Slides for Grid Computing: Techniques and Applications by Barry Wilkinson, Chapman & Hall/CRC press, © 2009. 4-2.1 Chapter 4, pp. 128-144. For educational use only. All rights reserved. Aug 28, 2009 Public Key Infrastructure (PKI) A structure that binds users to their public keys Lead to a powerful structure for all the major issues of a secure connection: Data confidentiality Data integrity Authentication, and indeed Authorization. 4-2.2 Data Confidentiality - information exchange protected against eavesdroppers. Data Integrity - assurance that message was not modified in transit (intentionally or by accident). 4-2.3 Attach a binary pattern with message computed from message, which changes if message has been altered. Then when message received, can check whether binary pattern same by re-computing it from received message. 4-2.4 Computing small binary patterns from larger binary patterns used: To check integrity of files. Cyclic redundancy check (CRC) words attached to files to use to detect errors in storage or after transmission. To select a location in a table where there are less entries than there are different binary selection patterns – “hash” 4-2.5 Two primary purposes: Making it not possible to find original message from hash value of message, and Making it highly unlikely one can find two message that have same hash value. Has to be very carefully designed. Hash value relatively large for security considerations, typically at least 128 bits. Cryptographic hash functions include: MD5 (Message-Digest algorithm 5) introduced by Rivest in 1991, and SHA (Secure Hash Algorithm) introduced by National Security Agency (SHA-1, SGA-2) Both have potential security flaws! A way of achieving authentication and data integrity. Uses a cryptographic hash function to create a message digest, a “footprint” of the message Message digest encrypted with sender’s private key to create a digital signature. Digital signature attached to message. 4-2.8 Attach digital signature to message (data) Fig 4.5 4-2.9 Fig 4-6 4-2.10 Data confidentiality Message not shown encrypted. All we are attempting to establish is authentication and data integrity, and not data confidentiality. Often sufficient in a Grid environment If data confidentiality desired, data itself encrypted in usual fashion with receiver’s public key to ensure that only receiver can decrypt it with receiver’s private key. Digital signature alone not sufficient to ensure data is from the sender. Possible that public key is a fake. Still could get matching digital signatures. 4-2.12 A digital document belonging to the “EndEntity” giving: Their name, their public key, and other information. Certificate comparable to a Driver’s license or passport. 4-2.13 Fig4-7 4-2.14 A trusted third party certifies that public key does in fact belong to the end-entity named on certificate. Certificate signed by CA using their private key (which can be verified using their public key) Certificate Authority comparable to a DMV for Driver’s licenses or passport agency (US Dept of State) for passports. 4-2.15 Certificate Authority has to have it’s own certificate to identify itself (keeping its private key protected). In event of a single “root” certificate authority (that is, without a certificate authority hierarchy), certificate authority signs its own certificate, i.e. creates a self-signed certificate. 4-2.16 CA needs it own certificate identify itself First it generates key pair. It protect its private key. (This is vitally important!) It then creates a certificate and signs Certificate it with its private key: CA’s name CA’s public key CA’s digital signature 4-2.17 X.509 most widely used. Defined by International Telecommunications Union (ITU) Version 1 defined in 1988 Version 2 , Version 3 (1996) adds fields, see next slide. 4-2.18 Fig4-8 4-2.19 Subject’s identity Need to a policy to establish subject’s identity (name) Must to constructed for uniqueness – could be two Barry Wilkinson’s (There are.) Should be unambiguous. 