crypto and pki
Post on 18-Nov-2014
1.050 Views
Preview:
DESCRIPTION
TRANSCRIPT
Introducing cryptography and PKI
David Galichet
mercredi 23 novembre 2011
Cryptography challenges
mercredi 23 novembre 2011
Authentication
• Application authentication
• Single Sign On
• One Time Password
• Remember me
• ...
mercredi 23 novembre 2011
Integrity
• Data are not corrupted
• Data are not intentionally altered
mercredi 23 novembre 2011
Privacy
• Protect data transfer
• Protect stored data
mercredi 23 novembre 2011
Identity
• Authentication (user and server side)
• Signature (document, application packages ...)
• Non repudiation
• Trusted Timestamps
• Anonymity (electronic vote, alternative currency ...)
• ...
mercredi 23 novembre 2011
Cryptography basis
• Hash functions
• Symmetric ciphering
• Asymmetric ciphering
mercredi 23 novembre 2011
Hash algorithms
• Generate a constant size fingerprint whatever data in entry
• It’s hard to find the message from the given hash (First Preimage Resistance)
• It’s hard to modify a message without hash being changed (Second Preimage Resistance)
• It’s hard to find two different messages with the same hash (Resistance to Collisions)
• Very fast calculationmercredi 23 novembre 2011
Hash algorithms
• Generate a constant size fingerprint whatever data in entry
• It’s hard to find the message from the given hash (First Preimage Resistance)
• It’s hard to modify a message without hash being changed (Second Preimage Resistance)
• It’s hard to find two different messages with the same hash (Resistance to Collisions)
• Very fast calculation
infeasible
infeasible
infeasible
Cryptographic
mercredi 23 novembre 2011
Hash functionsIntegrity checking :
File hash()415a15b606eff4d4ba97ef64ecd2e598
mercredi 23 novembre 2011
Hash functionsIntegrity checking :
File hash()415a15b606eff4d4ba97ef64ecd2e598
Fingerprint or checksum
mercredi 23 novembre 2011
Hash functionsIntegrity checking :
File hash()415a15b606eff4d4ba97ef64ecd2e598
Fingerprint or checksum
Fast algorithm !
Very low probability of collision !Hard to change file without changing hash !
mercredi 23 novembre 2011
Hash functions
Password encryption :
passwordhash()
415a15b606eff4d4ba97ef64ecd2e598
mercredi 23 novembre 2011
Hash functions
Password encryption :
passwordhash()
415a15b606eff4d4ba97ef64ecd2e598
Hard to calculate password from the hash !
mercredi 23 novembre 2011
Hash functions
Remember me tokens :
username + expiration date + hash(password)
hash()
415a15b606eff4d4ba97ef64ecd2e598
Remember me token = hash(...) + username + expiration date
mercredi 23 novembre 2011
Password hashing leaks
• Brute force
• Dictionary
• Rainbow table
mercredi 23 novembre 2011
Password hashing leaks
• Brute force
• Dictionary
• Rainbow table
mercredi 23 novembre 2011
Salted hash functions
Salted hash password :
salt + passwordhash()
hash(salt+password)
mercredi 23 novembre 2011
Salted hash functions
Salted hash password :
salt + passwordhash()
hash(salt+password)
secret and / or user dependent
mercredi 23 novembre 2011
Salted hash functions
Salted hash password :
salt + passwordhash()
hash(salt+password)
secret and / or user dependent
Prevents from dictionary and rainbow table attacks !
mercredi 23 novembre 2011
Hash function algorithms
• Message Digest 5
• 128 bits fingerprint size
• Secured Hash Algorithm
• many version (SHA1, SHA256 ...)
• 160 to 512 bits fingerprint size
mercredi 23 novembre 2011
Hash function algorithms
• Message Digest 5
• 128 bits fingerprint size
• Secured Hash Algorithm
• many version (SHA1, SHA256 ...)
