ITIS 412: Information Security

Chapter 6: Advanced
Cryptography
Instructor: Dr. Dalal Alarayed
Email: [email protected]
Objectives
 Define digital certificates
 List various types of digital certificates and how they
are used
 Describe components of Public Key Infrastructure
(PKI)
 List tasks associated with key management
 Describe different transport encryption algorithms

2 ITIS 412
Digital Certificates
 Common application of cryptography
 Aspects of using digital certificates:
 Understanding their purpose
 Knowing how they are managed
 Determining which type of digital certificate is appropriate
for different situations

3 ITIS 412
Digital Signature Weaknesses
 Digital signature - Used to prove document originated
from valid sender
 Weakness of using digital signatures:
 Do not confirm true identity of the sender
 Digital signatures only show that private key of the sender
was used to encrypt the digital signature
 Do not definitively prove who the sender was
 Imposter could post a public key under a sender’s name

4 ITIS 412
Imposter Public Key

5 ITIS 412
Digital Certificates
 Solution is use trusted third party:
 Used to address problem of verifying identity
 Verifies owner and that public key belongs to that owner
 Helps prevent man-in-the-middle attack that impersonates
owner of public key
 Digital certificate - Technology used to associate
user’s identity to public key that has been “digitally
signed” by a trusted third party
 Third party verifies owner and that public key belongs
to that owner

6 ITIS 412
Defining Digital Certificates
 When Bob sends a message to Alice, he does not ask
her to retrieve his public key from a central site
 Instead, Bob attaches digital certificate to message
 When Alice receives message with digital certificate,
she can check the signature of trusted third party on
certificate
 If signature was signed by a party that she trusts, then
Alice can safely assume that the public key contained
in the digital certificate is actually from Bob

7 ITIS 412
Digital Certificate Content
 Information contained in digital certificate:
 Owner’s name or alias
 Owner’s public key
 Issuer’s name
 Issuer’s digital signature
 Digital certificate’s serial number
 Expiration date of public key

8 ITIS 412
Managing Digital Certificates
 Technologies used for managing digital certificates:
 Certificate Authority (CA)
 Registration Authority (RA)
 Certificate Repository (CR)
 Means to revoke certificate

9 ITIS 412
Certificate Authority
 Certificate Authority (CA) - Trusted third-party
agency responsible for issuing digital certificates
 CA can be:
 External to organization, such as a commercial CA that
charges for the service
 Internal to organization that provides this service to
employees

10 ITIS 412
Duties of CA
 Duties of CA:
 Generate, issue, an distribute public key certificates
 Distribute CA certificates
 Generate and publish certificate status information
 Provide a means for subscribers to request revocation
 Revoke public-key certificates
 Maintain security, availability, and continuity of
certificate issuance signing functions

11 ITIS 412
Requesting Digital Certificate
 Steps for requesting digital certificate:
1. Generate public and private keys
2. Generate Certificate Signing Request (CSR) -
Specially formatted encrypted message that validates
information CA requires
3. CA receives and verifies the CSR
4. Inserts the public key into certificate
5. Certificates digitally signed with private key of the
issuing CA
 Web browsers are preconfigured with a default list of
CAs
12 ITIS 412
Certificate Signing Request Content

13 ITIS 412
 Web Browser
Default CAs

14 ITIS 412
Registration Authority
 Registration Authority - Subordinate entity
designed to handle specific CA tasks (processing
certificate requests, authenticating users)
 Using RAs (also called Local Registration Authorities
or LRAs) can “off-load” registration functions and
create an improved workflow

15 ITIS 412
RA Duties
 General duties of RA:
 Receive, authenticate, and process certificate revocation
requests
 Identify and authenticate subscribers
 Obtain a public key from the subscriber
 Verify that subscriber possesses asymmetric private key
corresponding to public key submitted for certification

16 ITIS 412
RA Duties
 Primary function of RA is verify identity individual
 Different means for a digital certificate requestor to
identify themselves to RA:
 E-mail - Insufficient for activities that must be very
secure
 Documents - Birth certificate, employee badge
 In person - Providing government-issued passport or
driver’s license

17 ITIS 412
Certificate Repository
 Certificate Repository - Publicly accessible
centralized directory of digital certificates
 Used to view certificate status
 Can be managed locally as a storage area connected to
the CA server

