crypto and pki

Introducing cryptography and PKI

David Galichet

mercredi 23 novembre 2011

Cryptography challenges

Authentication

• Application authentication

• Single Sign On

• One Time Password

• Remember me

• ...

Integrity

• Data are not corrupted

• Data are not intentionally altered

Privacy

• Protect data transfer

• Protect stored data

Identity

• Authentication (user and server side)

• Signature (document, application packages ...)

• Non repudiation

• Trusted Timestamps

• Anonymity (electronic vote, alternative currency ...)

• ...

Cryptography basis

• Hash functions

• Symmetric ciphering

• Asymmetric ciphering

Hash algorithms

• Generate a constant size fingerprint whatever data in entry

• It’s hard to find the message from the given hash (First Preimage Resistance)

• It’s hard to modify a message without hash being changed (Second Preimage Resistance)

• It’s hard to find two different messages with the same hash (Resistance to Collisions)

• Very fast calculationmercredi 23 novembre 2011

Hash algorithms

• Generate a constant size fingerprint whatever data in entry

• It’s hard to find the message from the given hash (First Preimage Resistance)

• It’s hard to modify a message without hash being changed (Second Preimage Resistance)

• It’s hard to find two different messages with the same hash (Resistance to Collisions)

• Very fast calculation

infeasible

Cryptographic

Hash functionsIntegrity checking :

File hash()415a15b606eff4d4ba97ef64ecd2e598

Fingerprint or checksum

Fast algorithm !

Very low probability of collision !Hard to change file without changing hash !

Hash functions

Password encryption :

passwordhash()

415a15b606eff4d4ba97ef64ecd2e598

Hash functions

Password encryption :

passwordhash()

Hard to calculate password from the hash !

Hash functions

Remember me tokens :

username + expiration date + hash(password)

hash()

Remember me token = hash(...) + username + expiration date

Password hashing leaks

• Brute force

• Dictionary

• Rainbow table

Password hashing leaks

• Brute force

• Dictionary

• Rainbow table

Salted hash functions

Salted hash password :

salt + passwordhash()

hash(salt+password)

secret and / or user dependent

hash(salt+password)

secret and / or user dependent

Prevents from dictionary and rainbow table attacks !

Hash function algorithms

• Message Digest 5

• 128 bits fingerprint size

• Secured Hash Algorithm

• many version (SHA1, SHA256 ...)

• 160 to 512 bits fingerprint size

Hash function algorithms

• Message Digest 5

• 128 bits fingerprint size

• Secured Hash Algorithm

• many version (SHA1, SHA256 ...)

• 160 to 512 bits fingerprint size

@deprecated

Symmetric algorithms

• Shared secret key algorithm

• Same key used to cipher and decipher

• Fast algorithm

Popular symmetric algorithms

• Advanced Encryption Standard

• Blowfish

• Digital Encryption Standard and 3DES

Popular symmetric algorithms

• Advanced Encryption Standard

• Blowfish

• Digital Encryption Standard and 3DES@deprecated

Private message exchange

Shared secret key

Cipheringwith Ks

Shared secret key

Cipheringwith Ks

Decipheringwith Ks

Secret key exchange problem

High number of secret keys to manage !

How to share the secret key ?mercredi 23 novembre 2011

Asymmetric algorithm

• Key pair based algorithm

• Shared public key

• Protected private key

• Key size :1024 to 4096 bits

• Slow algorithm

• Max encryption size = key size

Popular asymmetric algorithm

• Rivest, Shamir and Adelman (signing and encryption)

• Digital Signature Algorithm (signature only)

• Elliptic Curves Cryptography

Asymmetric ciphering analogy

Public key

Private key

Public key

Private key

Public key

Private key

Public key

Private key

Asymmetric ciphering

Cipheringwith Bob Public Key

Decipheringwith Bob Private KeyCiphering

with Bob Public Key

Digital signature

Alice sign withher private keyOnly hash of the

message is signed

dsa(hash(ˮHello.ˮ),PrK.alice

Digital signature

Bob checks signaturewith Alice public key

Unchanged hash means unaltered message

compare hash("hello.")with :

dsa("er2f@!e..", PuK.alice)

Diffie-Hellmankey exchange

algorithm

Public key sharing

Public key management

Public Key Infrastructure !

• Public key certificate

• Certificate management

Public key certificates• Binds public key with Identity

• Can be used to :

• authenticate a user

• cipher data (email, communications ...)

• prove identity (SSL)

• signing a document

• signing a certificate (CA certificate)

• ...

Public key certificate anatomy

(TLS certificate)

Public key certificate anatomy -Issuer

Issuer Distinguished Name

Issuer ≠ Subject :• Not a CA certificate• Not a self signed certificate

Issuer Distinguished Name

Public key certificate anatomy -Subject

Certificate validity

Subject Distinguished Name Certificate validity

Certified URL

Subject Distinguished Name

Public key

Certificate validity

Certified URL

Public key certificate anatomy -Extensions

Not a CA certificate

Revocation List

Certificate usage (TLS)

Revocation List

Certificate usage (TLS)

Issuer CA certificate location

Public key certificate anatomy -Certificate signature

The certificate SHA1 fingerprint is signed with Issuer private key

Certificate fingerprint signature

• Self signed or signed by CA

• Prevents certificate corruption

• CA signing proves identity if the CA is trusted

Certification chain of trust(certification path)

Certificate management

Certificate managementCR is signed withCA private key

Certificate managementManage CRL or OCSPCR is signed with

CA private key

Certificate managementManage CRL or OCSPCR is signed with

CA private key

Certificate managementManage CRL or OCSP

Check Bob certificatewith CA certificate

CR is signed withCA private key

Check Bob certificate validity

Private key storage• Password protected PKCS12 file

• Cryptographic token :

• password protected

• key pair generation (not possible to take the private key out)

• process asymmetric algorithms (RSA, DSA, Diffie-Hellman ...)

Private key storage• Password protected PKCS12 file

• Cryptographic token :

• password protected

• key pair generation (not possible to take the private key out)

• process asymmetric algorithms (RSA, DSA, Diffie-Hellman ...)Two Factors Authentication :

protect with something you know and something you have

Certificate revocation

• Two protocols :

• Certificate Revocation List

• Online Certificate Status Protocol

• CRL provides a full certificates revocation list

• OCSP is request/response protocol

One Time Password

• Token and password (PIN) based authentication system

• Token uses a clock and a secret algorithm to generate a OTP

• OTP server use the same algorithm to validate the OTP

Conclusion

• What’s going on if you loose your ciphering private key (or PKCS12 password) ?

• Are the Registration Authority validation process safe ?

crypto and pki

Technology

asia pki interoperability guidelinev1.0 - rootca.or.kr ·...

cisco ios pki overview understanding and planning a pki ·...

hitachi one-passport pki card application on …...passport...

ca trust-point through clear eou - ciscocrypto pki...

voottoopipia wwill bbe ccontinued… - kaist · ksign kisti...

storing pki credentials - cisco...storing pki credentials...

cse 127: computer security asymmetric crypto, tls, pki...

pki and openssl

microsoft pki and certificate services

grid pki and security training

allseen summit 2015: iot: taking pki where no pki … ·...

instruction manual and spare parts list · 2018. 5. 9. ·...

your ultimate guide to phishing mitigation · •30 years...

basic router configuration...rsakeypair...

order sheet and contract managed pki...

reflection pki services manager user guide -...

dod public key infrastructure (pki) partner pki...

overall cryptography and pki introduction

home lab topology and base configurations...copyright©...

entrust crypto health check and crypto governance consulting