• 160 to 512 bits fingerprint size
@deprecated
mercredi 23 novembre 2011
Symmetric algorithms
• Shared secret key algorithm
• Same key used to cipher and decipher
• Fast algorithm
mercredi 23 novembre 2011
Popular symmetric algorithms
• Advanced Encryption Standard
• Blowfish
• Digital Encryption Standard and 3DES
mercredi 23 novembre 2011
Popular symmetric algorithms
• Advanced Encryption Standard
• Blowfish
• Digital Encryption Standard and 3DES@deprecated
mercredi 23 novembre 2011
Private message exchange
mercredi 23 novembre 2011
Private message exchange
Shared secret key
mercredi 23 novembre 2011
Private message exchange
Shared secret key
Cipheringwith Ks
mercredi 23 novembre 2011
Private message exchange
Shared secret key
Cipheringwith Ks
Decipheringwith Ks
mercredi 23 novembre 2011
Secret key exchange problem
mercredi 23 novembre 2011
Secret key exchange problem
High number of secret keys to manage !
mercredi 23 novembre 2011
Secret key exchange problem
High number of secret keys to manage !
How to share the secret key ?mercredi 23 novembre 2011
Asymmetric algorithm
• Key pair based algorithm
• Shared public key
• Protected private key
• Key size :1024 to 4096 bits
• Slow algorithm
• Max encryption size = key size
mercredi 23 novembre 2011
Popular asymmetric algorithm
• Rivest, Shamir and Adelman (signing and encryption)
• Digital Signature Algorithm (signature only)
• Elliptic Curves Cryptography
mercredi 23 novembre 2011
Asymmetric ciphering analogy
mercredi 23 novembre 2011
Asymmetric ciphering analogy
Public key
Private key
mercredi 23 novembre 2011
Asymmetric ciphering analogy
Public key
Private key
mercredi 23 novembre 2011
Asymmetric ciphering analogy
Public key
Private key
mercredi 23 novembre 2011
Asymmetric ciphering analogy
Public key
Private key
mercredi 23 novembre 2011
Asymmetric ciphering
mercredi 23 novembre 2011
Asymmetric ciphering
Cipheringwith Bob Public Key
mercredi 23 novembre 2011
Asymmetric ciphering
Decipheringwith Bob Private KeyCiphering
with Bob Public Key
mercredi 23 novembre 2011
Digital signature
mercredi 23 novembre 2011
Digital signature
Alice sign withher private keyOnly hash of the
message is signed
dsa(hash(ˮHello.ˮ),PrK.alice
mercredi 23 novembre 2011
Digital signature
mercredi 23 novembre 2011
Digital signature
Bob checks signaturewith Alice public key
Unchanged hash means unaltered message
compare hash("hello.")with :
dsa("er2f@!e..", PuK.alice)
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Diffie-Hellmankey exchange
algorithm
mercredi 23 novembre 2011
Public key sharing
mercredi 23 novembre 2011
Public key management
mercredi 23 novembre 2011
Public Key Infrastructure !
• Public key certificate
• Certificate management
mercredi 23 novembre 2011
Public key certificates• Binds public key with Identity
• Can be used to :
• authenticate a user
• cipher data (email, communications ...)
• prove identity (SSL)
• signing a document
• signing a certificate (CA certificate)
• ...