4-2.20 Entry identified by a distinguished name (DN) Hierarchical with concatenation of attributes Forms a tree creating a path to entity 4-2.21 Entries organized in a tree hierarchy, which could reflect organizational structure: Organization: O=Grid Organization: O=UNCC Organizational unit: OU= Dept of Computer Science Common name: CN=Barry Wilkinson Example in grid course /O=Grid/OU=UNCC/OU=Dept of Computer Science/CN=Barry Wilkinson 4-2.22 Sample user certificate Fig4-9 Actions to send a message between sender and receiver who both trust CA Fig 4.10 4-2.25 If you trust the Certificate Authority and you are confident that the key that you have is really the public key of the Certificate Authority then you can decrypt sender’s certificate with confidence to obtain sender’s public key. 4-2.26 • • • Generally Public Key and Secret Key Cryptography used together. Public key Cryptography with Certificates and a Certificate Authority (CA) used to establish secure authenticated connection between parties. Then: – Secret key passed between parties. – Secret key cryptography used to encrypt/decrypt data, which is much faster than public key cryptography. 4-2.27 Several network protocols and programs have embedded public key and secret key cryptographic algorithms. SSL (Secure Socket Layer) Protocol, which can be added on top of other protocols (e.g. HTTPS, FTPS). SSH (Secure shell) clients. SFTP (Secure File transfer protocol) –relies on underlying secure connection. Used with SSH. 4-2.28 • Others include: S/MIME (Secure Multipurpose Internet Mail Extensions) -- for secure email, developed by RSA Data Security Inc, see: http://www.rsa.com/smime • SET (Secure Electronic Transaction) -- for secure e-commerce, developed jointly by Visa, Mastercard, IBM, and other companies, for secure credit card transactions over the Internet, see: http://www.setco.org 4-2.29 Commercial Certificate Authorities exist, such as: VeriSign Inc. Entrust Technologies Inc., Web browsers have built-in recognition such trusted CAs, allowing SSL and other secure connections. 4-2.30 Sample trusted certificate authority list in Internet Explorer Path: tools internet options content certificates Fig 4-11 Fig 4.12 4-2.32 Used to store: Issued certificates Revoked certificates (CRLs - Certificate Revocation List) Might be accessed through LDAP (Lightweight Directory Access Protocol) 4-2.33 Acts for CA for some management functions. Not strictly necessary as CA could do all functions. 4-2.34 Fig 4-13 4-2.35 Fig 4-14 4-2.36 Fig. 4-15 4-2.37 Fig. 4-16 4-2.38 Fig. 4.17 4-2.39 Fig. 4.18 4-2.40 4-2.41 “Cryptography and Network Security 3rd edition,” by William Stalling. 4-2.42 4-2.43 In security, what is meant by the term authentication? (a) The process of deciding whether a particular identity can access a particular resource (b) The process of giving authority to another identity (c) The process of deciding whether a particular identity is who he says he is (d) None of the other answers SAQ 4.1 4-2.44 In security, what is meant by the term nonrepudiation? (a) Means that one cannot recognize errors in a message (b) Means that one can deny that they sent or received a message (c) Means that one can deny they provided the data for service (d) Means that one cannot deny that they sent a message (e) None of the other answers SAQ 4.2 4-2.45 Which of the following is an advantage of secret key cryptography? (Select all that apply.) (a) Parties do not need to establish previously a secure channel to exchange keys (b) It is faster than public key cryptography (c) It allows for non-repudiation (d) It allows for the creation of a digital signature SAQ 4.3 4-2.46 What statements are true about digital signatures? (Select all that apply.) (a) Each user has an unchanging digital signature (b) Each message has the same digital signature (c) Ideally, each message has a different digital signature (d) Digital signatures cannot be decoded except by the intended recipient (e) Only the sender of the message can create the digital signature for the message SAQ 4.8 4-2.47 In public key cryptography, which key does one use to create a digital signature? (a) The sender’s private key (b) The destination’s pubic key (c) The destination’s private key (d) The sender’s public key SAQ 4.12 4-2.48 In public key cryptography using single encryption, which key or keys could one use to encrypt information to be sent a destination such that the destination could decrypt the message? There may be more than one key. Select all suitable keys. (a) The destination’s private key (b) The destination’s public key (c) The sender’s public key (d) The sender’s private key SAQ 4.13 4-2.49