures that individuals can prove to a third party that a message came from its purported sender
Cipher
The algorithms used to perform encryption and decryption operations
Ciphering is the process of using a cipher to scramble a message
Substitution cipher
A type of coding or ciphering system that changes one character or symbol into another
Transposition cipher
Transposing or scrambling letters in a certain manner. Typically broken into blocks of equal size and each block is then scrambled
Steganography
The art of using cryptography techniques to embed secret messages within another file
Steganographers often embed their secret messages in images, video files, or audio files because the files are so large the message would be easily missed by inspectors.
Often used for illicit activities
Cryptography Goal: Confidentiality
The most widely cited goal of cryptosystems
Refers to the preservation of secrecy for stored information or for comms between individuals and groups
Ensures data remains private in three different situations:
1) At rest
2) In transit (on the wire)
3) In use
Symmetric encryption
AKA: secret key algorithm or shared secret
Uses a single key to encrypt the data, and when you want to decrypt the data you use the same key
This shared, secret key is available to all users of the cryptosystem
It doesn’t scale well and is challenging to distribute
Asymmetric encryption
AKA: Public key cryptography
Unlike symmetric, asymmetric uses multiple keys: a public and private key
Private key is what only you have access to and nobody knows what that is
Public key is mathematically related to the private key, and it’s what you give everyone so they can encrypt info and send it to you
Once someone encrypts data with your public key, the only way to decrypt it is with your private key
You can also do this the opposite way, and encrypt info with your private key and the people who decrypt it are the ones with your public key (digital signatures)
Data at rest
Stored data that resides in a permanent location awaiting access
EX: hard drives, backup tapes, cloud storage, USB drivers
To protect it, we must encrypt the data with whole disk, database, or file/folder encryption
Assign permissions to data in this drive
Data in transit
On the wire (aka, in the cables), is data being transmitted across a network between two systems
EX: Data going between switch interfaces, router connections, and devices on the network
It’s difficult to protect as it travels, but not impossible
Allow or prevent access with firewall or IPS, or we encrypt the data as it goes through the network with TLS or IPsec
Data in use
Stored in the active memory of a computer system, where it can be accessed by a process running on that system
EX: Data in system RAM, CPU registers, or system caches
Almost always presented in a decrypted view, which makes it a very attractive option for attackers
Cryptography Goal: Integrity
Ensures data isn’t altered without authorization. If integrity mechanisms are in place, the recipient of a message can be certain that the message received is identical the one that was sent.
Integrity checks ensure stored data wasn’t altered between time it was created and accessed.
Integrity controls protect against all forms of alternation, including:
1) Intentional by third-party attempting to insert false info
2) Intentional deletion of portions of the data
3) Unintentional alteration by faults in the transmission process
Cryptography Goal: Authentication
Verifies the claimed identity of the system users
Cryptography Goal: Nonrepudiation
Provides assurance to the recipient that the message was originated by the sender, and not someone pretending to be the sender
Prevents the sender from claiming they never sent the message in the first place
Only offered by public key, or asymmetric
Key space
The range of values that are valid for use as a key for a specific algorithm
Defined by its key length
Key length
The number of binary bits in the key that defines the key space
Kerchoff Principle
A cryptographic system should be secure, even if everything about the system, except the key, is public knowledge
AKA: Your enemy knows this system
Cipher suite
Sets of ciphers and key lengths supported by a system
Block cipher
Ciphers that operate on blocks of a message and apply the encryption algorithm to the entire message block at the same time
Usually you see this with 64 or 128 bit blocks
If it doesn’t fit, padding is added to fill in the short blocks
Like stream cipher, this is commonly used with symmetric encryption
Uses different modes of operation to avoid patterns in the encryption
Stream cipher
Ciphers that operate on one character or bit of a message / data steam at a time
Often used with symmetric encryption
High speed, low hardware complexity
Challenge is that you don’t know what’s coming down the stream, which means randomization of data could be difficult if multiple bytes are identical in the stream
IV is added to the cipher to add randomization to the process
Symmetric key cryptography weaknesses
1) Key distribution is a major problem: Parties must have a secure method of exchanging the secret key before establishing comms with a symmetric key protocol
2) Doesn’t implement nonrepudiation: There’s no way to prove where a given message originated since anyone can encrypt and decrypt with the shared secret key
3) Algo isn’t scalable: Extremely difficult for large groups to comm with this. Secure private comms between individuals in the group can only be achieved if each possible combo of users shared a private key
4) Keys must be regenerated often: Each time a participant leaves a group, all keys known must be discarded
Strengths of symmetric key cryptography
Speed: It’s 1k to 10k faster than asymmetric algos
Strengths of asymmetric key cryptography
1) The addition of new users requires the generation of only one public-private key pair, which is used to comm with all users. Extremely scalable
2) Users can be removed easily. Key revocation mechanism allows a key to be canceled, removing a user from the system
3) Key regeneration is only required when a private key is compromised. If a user leaves, the admin simply needs to invalidate their keys
4) Provides integrity, authentication, and nonrepudiation. If a user doesn’t share their private key with others, a message signed by them can be shown to be accurate and from a specific source. Can’t be repudiated later
5) Simple key distribution. Users who participate simply make their public key available to anyone they want to comm with
6) No preexisting comm link needed. Two individuals can begin comms securely from the start of their session. No prior relationship needed
Weakness of asymmetric key cryptography
Speed: It has a slow speed of operation
Often, many applications that required the secure transmission of large amounts of data use public key cryptography to establish a connection and then exchange a symmetric secret key
The remainder of the session uses symmetric cryptography
DES
Data encryption standard
Published by US Gov in 1977, deprecated
A 64-bit block cipher that has five modes of operation:
1) Electronic codebook mode (ECB)
2) Cipher block chaining mode (CBC)
3) Cipher feedback mode (CFB)
4) Output feedback mode (OFB)
5) Counter mode (CTR)
ECB Mode
Electronic codebook mode
Uses the DES algorithm, easiest to understand, least secure
Each time the algo processes a 64-bit block, it encrypts the block using the encryption key
This process is done all the way through the file until all blocks are encrypted
If the algo encounters the same block multiple times, it will produce the same encrypted block because it doesn’t use salt
This means it might not be the best encryption mode to use for every situation, but it can be used to exchange small amounts of data, like keys and parameters used to initiate other DES modes as well as the cells in a db
CBC Mode
Cipher block chaining mode
Uses the DES algorithm, adds more randomization than ECB
Each block is XORed with the previous ciphertext block, which means we perform a different set of input and output to that data to add randomization
XOR = exclusive, or, if you input two identical bits the output is 0, but if they’re different it’s 1
Encryption process is similar to ECB, but just before the encryption occurs we add the IV data, which further randomizes the ciphertext
On the second block of data, we use the resulting ciphertext as the IV for the next block
Ciphertext will be different every time, even if the plaintext is identical
CFB Mode
Cipher feedback mode
Uses the DES algorithm
The streaming cipher version of CBC. CFB operates against data produced in real time, but instead of breaking a message into blocks it uses memory buffers of the same size block. As it fills up, it’s encrypted and send to the recipients
OFB Mode
Output feedback mode
Uses the DES algorithm
Almost the same as CFB, but instead of XORing an encrypted version of the previous block of ciphertext, it XORs the plain text with a seed value
CTR Mode
Counter mode
Uses the DES algorithm and acts as a stream cipher similar to CFB and OFB
Uses an incremental counter to add randomization to the encryption process
We start with the counter, and encrypt the counter with the block cipher encryption
After that, we perform the XOR (exclusive, or) to the plaintext to create the ciphertext
Instead of using the results of this encryption on the next block, we increment the counter and perform the exact same encryption with the next block of plaintext
3DES
Triple DES
An adapted version of DES, uses the same algorithm to produce a more secure encryption. There are 4 versions of 3DES:
1) Encrypts plaintext three times, using three different keys K1, K2, and K3 (subscripts). DES-EEE3 (168 bit)
2) Uses three keys, but replaces second encryption operation with a decryption one. DES-EDE3 (168 bit)
3) Only uses two keys. DES-EEE2 (112 bit)
4) Uses two keys, but decryption operation in the middle. DES-EDE2 (112 bit)
AES
Advanced encryption standard
NIST mandated use of AES/Rjindael in Nov 2001 for encryption of all sensitive but unclassified data by US Gov
Uses three key strengths of 128, 192, and 256 bit
AES only allows the processing of 128 bits, but Rjindael exceeded this spec, allowing people to use block size equal to the key length. The number of encryption rounds depends on the key length chose:
1) 128 bit requires 10 rounds
2) 192 bit requires 12 rounds
3) 256 bit requires 14 rounds
Key management practices
The security and protection of cryptographic keyring materials
Create the keys with a particular strength and cipher, generate the digital certificates which associate the keys with a particular user, and safely and securely distribute the keys to their users
Store the keys securely, ensure they’re used appropriately, revoke keys, escrow of keys, and create new keys after expiration dates
Offline distribution
One of three main methods used to exchange secret keys securely
This is the most technically simple and involves the physical exchange of key material
One party provides the other with a sheet of paper or storage media containing the secret key
Public key encryption
One of three main methods used to exchange secret keys securely
To achieve speed benefits of secret key encryption without the hassles of key distro, many use public key encryption to set up an initial comms link
Once it’s established, and everyone is confident in the others identity, they exchange a secret key over the secure public key link
Comms are then switched from public key algo to secret key algo and enjoy increased processing speeds
Diffie-Hellman
Uses asymmetric encryption to create a symmetric key, and you don’t have to send it across the network
Bob and Alice both use asymmetric encryption and both have private keys
Bob can combine his private key with Alice’s public key to create a symmetric key
Alice can combine her private key with Bob’s public key to create a symmetric key
If you use the related public and private keys on both side, you get symmetric keys identical to each other
By doing this, the same symmetric key can be created on both sides of the convo without ever sending the symmetric key across the network
This is the process used for Diffie-Hellman, and it’s used extensively everyday
Key storage best practices
1) Never store a key on the same system where encrypted data resides
2) For sensitive keys, consider providing two different individuals with half of the key. They must collaborate to re-create the entire key. Known as principle of split knowledge
RSA
The most famous public key cryptosystem, named for its creators: Ronald Rivest, Adi Shamir, and Leonard Adleman
Widely used for secure comms. This algo depends on computational difficult inherent in factoring large prime numbers
Each user of the cryptosystem generate a pair of public and private keys using the algo
ECC
Elliptic curve cryptography
Instead of using large prime numbers, you use curves to create the asymmetric keys used for public and private key encryption and decryption
ECC can use smaller keys to maintain same security as non-ECC algorithms, and they require smaller storage and data needed to be transmitted across the network
You can thus access the power of asymmetric encryption on mobile and IoT devices that can’t store mass quantities of data
Widely believed that this is harder to solve than both the prime factorization of RSA and standard discrete logarithm from Diffie-Hellman
Message digest
What you get when you take a potentially long message and generate a unique output value derived from the content of the message
5 basic requirements for a cryptographic hash function
1) They accept an input of any length
2) They produce an output of a fixed length, regardless of the input length
3) The hash value is relatively easy to compute
4) The hash function is one-way, meaning that it’s extremely hard to determine the input when provided with the output
