Download - PKI Industry growth in Bangladesh
![Page 1: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/1.jpg)
PKI Industry Growth in Bangladesh
Al Faruq Ibna Nazim
Computer Services Ltd.
![Page 2: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/2.jpg)
AGENDA
• PKI Glossary
• PKI Necessity
• PKI Basics
• PKI Services
• PKI in Bangladesh
• PKI Business in Bangladesh
• Advantages of Local PKI
• Limitation
![Page 3: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/3.jpg)
PKI GLOSSARY
• Public Key Crypto – key pairs used to encrypt/decrypt or sign/verify
• Certificate – a digital method of binding a key pair or pairs to a specific identity
• Certificate Authority – the system that securely creates the certificates
• Public Key Infrastructure – the whole system of creating, issuing, managing, utilizing and revoking certificates
![Page 4: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/4.jpg)
PKI NECESSITY
Homer and Marge want to exchange data in a digital world.
There are Confidence and Trust Issues …
InternetIntranetExtranet
Homer Marge
![Page 5: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/5.jpg)
PKI NECESSITY – CONFIDENCE & TRUST ISSUE
• In the Identity of an Individual or Application
AUTHENTICATION
• That the information will be kept Private
CONFIDENTIALITY
• That information cannot be Manipulated
INTEGRITY
• That information cannot be Disowned
NON-REPUDIATION
InternetIntranetExtranet
Homer Marge
![Page 6: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/6.jpg)
PKI BASICS – OPERATION
Cryptography
It is the science of making the cost of acquiring or altering data greater than the potential value gained.
Cryptosystem
It is a system that provides techniques for mangling a message into an apparently intelligible form and than recovering it from the mangled form.
Plaintext Encryption Decryption PlaintextCiphertext
Key KeyHello World &$*£(“!273 Hello World
![Page 7: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/7.jpg)
PKI BASICS – ALGORITHM
All cryptosystems are based only on three Cryptographic Algorithms:
MESSAGE DIGEST (MD2-4-5, SHA, SHA-1, …)
- Maps variable length plaintext into fixed length cipher text
- No key usage, computationally infeasible to recover the plaintext
SECRET KEY (Blowfish, DES, IDEA, RC2-4-5, Triple-DES, …)
- Encrypt and decrypt messages by using the same Secret Key
PUBLIC KEY (DSA, RSA, …)
- Encrypt and decrypt messages by using two different Keys: Public Key, Private Key (coupled together)
![Page 8: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/8.jpg)
PKI BASICS - Algorithms based on Private Key
Pros
• Efficient and fast Algorithm
• Simple model
- Provides Integrity, Confidentiality
Cons
• The same secret key must be shared by all the entities involved in the data exchange
• High risk
• It doesn’t scale (proliferation of secrets)
- No Authentication, Non-Repudiation
Plaintext Encryption Decryption PlaintextCiphertext
Private Key Private Key
![Page 9: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/9.jpg)
PKI BASICS - Algorithms based on Public Key
Pros
• Private key is only known by the owner: less risk
• The algorithm ensures Integrity and Confidentiality by encrypting with the Receiver’s Public key
InternetIntranetExtranet
Homer Marge
Plaintext Encryption Decryption PlaintextCiphertext
Homer’s Public Key Marge’s Private Key
![Page 10: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/10.jpg)
PKI BASICS - Algorithms based on Public Key
Pros
• The algorithm ensures Non-Repudiation by encrypting with the Sender’s Private key
InternetIntranetExtranet
Homer Marge
Plaintext Encryption Decryption PlaintextCiphertext
Homer’s Private Key Marge’s Public Key
![Page 11: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/11.jpg)
PKI BASICS - Algorithms based on Public KeyCons
• Algorithms are 100 – 1000 times slower than secret key ones
They are initially used in an initial phase of communication and then secrets keys are generated to deal with encryptions
• How are Public keys made available to the other people?
• There is still a problem of Authentication!!!
Who ensures that the owner of a key pair is really the person whose real life name is “Marge”?
InternetIntranetExtranet
Homer Marge
![Page 12: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/12.jpg)
PKI BASICS – CERTIFICATE SIGNING & VERIFICATION
![Page 13: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/13.jpg)
PKI SERVICES
• Secure Email – sign and/or encrypt messages
• Secure browsing – SSL – authentication and encryption
• Secure code – Authenticode
• Secure wireless – PEAP & EAP-TLS
• Secure documents – Rights Management
• Secure networks – segmentation via IPSEC, RPKI
• Secure files – Encrypted File System(EFS)
![Page 14: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/14.jpg)
PKI IN BANGLADESH – ROOT CAPKI service is regulated by the government body as
Office of the Controller of Certifying Authorities (CCA)
www.cca.gov.bd
Objectives• Paperless Government Correspondence• e-Government• e-Procurement• e-Commerce• Electronic Document Signing• Internet Banking using digital signature• Device and Server Signing• Preventing Cyber Crimes
Activities• Controlling Activities of Certifying Authority (CA)• Issuing, suspending and repealing CA license according to ICT Act 2006
(Amendment 2013) and ICT (CA) Rules 2010.• Leading and Maintaining of Public Key Infrastructure (PKI) activities.• Making Rules, guideline and regulation for PKI and controlling its
standard.• Submitting investigation report before the Cyber Tribunal after
investigating Cyber crimes under ICT Act, 2006. • Constituting Audit firm for auditing IT.• