230 likes | 432 Vues
Digital Certificate, CA (Certificate Authority Root CA and chain of CA trust. CS 590/490 Network Security. Department of Computer Science Southern Illinois University Edwardsville Fall, 2007 Dr. Hiroshi Fujinoki E-mail: hfujino@siue.edu. Certificate/001. Digital Certificate. Certificate
E N D
Digital Certificate, CA (Certificate Authority Root CA and chain of CA trust CS 590/490 Network Security Department of Computer Science Southern Illinois University Edwardsville Fall, 2007 Dr. Hiroshi Fujinoki E-mail: hfujino@siue.edu Certificate/001
Digital Certificate Certificate of this host I see. It’s you! Another host replies Your Host Another Host • Masquerading • M-in-M CS 590/490 Network Security What is (Digital) Certificate? • A set of information that securely identifies a host in a network • Certificate is a text (ASCII-coded) document file • When you talk to a network host, you use a certificate of the host • to confirm the identity of the host you talked to. You talked to this host “Are you there?” “I’m here.” Certificate/002
Digital Certificate Certificate of this host Certificate of your host I see. It’s you! You talked to this host “Are you there?” I see. It’s you! Another host replies Your Host “I’m here.” Another Host • Masquerading • M-in-M CS 590/490 Network Security What is (Digital) Certificate? • A set of information that securely identifies a host in a network • Certificate is a text (ASCII-coded) document file • When you talk to a network host, you use a certificate of the host • to confirm the identity of the host you talked to. Certificate/003
Digital Certificate secret key S1 P1 P1 public key public key server your host CS 590/490 Network Security • Expected procedure in the asymmetric public-key • cryptography Certificate/004
Digital Certificate S2 You believe you got the public key of this server S1 P1 P1 P2 P2 You got a wrong public key server your host CS 590/490 Network Security • What can happen to the asymmetric public-key • cryptography Router • IP-Spoofing • M-in-M Certificate/005
Digital Certificate The actual format of a certificate is defined by ITUT X.509 Certificate Format CS 590/490 Network Security What information is in a certificate? • Information about you (or your organization) - Your name (or name of your organization) - Network ID (IP address in the Internet) - Your e-mail address and URL (for your web site) - Geographical location of your organization (or your host) • Your public key • Information about the CA who issued this certificate • Digital signature by the CA who issued this certificate Certificate/006
Merchant’s host (server) Digital Certificate Request for issuing a certificate for this merchant (must pay $$$) CA encrypts this certificate using its PRIVATE key CA creates a certificate for this merchant CA issues (transmits) this certificates to the merchant Certificate Authority Initiate the hybrid encryption with this server The merchant sends its certificate to you P2 P2 P2 P1 P1 Compare S1 S2 Re-Constructed Digital Signature of the CA A client contacts this merchant for business (hash) digest of the server’s certificate A Client’s host (browser) Extracted Digital Signature of the CA Digital Signature of this CA HASH HASH Encrypt Decrypt CS 590/490 Network Security Certificate/007
This is the public-key information for the server! Name of the CA who issued this certificate Which hash and encryption are used for the signature Digital Certificate Declare the beginning of a certificate Unique Certificate Serial # ITU-T X.509 Version 3 certificate format Certificate: Data: Version: 3 (0x2) Serial Number: 7 (0x7) Signature Algorithm: md5WithRSAEncryption Issuer: C=JP, ST=Aichi-Ken, L=Nagoya, O=NIT, OU=TEST depth, CN=ailab second cert/Email=wakayama@elcom.nitech.ac.jp Validity Not Before: Sep 22 05:31:34 1998 GMT Not After : Sep 22 05:31:34 1999 GMT Subject: C=JP, ST=Aichi-Ken, O=nitech.ac.jp, OU=ailab, CN=test7.second/Email=7.second@mars Subject Public Key Info: Public Key Algorithm: rsaEncryption RSA Public Key: (512 bit) Modulus (512 bit): 00:bd:06:2b:bc:35:55:0b:d7:c4:d6:09:a5:b7:5c: 57:2a:0a:e5:7d:8c:2e:ed:8f:df:c3:ca:37:63:bb: ae:b1:ac:94:54:40:da:7b:71:16:ff:e7:68:5e:00: 49:54:43:70:b7:a1:35:0a:e3:53:4d:4c:86:d2:90: e8:18:39:55:2b Exponent: 65537 (0x10001) X509v3 extensions: Netscape CA Revocation URL: .#http://www.cryptsoft.com/ca-crl.pem Netscape Comment: ..This is a comment Netscape Cert Type: ...@ Signature Algorithm: md5WithRSAEncryption e7:04:71:f0:9a:d5:da:5e:50:c5:13:20:97:8c:ff:69:fa:18: 2a:9d:b8:75:22:d7:f4:d5:87:4a:7c:c4:3a:7f:b7:72:0f:a3: f3:f4:82:60:8e:e0:f8:10:36:9f:d9:a8:c3:b2:83:50:3d:dd: 5c:b8:29:b7:79:49:03:13:6d:83 Name of the server this certificate is issued to This is the digital signature signed by this CA (not by this server) Encryption algorithm you need to use when you talk to this server CS 590/490 Network Security Certificate/008
Merchant’s host (server) Digital Certificate Request for issuing a certificate for this merchant (must pay $$$) How can you be sure that this CA is a legitimate CA? CA issues (transmits) this certificates to the merchant Certificate Authority P1 P2 P1 If you are going to get the public-key through the network, how you are sure this key is from the CA? S1 S2 When (or how) did you get the public-key of this CA? Client’s host (browser) CS 590/490 Network Security Certificate/009
Merchant’s host (server) Digital Certificate Request for issuing a certificate for this merchant (must pay $$$) CA’s use certificate to issue certificate to merchant Certificate for this CA Certificate Authority P2 S2 This is the certificate for this merchant CS 590/490 Network Security • Merchants confirm identify of the CA’s using the CA’s certificate • when merchants request the CA’s to issue the merchant’s certificate! Certificate/010
Merchant’s host (server) Digital Certificate S Request for the certificate issued to this CA P P We need the public key for this decryption Certificate for this CA You can (should) not get the public-key from this CA Certificate Authority P2 This CA sends its certificate to this merchant Compare S2 This is the certificate for this merchant Re-Constructed Digital Signature of the CA Extracted Digital Signature of the CA HASH Decrypt CS 590/490 Network Security Certificate/011
Merchant’s host (server) Request for the certificate issued to this CA How can this merchant be sure that P3 is from Y? Another Certificate Authority S3 Certificate for this CA P3 P3 P3 Certificate Authority P1 P2 This CA sends its certificate to this merchant Compare S2 S1 This is the certificate for this merchant Re-Constructed Digital Signature of the CA X Y Extracted Digital Signature of the CA HASH CA X requests Y to issue a certificate for X! Decrypt CS 590/490 Network Security Certificate/012
Merchant’s host (server) The CA who does not have the parent CA Digital Certificate Z Root CA R X Y CS 590/490 Network Security • Your browser must • have the pre-installed • certificate of the root CA (b) If your browser does not have the certificate of the root CA, you must make your own decision of you accept (trust) the certificate of not Certificate/013
This implies that your browser (or your local host) does not have the pre-installed certificate for this site and you have to decide if you trust this site or not CS 590/490 Network Security Certificate/014
Pressing this “OK” means you decided to trust this un-recognized certificate (because your browser does not have any information for it) CS 590/490 Network Security Certificate/015
Digital Certificate a chain of trust Root CA CS 590/490 Network Security Certificate/016
extract the public- key for a merchant (or next lower CA) • If this is the certificate for • a merchant Start hybrid encryption • This is the certificate for • a CA NO decrypt the encrypted signature of this certificate YES a new certificate arrives Decrypt the digital signature of the lower CA using the public-key YES unsuccessful authentication find the CA who issued this new certificate Do I have the public-key of this CA? NO calculate the message digest of this certificate the decrypted signature and digest match? check the valid date of the certificate YES certificate effective? CS 590/490 Network Security NO Certificate/017
Do you trust this certificate? a new certificate arrives Is this a root CA? unsuccessful authentication find the CA who issued this new certificate Do I have the public-key of this CA? Request the certificate (public-key) of this CA accept the public-key in the certificate (to the next slide) CS 590/490 Network Security YES NO NO YES NO Certificate/018
extract the public- key for a merchant (or next lower CA) • If this is the certificate for • a merchant Start hybrid encryption • This is the certificate for • a CA NO The only difference decrypt the encrypted signature of this certificate Decrypt the digital signature of the lower CA using the public-key YES unsuccessful authentication calculate the message digest of this certificate the decrypted signature and digest match? check the valid date of the certificate YES certificate effective? NO CS 590/490 Network Security Certificate/019
For non-root CA’s “issued to” and “issued by” are different “issued to” and “issued by” are all same For root CA’s CS 590/490 Network Security Certificate/020
Digital Certificate PN Pk Pi Your browser should have the certificate for all the major root-CA’s X Y R Z Certificate of X Certificate Authority P1 P1 If you are going to get the public-key through the network, how you are sure this key is from the CA? S1 When (or how) did you get the public-key of this CA? Client’s host (browser) Root CA Merchant’s certificate CS 590/490 Network Security Certificate/021
Digital Certificate Public CA Private CA CS 590/490 Network Security • The CA’s approved by the government - Root CA’s • The certificates of many of the root • CA’s are pre-installed in client browsers Certificate Authority (CA) • CA’s certified by a root CA • The CA’s that do not belong to either of the • two categories in the above Certificate/022
Digital Certificate CA’s in the Internet should be public CA’s edge router gateway router Client hosts within a local network domain internal masquerader Internet Your local network domain Application server CS 590/490 Network Security Certificate/023