5) The hash function is collision free, meaning it’s extremely hard to find two messages that produce the same hash value
SHA
Secure hash algorithm
It and it’s successors SHA-1, SHA-2, and SHA-3 are govt standard hash functions promoted by NIST
SHA-1
Takes an input of virtually any length (upper bound of 2,097,152 TB on the algo) and produces a 160-bit message digest
Processes a message in 512-bit blocks
If the message length is not a multiple of 512, the SHA algo pads it with additional data until the length reaches the next highest multiple of 512
SHA-2
Developed after cryptanalytics showed weaknesses in SHA-1. SHA-2 has four variants:
1) SHA-256: produces a 256 bit message digest using a 512 bit block size
2) SHA-224: uses a truncated version of SHA-256 to produce a 224 bit message digest using a 512 bit block size
3) SHA-512: produces a 512 bit message digest using a 1,024 bit block size
4) SHA-384: uses a truncated version of SHA-512 to produce a 384 bit message digest using a 1,024 bit block size
SHA-3
Released in 2015, this was developed to serve as a drop in replacement for SHA-2
Offers the same variants and hash lengths, but uses a more secure algo
MD5
Released by Ron Rivest (of RSA fame) in 1991
Processes 512 bit blocks of the message, but it uses four distinct rounds of computation to produce a digest of the same length as the early MD2 and MD4 algos (128 bits)
However, MD5 is subject to collisions and has been compromised. It’s not usable for ensuring message integrity anymore
Goals of digital signature infrastructures
1) Assure the recipient that the message truly came from the claimed sender. They enforce nonrepudiation
2) Assure the recipient that the message wasn’t altered while in transit between sender and recipient. Protects against malicious mods and unintentional mods
HMAC
Hashed message authentication code
An algo that implements a partial digital signature. It guarantees the integrity of a message, but doesn’t provide for nonrepudiation
Can be combined with any standard message digest generation algo, like SHA-3, using a shared secret key
4 core principles of public key cryptography
1) If you want to encrypt a message, use the recipient’s public key
2) If you want to decrypt a message sent to you, use your private key
3) If you want to digitally sign a message you’re sending to someone else, use your private key
4) If you want to verify the signature on a message sent by someone else, use the sender’s public key
DSS
Digital signature standard, as specified by NIST in FIPS 186-4
Must use SHA-3 hashing function, and the following three approved standard encryption algos:
1) The Digital Signature Algorithm (DSA)
2) RSA
3) Elliptic Curve DSA (ECDSA)
PKI
Public key infrastructure
The process of managing almost all aspects of digital certificates, from creation through revocation, which creates the foundation of trust for all digital certificates
Creating a PKI at your organization is a massive undertaking and requires lots of planning
Most PKI work is about creating certificates and associating them with users or devices
Digital certificates
A public key combined with a digital signature, usually from the CA and may contain additional information that describe characteristics for the user or device
The foundation for PKI is the trust we associate with the certs, and the only way we can trust a cert is valid is to validate a digital signature
The digital signature often comes from a CA, which makes it a central point of trust
There are other ways to associate trust with the certs, like through a web of trust where the users can vouch for each other and digitally sign each others certs
X.509
An international standard for digital certificates
Allows us to move the certs between systems and let the systems understand what’s inside
openSSL can read different formats or convert between formats if needed
Certs that conform have the following attributes:
1) Version X.509 to which the cert conforms (current version is X.509 v3)
2) Serial number (from the certificate creator)
3) Signature algo identifier (specifies the technique used by the CA to digitally sign the contents of the cert)
4) Issuer name (identification of the CA that issued the cert)
5) Validity period (specifies the dates and times during which a cert is valid)
6) Subject’s common name (CN) that clearly describes the cert’s owner
7) Certs can contain subject alternative name (SAN) that allows you to specify additional items (IPs, domains, etc) to be protected by a single cert
8) Subject’s public key (the meat of the cert, the actual public key the cert owner used to set up secure comms)
Commercial CA
Certificate authorities
We can purchase a certificate from a CA that’s trusted by browsers and OS to make a CSR (certificate signing request):
1) Build a key pair on your local machine
2) Provide the public key to the CA
3) CA confirms you are the person making the request
4) CA signs your certificate
5) Put the certificate on your server
6) Visitors see you have a certificate and that it’s been signed by the CA
Some CAs:
Symantec, IdenTrust, AWS, GlobalSign, Comodo, Certum, GoDaddy, DigiCert, Secom, Entrust, Actalis, Trustwave
RA
Registration authority
Assist CAs with the burden of verifying users’ identities prior to issuing digital certs
RA can revoke certs as well as help with renewal and re-key requests
They don’t directly issue certs themselves, but play an important role in certification process
Allow CAs to remotely validate user identities
CRL
Certificate revocation lists
List of revoked certs that’s stored at the CA, contains the serial numbers of certs that have been issued and revoked, along with date and time the revocation went into effect
Disadvantage: they must be downloaded and x-referenced often, introducing a period of latency between the time a cert is revoked and the time end-users are notified of the revocation
OCSP
Online certificate status protocol
This protocol eliminates the latency inherent in the use of CRLs by providing a means for real-time cert verification
When a client receives a cert, it sends an OSCP req to the CA OSCP server
The server then responds with a status of valid, invalid, or unknown
The browser uses the info to determine whether the cert is valid or not
Not all browsers or apps support OCSP, and even if some do they might not go through the process of checking
Don’t rely on any single method of certificate verification, use many
OCSP Stapling
One of the easiest ways to check if certificates have been revoked
The status information regarding the cert is stored on the local server, and we staple the status into the handshake that occurs when SSL/TLS is used when connecting to the server
Since the status info is digitally signed by the CA, we trust it’s valid without going all the way to the CA for validation
DER
Distinguished encoding rules format
A set of rules that allows us to encode x509 certificates
Binary format, but common across platforms that use Java
Usually stored with .der / .crt / .cer extensions
PEM
Private enhanced mail format
A base64 encoded DER certificate in ASCII form that can be easily sent through email
PEM certs are normally stored with the .pem / .crt extensions
PKCS #12 / PFX
Public key cryptography standard #12
Container format that holds many x.509 certificates
Usually sent as a .p12 or .pfx file
Commonly used to transfer public-private key pair in the same container, and you can password protect this
Interchangeable with PFX (personal information exchange)
Certificate format commonly used by Windows
PFX certs can be stored in binary form, using either .pfx / .p12 extensions
PKCS #7
Public key cryptography standard #7
Cryptographic message syntax standard associated with the .p7b file
Stored in ASCII and easily transferred over email
Commonly send certificates and chain certificates, but not private keys in a .p7b file
You’ll find support for this in Windows, Java Tomcat, and more
HSM
Hardware security modules
An effective way to manage encryption keys. These hardware devices store and manage encryption keys in a secure manner that prevents humans from ever needing to work directly with the keys.
Frequency analysis
Looking at the blocks of an encrypted message to determine if any common pattern exists.
Brute force cryptographic attack
Trying every possible key
It is guaranteed to work, but it can take millions of years depending on how complex the thing is you’re trying to crack
Known plain text cryptographic attack
Relies on the attacker having pairs of known plain text along with the corresponding ciphertext
This gives the attacker a place to start attempting to derive a key
Chosen plain text cryptographic attack
The attacker obtains the ciphertext corresponding to a set of plain texts of their own choosing
This allows them to attempt to derive the key used and thus decrypt other messages encrypted with that key
Related key attack
Similar to chosen plain text, but the attacker can obtain ciphertext encrypted under two different keys
Often useful if you can obtain the plain text and matching ciphertext
Birthday attack
An attack on cryptographic hashes based on something called the birthday theorem:
In a classroom of 23 students, what chance that 2 share a birthday? The answer is 50% because we compare every student to every other student for shared bday.
