1 / 10

Public Key Infrastructures

This course presents an overview of Public Key Infrastructure (PKI) as a crucial system for securely distributing and managing public keys. It covers various models of PKI, including Monopoly, Oligarchy, and Anarchy, and their respective advantages and limitations. The importance of a Certification Authority (CA), certificate repositories, and revocation mechanisms such as Certificate Revocation Lists (CRLs) is highlighted. Key concepts such as X.509 certificates and certificate chains are also discussed, underscoring their role in e-commerce and data security.

betha
Télécharger la présentation

Public Key Infrastructures

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Public Key Infrastructures CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk PKI

  2. Public Key Infrastructure • A system to securely distribute & manage public keys. • Important for wide-area trust management (e.g., for e-commerce) • Ideally consists of • a certification authority • certificate repositories • a certificate revocation mechanism (CRLs, etc.) • Many models possible: monopoly, oligarchy, anarchy, etc. PKI

  3. Monopoly Model • Single organization is the CA for everyone • Shortcomings: • no such universally-trusted organization • requires everyone to authenticate physically with the same CA • compromise recovery is difficult (due to single embedded public key) • once established, CA can abuse its position (excessive pricing, etc.) • requires perfect security at CA PKI

  4. Monopoly with Registration Authorities • CA trusts other organizations (RAs) to check identities, do the initial authentication • Solves the problem of physically meeting the CA. Other problems remain. • RAs can be incorporated into other models too PKI

  5. Delegated CAs • Root CA certifies lower-level CAs to certify others • All verifiers trust the root CA & verify certificate chains beginning at the root (i.e., the root CA is the trust anchor of all verifiers) • E.g., a national PKI, where a root CA certifies institutions, ISPs, universities who in turn certify their members • Limitations are similar to monopoly with RAs PKI

  6. Oligarchy • Many root CAs exists trusted by verifiers • The model of web security • Solves the problems of single authority (e.g., excessive pricing) • Disadvantages: • n security-sensitive sites instead of one. Compromise of any one compromises the whole system • users can easily be tricked into trusting fake CAs. (depending on implementation) PKI

  7. Anarchy • Each user decides whom to trust & how to authenticate their public keys • Certificates issued by arbitrary parties can be stored in public databases, which can be searched to find a path of trust to a desired party • Works well for informal, non-sensitive applications (e.g., PGP) PKI

  8. Revocation • Mechanisms to cancel certificates compromised before expiration • Certificate Revocation List (CRL): list of revoked certificates, published periodically by the CA • Delta CRLs: Only the changes since the last issue are published • Online Revocation Servers: No CRL is published. Verifier queries a central server to check if a certificate has been revoked. PKI

  9. Finding Certificate Chains • Can be started with the subject sending its certificates to the verifier (e.g., SSL) • A directory naming structure can be followed (e.g., DNSsec) PKI

  10. X.509 Certificates • Common standard for certificate format • PKIX: Internet standard for X.509-based PKI • Fields (X.509 v3): • version • serial number • signature algorithm identifier • issuer • validity period • subject • subject public key information • signature • standard extensions (key usage limitation, etc.) • other extensions (application & CA specific) PKI

More Related