18 ITIS 412
Certificate Revocation
 Digital certificates normally have an expiration date
(one year from date issued)
 Circumstances that may be cause for certificate to be
revoked before expires:
 Certificate no longer used
 Details of certificate changed
 Someone steal a user’s private key (impersonate victim
through using digital certificates)
 Digital certificates stolen from CA

19 ITIS 412
Certificate Revocation List (CRL)
 Current status of certificate can be checked to determine if
has been revoked
 Certificate Revocation List (CRL) - Serves as list of
certificate serial numbers that have been revoked
 Many CAs maintain an online CRL that can be queried by
entering the certificate’s serial number
 Local computer receives updates on the status of
certificates and maintains a local CRL

20 ITIS 412
Certificate Revocation List (CRL)

21 ITIS 412
Online Certificate Status Protocol (OCSP)
 Online Certificate Status Protocol (OCSP) -
Performs real-time lookup of a certificate’s status
 OCSP is called “request-response protocol”
 Browser sends certificate's information to a trusted
entity like the CA, known as an OCSP Responder
 OCSP Responder then provides immediate revocation
information on that one specific certificate

22 ITIS 412
OCSP Stapling
 OCSP stapling - Variation of OCSP
 OCSP requires OCSP Responder provide responses to
every web client of certificate in real time; generates
high volume of traffic
 OCSP stapling - Web servers send queries to
Responder OCSP server at regular intervals to receive
a signed time-stamped OCSP response
 When Web browser attempts to connect to web server
the server can include (staple) in handshake
previously received OCSP response

23 ITIS 412
OCSP Stapling

24 ITIS 412
Personal Digital Certificates
 Personal digital certificates (Class 1) - Issued by RA
directly to individuals
 Frequently used to secure email transmissions
 Typically require only user’s name and email address
in order to receive this certificate
 Can also be used to authenticate the authors of
documents
 User can create Microsoft Word or Adobe Portable
Document Format (PDF) document and then use
digital certificate to create digital signature

25 ITIS 412
Server Digital Certificates
 Server digital certificates (Class 2) - Often issued
from web server to client (but can be distributed by
any type of server, such as email server)
 Server digital certificates perform two functions:
 Can ensure the authenticity of the web server
 Can ensure the authenticity of the cryptographic
connection to the web server

26 ITIS 412
Cryptographic Handshake: Steps 1-2
 Web servers set up secure cryptographic “handshake”
connections so that all transmitted data is encrypted
by providing server’s public key with digital
certificate to client
1. Browser sends message ("ClientHello") to server that
contains information, including list of cryptographic
algorithms that client supports
2. Web server responds ("ServerHello") by indicating
which cryptographic algorithm will be used, and then
sends the server digital certificate to browser

27 ITIS 412
Cryptographic Handshake: Steps 3-4
3. Browser verifies server certificate (not expired) and
extracts server’s public key; browser generates
random value (pre-master secret), encrypts it with
server’s public key and sends back to server
("ClientKeyExchange").
4. Server decrypts message and obtains browser’s pre-
master secret; both browser and server can each
create the same master secret that used to create
session keys (symmetric keys to encrypt/decrypt
information exchanged during session and to verify
integrity)
28 ITIS 412
Server Digital Certificate Handshake

29 ITIS 412
Padlock
 Most server digital certificates combine both server
authentication and secure communication between
clients and servers on web (functions can be separate)
 Server digital certificate that both verifies existence
and identity of the organization and securely encrypts
communications displays a padlock icon in the web
browser
 Clicking padlock icon displays information about
digital certificate along with the name of the site

30 ITIS 412
 Padlock
Icon And
Certificate
Information

31 ITIS 412
Extended Validation SSL Certificate (EV SSL)
 Extended Validation SSL Certificate (EV SSL) -
Enhanced type of server digital certificate that requires
more extensive verification of legitimacy of the
business
 CA must pass an independent audit verifying that it
follows the EV standards.
 Existence and identity of the website owner, including
its legal existence, physical address, and operational
presence, must be verified by the CA.
 CA must verify that the website is registered holder and
has exclusive control of domain name
32 ITIS 412
EV SSL
 The authorization of the individual(s) applying for the
certificate must be verified by CA, and a valid
signature from an officer of the company must
accompany the application.
 Web browsers can visually indicate connected to
website that uses EV SSL by displaying address bar
shaded in green along with site’s name (address bar
displays red if site known to be dangerous)