This is what’s called a hash collision
Downgrade attack
Sometimes used against secure comms like TLS in an attempt to get the user or system to inadvertently shift to a form of encryption that’s easier to break
Tricks the user into shifting to a less secure protocol, one that can be easier to break
EX: POODLE (padding oracle on downgrade legacy encryption) downgrade attack
Researchers found a TLS vulnerability in 2014
They did an on-path attack and forced both sides to fallback on SSL 3.0, which has significant cryptographic vulnerabilities
Rainbow table attack
An attempt to reverse hashed password values by precomputing the hashes of common passwords
Attackers take a list of common passwords and run them through the hash function to generate a rainbow table
They can search through lists of hashed values, looking for matches to the table
Key stretching
A technique used to make weak passwords more secure by requiring repeated hashing
EX: Hash a password, then hash the hash, etc, etc
Exploiting weak keys
A good cryptographic algo is used, like AES, but it’s implemented in a weak manner, like with weak key generation. These can be exploited
EX: Wireless equivalent privacy (WEP) protocol. Uses an improper implementation of RC4 encryption algo and has significant security vulnerabilities
Exploiting human error
Any fault in cryptographic comms because of human error
EX: You forget to encrypt an email, code keys winding up in the wrong hands, giving insights into what the keys hold, using weak or deprecated algos, etc
Hash collision
When you have two different types of plaintext that create the same hash
You could increase the size of the hash, which decreases the chance of collision
This should never happen, but it’s what compromised MD5 (message digest algo version 5)
Use SHA-3 instead
Confusion
The encrypted data is drastically different than the plaintext
Diffusion
If you change one piece of information in the plain text, the resulting cipher text will be dramatically different between encryption versions
Plaintext
An unencrypted message
AKA: in the clear
Cryptanalysis
The art of cracking cryptography
Researches are constantly trying to find weaknesses in ciphers through this art
Ciphertext
An encrypted message
Key stretching libraries
A technique to make weak passwords more secure by using repeated hashing
There are a number of libraries that exist to stretch your keys
brcypt generates hashes from passwords, an extension of the UNIX crypt library and uses the Blowfish cipher to perform multiple rounds of hashing
PBKDF2 (password based key derivation function v2), uses thousands of iterations of salting and hashing to generate encryption keys that are resilient against attacks
PBKDF2 is part of the RSA public key cryptography standards
Homomorphic encryption
Perform calculations on data while it’s encrypted
You can save the results as encrypted data, without every having to decrypt the information
Explain the process of asymmetric encryption
1) Bob wants to send information to Alice that’s encrypted—he needs his laptop, the original plaintext, and Alice’s public key
2) To obtain her key, Bob asks Alice for her key, retrieves it from a public key server, or gets it from anywhere Alice has posted her key publicly
3) Bob combines the plaintext with Alice’s public key to create the ciphertext
4) Alice receives the ciphertext and decrypts it with her private key, and she reads the plaintext
Explain the process of creating a digital signature
1) Alice wants to send Bob a message, but she wants Bob to ensure it’s legit and actually comes from her
2) She hashes the plaintext
3) Then, she’ll encrypt the hash with her private key, which outputs a digital signature
4) The digital signature gets attached to the original plaintext and send to the recipient
5) Bob receives the message with the digital signature
6) To verify, Bob decrypts the signature with Alice’s public key
7) Bob is left with the plaintext hash
8) Bob now runs the plaintext through the same hashing algorithm Alice did
9) Bob compares the hashes
10) If they match, Bob knows the message is legit, it came from Alice, and nothing has been altered in transit
Key strength
Larger keys tend to be more secure, and they can prevent brute force attacks
In symmetric encryption, 128 bit or larger are common, but those numbers increase as our computing power does
Asymmetric tends to be larger than symmetric, and tend to be 3,072 or larger
Out of band key exchange
Sending symmetric keys through telephone, courier, in-person, etc
In band key exchange
Sending symmetric keys on the network, usually with asymmetric encryption to deliver the key (additional encryption method)
Explain how to send symmetric keys across the network securely
Use asymmetric encryption to encrypt symmetric key inside of it
1) The client takes the symmetric key (plaintext) and encrypts it with a server’s public key to create ciphertext
2) Ciphertext is sent to server, which decrypts with its private key and access the symmetric key we started with (the session)
These keys need to be changed often, as they’re used for individual sessions
This is known as an ephemeral key since it’s not permanent
PFS
Perfect forward secrecy