mercredi 23 novembre 2011
Public key certificate anatomy
(TLS certificate)
mercredi 23 novembre 2011
Public key certificate anatomy -Issuer
mercredi 23 novembre 2011
Public key certificate anatomy -Issuer
Issuer Distinguished Name
mercredi 23 novembre 2011
Public key certificate anatomy -Issuer
Issuer ≠ Subject :• Not a CA certificate• Not a self signed certificate
Issuer Distinguished Name
mercredi 23 novembre 2011
Public key certificate anatomy -Subject
mercredi 23 novembre 2011
Public key certificate anatomy -Subject
Certificate validity
mercredi 23 novembre 2011
Public key certificate anatomy -Subject
Subject Distinguished Name Certificate validity
mercredi 23 novembre 2011
Public key certificate anatomy -Subject
Subject Distinguished Name Certificate validity
Certified URL
mercredi 23 novembre 2011
Public key certificate anatomy -Subject
Subject Distinguished Name
Public key
Certificate validity
Certified URL
mercredi 23 novembre 2011
Public key certificate anatomy -Extensions
mercredi 23 novembre 2011
Public key certificate anatomy -Extensions
Not a CA certificate
mercredi 23 novembre 2011
Public key certificate anatomy -Extensions
Not a CA certificate
Revocation List
mercredi 23 novembre 2011
Public key certificate anatomy -Extensions
Not a CA certificate
Revocation List
Certificate usage (TLS)
mercredi 23 novembre 2011
Public key certificate anatomy -Extensions
Not a CA certificate
Revocation List
Certificate usage (TLS)
Issuer CA certificate location
mercredi 23 novembre 2011
Public key certificate anatomy -Certificate signature
mercredi 23 novembre 2011
Public key certificate anatomy -Certificate signature
The certificate SHA1 fingerprint is signed with Issuer private key
mercredi 23 novembre 2011
Certificate fingerprint signature
• Self signed or signed by CA
• Prevents certificate corruption
• CA signing proves identity if the CA is trusted
mercredi 23 novembre 2011
Certification chain of trust(certification path)
mercredi 23 novembre 2011
Certificate management
mercredi 23 novembre 2011
Certificate management
mercredi 23 novembre 2011
Certificate management
mercredi 23 novembre 2011
Certificate management
mercredi 23 novembre 2011
Certificate management
mercredi 23 novembre 2011
Certificate managementCR is signed withCA private key
mercredi 23 novembre 2011
Certificate managementCR is signed withCA private key
mercredi 23 novembre 2011
Certificate managementCR is signed withCA private key
mercredi 23 novembre 2011
Certificate managementCR is signed withCA private key
mercredi 23 novembre 2011
Certificate managementManage CRL or OCSPCR is signed with
CA private key
mercredi 23 novembre 2011
Certificate managementManage CRL or OCSPCR is signed with
CA private key
mercredi 23 novembre 2011
Certificate managementManage CRL or OCSP
Check Bob certificatewith CA certificate
CR is signed withCA private key
mercredi 23 novembre 2011
Certificate managementManage CRL or OCSP
Check Bob certificatewith CA certificate
CR is signed withCA private key
mercredi 23 novembre 2011
Certificate managementManage CRL or OCSP
Check Bob certificatewith CA certificate
Check Bob certificate validity
CR is signed withCA private key
mercredi 23 novembre 2011
Private key storage• Password protected PKCS12 file
• Cryptographic token :
• password protected
• key pair generation (not possible to take the private key out)
• process asymmetric algorithms (RSA, DSA, Diffie-Hellman ...)
mercredi 23 novembre 2011
Private key storage• Password protected PKCS12 file
• Cryptographic token :
• password protected
• key pair generation (not possible to take the private key out)
• process asymmetric algorithms (RSA, DSA, Diffie-Hellman ...)Two Factors Authentication :
protect with something you know and something you have
mercredi 23 novembre 2011
Certificate revocation
• Two protocols :
• Certificate Revocation List
• Online Certificate Status Protocol
• CRL provides a full certificates revocation list
• OCSP is request/response protocol
mercredi 23 novembre 2011
One Time Password
• Token and password (PIN) based authentication system
• Token uses a clock and a secret algorithm to generate a OTP
• OTP server use the same algorithm to validate the OTP
mercredi 23 novembre 2011
Conclusion
• What’s going on if you loose your ciphering private key (or PKCS12 password) ?
• Are the Registration Authority validation process safe ?
mercredi 23 novembre 2011
top related