Upload
buinga
View
213
Download
0
Embed Size (px)
Citation preview
Public Key InfrastructuresPublic Key Infrastructures
Chapter 5Trust ModelsTrust Models
Cryptography and ComputeralgebraProf Dr Johannes BuchmannProf. Dr. Johannes BuchmannDr. Alexander Wiesmaier
We have seen certificates.We have seen certificates.
Wh d t ust in public k s?Why do we trust in public keys?
2
Example
33
Example
Authenticated by digital by digital signature
4
Click on icon
5
Click on view
6
In the browser
The browser is shipped with trusted authorities
7
The browser is shipped with trusted authorities
Built-in object token
8
Direct trust
A user obtains the public key directly from the owner or has the fingerprint of the the owner or has the fingerprint of the public key verified directly by the owner.
9
Fingerprint
It is the hash value of the certificateIt is the hash value of the certificate
Ex mpl :Example:
Calculate hash value (e.g. SHA1)
10
Fingerprint calculation
11
Fingerprint
The key owner transmits/publishes the The key owner transmits/publishes the fingerprint
by phoneb web page
newspaper or public documentp p pCD-ROM
12
Phone verification
1313
Web page verification
1414
Federal Gazette
BNetzA
bl h hpublishes the
public keyp y
(still RegTP in 2005) )
15
CD-ROM verification
# gpg list p blic ke s~# gpg --list-public-keys/root/.gnupg/pubring.gpg------------------------pub 2048R/3D25D3D9 1999-03-06 SuSE Security Teampub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <[email protected]>pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key <build@suse de><[email protected]>sub 2048g/8495160C 2000-10-19 [expires: 2006-02-12]
16
Examples of direct trust
17
Certificate Installation Step 0
18
Certificate Installation Step 1
19
Certificate Installation Step 2
20
Certificate Installation Step 3
2121
Software Signing Step 1
Original CD-ROMEvery customer obtains original-CDs that contain the public keyEvery customer obtains original-CDs that contain the public key.The medium offers protection against manipulation. Key compromise as well as CD forgery can become knowny p g ythrough the media.
Trust in key = Trust in original-CDs
~# gpg --list-public-keys/root/.gnupg/pubring.gpg------------------------pub 2048R/3D25D3D9 1999-03-06 SuSE Security Team <[email protected]>pub 1024D/9C800ACA 2000-10-19 SuSE Package Signing Key b ild@ d
22
<[email protected]>sub 2048g/8495160C 2000-10-19 [expires: 2006-02-12]
Software Signing Step 2d PSigned RPMs
RedHat Package ManagerSoftware installation in Linux Software installation in Linux Source: miscellaneous URLs Is a URL trusted?(e.g. is ftp://ftp.suse.com/.../openssl-0.9.6g-30.i586.rpmone malicious version of OpenSSL?)Solution: The Linux-Distributor signs the RPM-PacketSolution: The Linux-Distributor signs the RPM-Packetwith GPG (GNU Privacy Guard)Public Key inside the original-CD for verification
~# rpm --checksig ./openssl-0.9.6g-30.i586.rpmopenssl-0.9.6g-30.i586.rpm: md5 gpg in Ordnung~#
23
SSH Step 1
SSH: Secure ShellCryptographically secured alternative for telnet and ftpCryptographically secured alternative for telnet and ftp.User authentication based on password or public key.Computer authentication based always on public key.
Public key based user authentication:Public key based user authentication:
The user creates a key pair on the client side.Th d it th bli k th The user deposits the public key on the server.The user must remove compromised keys from the host.
24
SSH Step 2
Public Key based computer authentication:Protection against DNS- or IP-Spoofing.g p f gThe public key of the server is transmitted during the firstlogin.gThe user must verify the fingerprint by asking the server’s administrator.Warning in case of public key alteration.
~> ssh cdcnt56The authenticity of host 'cdcnt56 (130.83.23.156)' can't be established.RSA key fingerprint is 97:cd:d9:cc:f7:c1:4c:1b:13:dd:96:4a:90:2d:88:ca.Are you sure you want to continue connecting (yes/no)? yes19752 W i P tl dd d ' d t56 130 83 23 156'
25
19752: Warning: Permanently added 'cdcnt56,130.83.23.156' (RSA) to the list of known hosts.
Direct trust: summary
It i th b i f ll th t t d lIt is the basis for all other trust modelsOne knows
Whi h k th ti dWhich keys are authentic andWhy they are considered authentic
B d l b lBad scalability:in pairs, authentic key exchange of all keys
i ( b if i th fi i t)requires (e.g. by verifying the fingerprint)n * (n-1) = O(n2) verifications.
26