Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl Cryptography • Symmetric key cryptography – A pre-shared secret is used to encrypt the data – Some examples: DES, 3-DES, RC4, etc • Public key cryptography – A pair of mathematically related keys are generated • One of the keys, the Public Key, is freely distributed • The other key, the Private Key, is kept confidential – Given one keys, it is computationally very hard to compute the other Public Key Cryptography one key Plain Text the other key Encrypted Text – Data encrypted using the public key can only be decrypted by the person with the private key – Likewise, data encrypted with the private key can be decrypted by anyone having a copy of the public key • Assuming that the private key is protected and held by an individual, this is the basis for a digital signature Digital Signatures and Document Encryption • Public Key operations are too computationally expensive for large volumes of data • Typical digital signature process – Compute the hash of the document – Encrypt the hash using the signer’s private key • Typical document encryption process – Generate a random symmetric cipher key – Encrypt the document using this key – Encrypt the symmetric cipher key using the recipient’s public key Digital Certificates • A Digital Certificate is: – An object used to bind the identity of a person to their public key – Contains attributes about the person – Contains some information about the identity binding and infrastructure – Digitally signed by a Certification Authority (CA) Certificate Profiles • A description of the fields in a certificate – – – – Recommended fields to use Field values Critical flags Recommendations for implementers – Example Profile Certification Authorities (CA) • Certification Authorities – Accept certificate requests from users – Validate the user’s identity – Generate and sign the user’s certificate attesting to the mapping of the identity to the public key – Revoke certificates if needed – Operate under a set of policies and practices • Levels of Assurance Certification Authorities and Trust • You determine if you trust a certificate by validating all of the certificates starting from the user’s Intermediate Intermediate cert up to a root that you Certificate Certificate trust User A User B • 100+ root certificates in Cert Cert my Microsoft store User D User E • The “I” in PKI User C Root Certificate Cert Cert Cert PKI Bridge Path Validation PKI, Privacy, and the Pseudoanonymous CA • As stated earlier: “A certificate binds a person’s identity to their public key” • Typically the “identity” is their name, email address, computing identifier, etc – Poses some interesting privacy concerns in some applications • A pseudo-anonymous CA uses an opaque identifier instead of name/id information Operating System Support for PKI • Windows 2000/XP – – – – – – – Well integrated out of the box support for PKI OS-based certificate/key store APIs for access to crypto providers Microsoft applications generally support PKI Many 3rd party applications use OS PKI services Bridge path validation in XP Windows 2000 server includes a CA Operating System Support for PKI • MacOS – Apple has excellent plans to improve their level of OS PKI support to match that of Windows – OS-based certificate/key store exists now and is used by some Apple applications – 3rd party applications should start to use the native support in the future • Linux and general Unix – PKI support generally implemented in applications Trust, Private Key Protection and Non-repudiation • Digital signatures - based on the idea that only the user has access their private key • A user’s private key is generally protected by the workstation’s operating system – Typical protection is no better than for any password that the user lets the operating system store • Hardware tokens can be used for strong private key protection, mobility, and as a component in a non-repudiation strategy Two classes of campus PKI applications? • Existing normal processes – A PKI using a light policy/practices framework – Better technology and ease of use for existing services – New applications where passwords would have been sufficient in the past Two classes of campus PKI applications? • Newer High Assurance services – Access control for critical systems – Authentication for high-value services • HiPAA/FERPA/GLBA – Digital signatures for business processes Some Campus CA Options • In-source – Commercial CA software – Develop your own or use freely available CA software (typically based on OpenSSL) – KX509 • Outsource to commercial CA – Campus still performs the RA function Agenda for remainder of session • Motivations for campus PKI deployments – Focus on applications using end-user certificates • Introduction to likely campus PKI applications • National activities – HEBCA, USHER, PKILab, HEPKI, etc • Examples of campus PKI deployments • Wrap-up and discussion