33 ITIS 412
Software Publisher Digital Certificates
 Software publisher digital certificates (Class 3) -
Provided by software publishers
 Purpose to verify that their programs are secure and
have not been tampered with
 Remaining two classes of digital certificates are
specialized:
 Class 4 is for online business transactions between
companies
 Class 5 is for private organizations or governmental
security

34 ITIS 412
Public Key Infrastructure (PKI)
 Public key infrastructure (PKI) - Underlying
infrastructure for management of public keys used in
digital certificates
 PKI is framework for all of entities (hardware, software,
people, policies and procedures) involved in digital
certificates for digital certificate management to
 Create
 Store
 Distribute
 Revoke
 PKI is digital certificate management
35 ITIS 412
Public Key Infrastructure Standards (PKCS)
 Public key cryptography standards (PKCS) -
Numbered set of PKI standards that been defined by
RSA Corporation
 Although informal standards, today widely accepted
in industry
 Standards are based on the RSA public key algorithm
 PKCS is composed of 15 standards

36 ITIS 412
 Microsoft
Windows PKCS
Support

37 ITIS 412
Trust Models
 Trust - Confidence in or reliance on another person or
entity
 Trust model - Refers to type of trusting relationship
that can exist between individuals and entities
 Direct trust - One person knows the other person
 Third-party trust - Two individuals trust each other
because each trusts a third party
 Three PKI trust models use a CA

38 ITIS 412
Hierarchical Trust Models
 Hierarchical trust model - Assigns single hierarchy
with one master CA called the root
 Root signs all digital certificate authorities with single
key
 Can be used in organization where one CA is
responsible for only that organization’s digital
certificates
 Hierarchical trust model has limitations: Single CA
private key may be compromised rendering all
certificates worthless

39 ITIS 412
Hierarchical Trust Model

40 ITIS 412
Distributed Trust Models
 Distributed trust model - Multiple CAs sign digital
certificates
 Eliminates limitations of hierarchical trust model
 Basis for most end-user digital certificates used on the
Internet:
 Trusted root certification authorities
 Intermediate certification authorities
 Allows “chain” to be established: web browser trusts
the intermediate CA because the certificate was issued
through a higher-level trusted root CA that it trusts

41 ITIS 412
Distributed Trust Model

42 ITIS 412
Bridge Trust Models
 Bridge trust model - One CA acts as facilitator to
connect all other CAs
 Facilitator CA does not issue digital certificates
 Acts as hub between hierarchical and distributed trust
model
 Allows the different models to be linked

43 ITIS 412
 Bridge
Trust Model

44 ITIS 412
Managing PKI
 Certificate Policy (CP) - Published set of rules that
govern operation of a PKI
 Provides recommended baseline security requirements
for use and operation of CA, RA, and other PKI
components
 Certificate Practice Statement (CPS) - Describes in
detail how the CA uses and manages certificates

45 ITIS 412
Certificate Life Cycle
 Certificate life cycle divided into four parts:
 Creation - Occurs after user is positively identified
 Suspension - May occur when employee on leave of
absence
 Revocation - Certificate no longer valid
 Expiration - Key can no longer be used

46 ITIS 412
Key Management
 Because keys form the foundation of PKI systems, it
is important that they be carefully managed
 Proper key management:
 Key storage
 Key usage
 Key handling procedures

47 ITIS 412
Key Storage
 Means of public key storage - Embedding within
digital certificates
 Means of private key storage - Stored on user’s local
system
 Software-based storage may expose keys to attackers
 Alternative is storing keys in hardware:
 Tokens
 Smart-cards

48 ITIS 412
Key Usage
 Multiple pairs of dual keys created if more security
needed than single set of public/private keys
 One pair used to encrypt information (private key
backed up in another location)
 Second pair used only for digital signatures (private
key in that pair never backed up)

49 ITIS 412
Key Handling Procedures
 Key escrow - Process in which keys are managed by a
third party (like trusted CA)
 Private key is split and each half is encrypted
 Two halves sent to third party, which stores each half
in separate location
 User can retrieve and combine two halves and use this
new copy of private key for decryption

50 ITIS 412
Key Expiration
 Expiration:
 Keys expire after a set period of time
 Prevents attacker who may have stolen a private key
from being able to decrypt messages for an indefinite
period of time
 Some systems set keys to expire after set period of time
by default