This changes the encryption process so you’re not using the same private key every time to transfer symmetric keys across the network
Uses ECC of Diffie-Hellman ephemeral (ECDHE)
Every session should have a different set of encryption keys, which are no longer used after a session is over
You can’t go back after the fact and decrypt network traffic based on a single server private key (or attackers can’t if they capture a private key and the traffic)
Private CA
When all the applications and services are done in-house, and no external parties are connecting
You build and sign your own certificates internally (self signed certificates)
An internal CA is a requirement for mid to large organizations with hundreds of servers and you need to provide signed digital certs for every server
DV
Domain validation certificate
This means the owner of the cert, who’s added it to their webserver, has some control over the domain you’re connecting to
Provides trust that you’re connecting to the legitimate site when you connect
EV
Extended validation certificate
Additional checks have been done by the CA and they enable additional features that show the name of the cert owner in the browser bar (in green)
Not as necessary anymore since SSL/TLS has become the norm
SAN
Subject alternative name
Allows the owner of the cert to add different DNS names into the cert configuration
A single cert could support connectivity for multiple websites
You’ll often see a wildcard domain attached to this, designated with an * == many names associated with a DNS
EX: *.brainscape.com
Code signing certificate
When developers create software, they can sign it with a code signing certificate
We can receive the software and install it, and during the install process we can verify the executable is the same as the one distributed by the manufacturer
Ensure it hasn’t changed since it left the developer
Root certificate
All of the signatures and additional CA certs start here
If you’re building out intermediate and leaf CA, you start here and sign everything downstream from there
This is the foundation of your PKI, so make sure this cert stays safe at all times
Machine and computer certs
Deploy machine or computer certs to all the devices that need to be trusted to your organization
You’ll know when one connects to the network, if they have the certificiate, that it’s trusted by your organization
EX: Connecting thru VPN, before gaining access to internal network it validates a certificate to ensure it’s trusted
Email certificate
These use public key cryptography to encrypt information so you can send it protected, and receive encrypted messages to decrypt locally in your email client
These can also be used for digital signatures, we can sign emails with a certificate, and the recipient can validate everything is the same for integrity and non repudiation
User certificate
Certificates for every user
Uses an additional authentication factor, like in an ID card or smart card
Could be both a physical and digital i
CER
Certificate format
Primarily a Windows x.509 file extension
Provides binary DER or ASCII PEM format
Usually contains just public keys, private keys are sent in .pfx files
Look for the .cer file extension
Offline and Online CAs
If your root CA is compromised, all the keys assigned and distributed by the root are no longer trustworthy
Limit the exposure of the root CA by having some CAs be online, others offline
Build out intermediate CAs that sign the certs throughout your org
Then, you can remove the root CA and store it safely so nobody has access to the root CA certs
This limits the scope of any type of compromise of an intermediate CA, and you only have to recreate a CA and distribute a fraction of the total certs in an environment
If you need all new intermediate CA, you have a root CA that’s never been compromised
Pinning
When you put a certificate inside the app you’re using, and then compare that to the cert that you see when the app connects to the server
You have to compile the cert inside the app you’re using, or add it the first time you run the app
The app will perform a check, see if the cert it has internally matches the cert it sees on the server
If not match, app will decide what to do like show error or shut down
PGP web of trust
PGP (pretty good privacy) was built as a web of trust, and in that you sign certs of people you know
They sign certs for people they know
If you see a cert from someone you don’t know, but it’s been signed by someone you do know, there’s a level of trust you can associate with that
Mutual authentication
When you validate the server you comm with is trusted
Server validates the client it comms with is trusted
Both sides can trust each other, and the app they use has additional layer of trust
Key escrow
When a third party holds your decryption keys
You hand over your keys, and the third party only uses them in particular situations
EX: You store private information about your employees that’s encrypted, you’re only allowed if it’s validated by the third party with decryption keys
Certificate chaining
Chain of trust
List all of the certs between the server we connect to and the root CA
Any cert between the device we connect to and the root CA is a chain cert (or intermediate cert)
