Public Key Infrastructure – Deep Dive PKI session SHOWING you how to embrace PKI Steve Lamb stephlam@microsoft.com http://blogs.technet.com/steve_lamb IT Pro Security Evangelist Microsoft Ltd Agenda What can PKI enable Let’s review the theory Introducing our Demonstration Environment Secure Web Publishing Secure Email Secure Files Recommendations What can PKI enable? Secure Email – sign and/or encrypt messages Secure browsing – SSL – authentication and encryption Secure code – authenticode Secure wireless – PEAP & EAP-TLS Secure documents – Rights Management Secure networks – segmentation via IPsec Secure files – Encrypted File System(EFS) Let’s review the theory… Security Defense in Depth Perimeter Defenses Network Defenses Host Defenses Application Defenses Data and Resources Symmetric Key Cryptography Plain-text input “The quick brown fox jumps over the lazy dog” Cipher-text Plain-text output “AxCv;5bmEseTfid3) fGsmWe#4^,sdgfMwi r3:dkJeTsY8R\s@!q3 %” “The quick brown fox jumps over the lazy dog” Encryption Decryption Same key (shared secret) Public Key Encryption Clear-text Input “The quick brown fox jumps over the lazy dog” Cipher-text Clear-text Output “Py75c%bn&*)9|fDe^ bDFaq#xzjFr@g5=&n mdFg$5knvMd’rkveg Ms” “The quick brown fox jumps over the lazy dog” Encryption public Recipient’s public key Decryption Different keys private Recipient’s private key Hybrid Encryption (Real World) Launch key for nuclear missile “RedHeat” is... Symmetric encryption (e.g. DES) User’s public key (in certificate) RandomlyGenerated symmetric “session” key RNG *#$fjda^j u539!3t t389E *&\@ 5e%32\^kd Symmetric key encrypted asymmetrically (e.g., RSA) Digital Envelope As above, repeated for other recipients or recovery agents Digital Envelope Other recipient’s or agent’s public key (in certificate) in recovery policy Introducing our demonstration environment Network Infrastructure Certification Authority Installed on the DC for simplicity In production use a multi-level hierarchy Enterprise Installation – integrated with AD Secure Web Publishing A Traditional Firewall’s View of a Packet Only packet headers are inspected Application layer content appears as “black box” IP Header TCP Header Source Address, Dest. Address, TTL, Checksum Sequence Number Source Port, Destination Port, Checksum Application Layer Content ?????????????????????? ?????????????????????? Forwarding decisions based on port numbers Legitimate traffic and application layer attacks use identical ports Internet Expected HTTP Traffic Unexpected HTTP Traffic Attacks Non-HTTP Traffic Corporate Network ISA Server’s View of a Packet Packet headers and application content are inspected IP Header Source Address, Dest. Address, TTL, Checksum TCP Header Sequence Number Source Port, Destination Port, Checksum Application Layer Content <html><head><meta httpquiv="content-type" content="text/html; charset=UTF8"><title>MSNBC - MSNBC Front Page</title><link rel="stylesheet" Forwarding decisions based on content Only legitimate and allowed traffic is processed Internet Expected HTTP Traffic Unexpected HTTP Traffic Attacks Non-HTTP Traffic Corporate Network Configure IIS for HTTPS Populate site Enrol for web server certificate Configure SSL Configure ISA for SSL Copy web server cert to ISA Publish the web server Use the Wizard! Create an SSL listener Secure Email How Exchange RPC Works 1 The RPC server maintains a table of Universally RPC Server (Exchange) Unique Identifiers (UUID) and assigned port 2 The client connects to TCP port 135 on the server to query for the port associated with a UUID 3 The server responds with the associated port 4 The client reconnects to server on the designated port to access Exchange Server RPC Client (Outlook) Internet Service UUID Port Exchange Info Store {0E4A0156-DD5D-11D2-8C2F00CD4FB6BCDE} 4402 Active Directory {E35114235-4B06-11D1-AB0400C04C2DCD2} 3544 Performance Monitor {A00C021C-2BE2-11D2-B6780000F87A8F8E} 9233 RPC and Traditional Firewalls RPC Server (Exchange) Open port 135 for incoming traffic Open every port that RPC might use for incoming traffic Internet RPC Client (Outlook) Traditional firewalls can’t provide secure RPC access RPC and ISA Server RPC Server (Exchange) Initial connection Only allows valid RPC traffic Blocks non-Exchange queries Secondary connection Only allows connection to port used by Exchange Internet Enforces encryption RPC Client (Outlook) ISA Server enables secure remote e-mail access using Outlook Configure Secure Email Request a “user” cert Configure Outlook to use the cert Send Signed / Encrypted message Secure Files Protecting files (“Stop thief!”) BIOS passwords Not universally supported Pretty much no recovery if you forget! SysKey mode 3 Useful mostly for protecting local accounts Use system restore disk if you forget Good passwords Mitigate “pass-the-hash” attacks Encrypting file system (EFS) Transparent to applications and users Computationally infeasible to break (domain accts or SysKey 3) Must implement recovery agents; better with domain and PKI EFS operation encrypt FEK EFS certificate request with EFS with public EFS key key encrypt FEK with default recovery agent generate public and private EFS keys fileto public generate key bound key cert; encryption store cert and private key in profile Assumptions: domain accounts, enterprise CA, Windows Server 2003, Windows XP Avoid EFS “gotchas” Back up that EFS certificate and the keys! You will lose access if you have no PKI or DRA CIPHER /X command store on USB drive Also export local DRA and remove from computer Eliminate plain-text “shreds” Encrypt folders, not files CIPHER /W wipe slack space: 00-FF-random Please, just use an enterprise CA Set up for auto-enrollment Configure DRA in group policy Now you won’t have any worries Recommendations Don’t be scared of PKI! Set up a test environment to enable you to “play” Minimise the scope of your first implementation Read up on CP & CPS Document the purpose and operating procedures of your PKI Summary Cryptography is a rich and amazingly mature field We all rely on it, everyday, with our lives Know the basics and make good choices avoiding common pitfalls Plan your PKI early Avoid very new and unknown solutions References Visit www.microsoft.com/security Read sci.crypt (incl. archives) For more detail, read: Cryptography: An Introduction, N. Smart, McGraw-Hill, ISBN 0-07-709987-7 Practical Cryptography, N. Ferguson & B. Schneier, Wiley, ISBN 0-471-22357-3 Contemporary Cryptography, R. Oppliger, Artech House, ISBN 1-58053-642-5 (to be published May 2005, see http://www.esecurity.ch/Books/cryptography.html) Applied Cryptography, B. Schneier, John Wiley & Sons, ISBN 0-471-11709-9 Handbook of Applied Cryptography, A.J. Menezes, CRC Press, ISBN 0-84938523-7, www.cacr.math.uwaterloo.ca/hac (free PDF) PKI, A. Nash et al., RSA Press, ISBN 0-07-213123-3 Foundations of Cryptography, O. Goldereich, www.eccc.uni-trier.de/eccc-local/ECCC-Books/oded_book_readme.html Cryptography in C and C++, M. Welschenbach, Apress, ISBN 1-893115-95-X (includes code samples CD) Thanks to Rafal Lukawiecki for providing some of the content for this presentation deck – his contact details are as follows… rafal@projectbotticelli.co.uk Strategic Consultant, Project Botticelli Ltd Copyright 2004 © Project Botticelli Ltd & Microsoft Corp. E&OE. For informational purposes only. No warranties of any kind are made and you have to verify all information before relying on it. You can re-use this presentation as long as you read, agree, and follow the guidelines described in the “Comments” field in File/Properties.