51 ITIS 412
More Key Handling Procedures
 Renewal - Existing key can be renewed
 Revocation:
 Key may be revoked prior to its expiration date
 Revoked keys may not be reinstated
 Recovery:
 Need to recover keys of an employee hospitalized for
extended period
 Key recovery agent may be designated
 Group of people may be used (M-of-N control)

52 ITIS 412
M-of-N Control

53 ITIS 412
Suspension and Destruction
 Suspension - Suspended for a set period of time and
then reinstated
 Destruction - Removes all public and private keys and
user’s identification from the CA

54 ITIS 412
Cryptographic Transport Protocols
 In addition to protecting data in-use and data at-rest,
cryptography often used to protect data in-transit
across network
 Most common cryptographic transport algorithms:
 Secure Sockets Layer (SSL)
 Transport Layer Security (TLS)
 Secure Shell (SSH)
 Hypertext Transport Protocol Secure (HTTPS)
 IP security (IPsec)

55 ITIS 412
Secure Sockets Layer (SSL)
 Secure Sockets Layer (SSL) – One of most common
transport encryption algorithm
 Developed by Netscape
 Uses a public key to encrypt data transferred over the
SSL connection
 Today SSL version 3.0 is version most web servers
support

56 ITIS 412
Transport Layer Security (TLS)
 Transport Layer Security (TLS) - Another
cryptographic transport algorithm
 Although SSL and TLS are often used
interchangeably or in conjunction with each other
(TLS/SSL), this is incorrect:
 SSL v3.0 served as the basis for TLS v1.0 (and is
sometimes erroneously called SSL 3.1)
 Versions of TLS (v1.1 and v1.2) are significantly more
secure and address several vulnerabilities present in SSL
v3.0 and TLS v1.0
 Older and less secure versions still supported
57 ITIS 412
Website Support of SSL and TLS

58 ITIS 412
Cipher Suite
 Depending on different algorithms that are selected,
the overall security of the transmission may be either
strong or weak
 Cipher suite - Named combination of encryption,
authentication, and message authentication code
(MAC) algorithms used with SSL and TLS
 These negotiated between web browser and web
server during the initial connection handshake

59 ITIS 412
Secure Shell (SSH)
 Secure Shell (SSH) - Encrypted alternative to Telnet
protocol used to access remote computers
 Linux/UNIX-based command interface and protocol
 Suite of three utilities: slogin, ssh, and scp
 Client and server ends of connection are authenticated
using a digital certificate
 Passwords are encrypted
 Can be used as a tool for secure network backups

60 ITIS 412
Hypertext Transport Protocol over Secure
Sockets Layer (HTTPS)
 Secure Web Hypertext Transport Protocol
(HTTPS) - Common use of SSL and TLS to secure
Web Hypertext Transport Protocol (HTTP)
communications between browser and web server
 Users must enter URLs with https:// or can be
automatically invoked
 Uses port 443 instead of HTTP’s port 80
 Secure Hypertext Transport Protocol (SHTTP) –
Considered obsolete

61 ITIS 412
IPsec
 Internet Protocol Security (IPsec) – Protocol suite
for secure Internet Protocol (IP) communications
 Encrypts and authenticates each IP packet of a session
between hosts or networks
 Can provide protection to a much wider range of
applications than SSL or TLS

62 ITIS 412
IPsec Security
 IPsec considered to be transparent security protocol
to:
 Applications - Programs do not have to be modified to
run under IPsec
 Users - Unlike some security tools, users do not need to
be trained on specific security procedures (such as
encrypting with PGP)
 Software - Because IPsec is implemented in a device
such as a firewall or router, no software changes must
be made on the local client

63 ITIS 412
Encryption Modes
 Located in operating system or communication
hardware
 Provides authentication, confidentiality, and key
management
 Supports two encryption modes:
 Transport mode - Encrypts only the data portion
(payload) of each packet yet leaves the header
unencrypted
 Tunnel mode - Encrypts both the header and the data
portion.

64 ITIS 412
IPsec Headers
 IPsec accomplishes transport and tunnel modes by
adding new headers to the IP packet
 Entire original packet (header and payload) then
treated as the data portion of the new packet
 Because tunnel mode protects the entire packet, it
generally used in a network-to-network
communication
 Transport mode is used when a device must see the
source and destination addresses to route the packet

65 ITIS 412
New IPsec Packet Using Tunnel Mode

66 ITIS 412