Introduction to Public Key Infrastructure

January 2004 CSG Meeting

Jim Jokl

Cryptography

• Symmetric key cryptography– A pre-shared secret is used to encrypt the data

– Some examples: DES, 3-DES, RC4, etc

• Public key cryptography– A pair of mathematically related keys are generated

• One of the keys, the Public Key, is freely distributed

• The other key, the Private Key, is kept confidential

– Given one keys, it is computationally very hard to compute the other

Public Key Cryptography

– Data encrypted using the public key can only be decrypted by the person with the private key

– Likewise, data encrypted with the private key can be decrypted by anyone having a copy of the public key

• Assuming that the private key is protected and held by an individual, this is the basis for a digital signature

PlainText

EncryptedText

one key

the other key

Digital Signatures and Document Encryption

• Public Key operations are too computationally expensive for large volumes of data

• Typical digital signature process– Compute the hash of the document– Encrypt the hash using the signer’s private key

• Typical document encryption process– Generate a random symmetric cipher key– Encrypt the document using this key– Encrypt the symmetric cipher key using the recipient’s

public key

Digital Certificates

• A Digital Certificate is:– An object used to bind the identity of a person

to their public key– Contains attributes about the person– Contains some information about the identity

binding and infrastructure

– Digitally signed by a Certification Authority (CA)

Certificate Profiles

• A description of the fields in a certificate– Recommended fields to use– Field values– Critical flags– Recommendations for implementers

– Example Profile

Certification Authorities (CA)

• Certification Authorities– Accept certificate requests from users– Validate the user’s identity– Generate and sign the user’s certificate attesting

to the mapping of the identity to the public key– Revoke certificates if needed– Operate under a set of policies and practices

• Levels of Assurance

Certification Authorities and Trust

• You determine if you trust a certificate by validating all of the certificates starting from the user’s cert up to a root that you trust

• 100+ root certificates in my Microsoft store

• The “I” in PKI

Root Certificate

Intermediate Certificate

Intermediate Certificate

User A Cert

User C Cert

User B Cert

User D Cert

User E Cert

PKI Bridge Path Validation

PKI, Privacy, and the Pseudo-anonymous CA

• As stated earlier: “A certificate binds a person’s identity to their public key”

• Typically the “identity” is their name, email address, computing identifier, etc– Poses some interesting privacy concerns in

some applications

• A pseudo-anonymous CA uses an opaque identifier instead of name/id information

Operating System Support for PKI

• Windows 2000/XP– Well integrated out of the box support for PKI– OS-based certificate/key store– APIs for access to crypto providers– Microsoft applications generally support PKI– Many 3rd party applications use OS PKI services– Bridge path validation in XP– Windows 2000 server includes a CA

Operating System Support for PKI

• MacOS– Apple has excellent plans to improve their level of

OS PKI support to match that of Windows– OS-based certificate/key store exists now and is

used by some Apple applications– 3rd party applications should start to use the native

support in the future

• Linux and general Unix– PKI support generally implemented in applications

Trust, Private Key Protection and Non-repudiation

• Digital signatures - based on the idea that only the user has access their private key

• A user’s private key is generally protected by the workstation’s operating system– Typical protection is no better than for any password

that the user lets the operating system store

• Hardware tokens can be used for strong private key protection, mobility, and as a component in a non-repudiation strategy

Two classes of campus PKI applications?

• Existing normal processes– A PKI using a light policy/practices

framework– Better technology and ease of use for existing

services– New applications where passwords would

have been sufficient in the past

Two classes of campus PKI applications?

• Newer High Assurance services– Access control for critical systems– Authentication for high-value services

• HiPAA/FERPA/GLBA

– Digital signatures for business processes

Some Campus CA Options

• In-source– Commercial CA software– Develop your own or use freely available CA

software (typically based on OpenSSL)– KX509

• Outsource to commercial CA – Campus still performs the RA function

Agenda for remainder of session

• Motivations for campus PKI deployments– Focus on applications using end-user certificates

• Introduction to likely campus PKI applications

• National activities– HEBCA, USHER, PKILab, HEPKI, etc

• Examples of campus PKI deployments

• Wrap-up and discussion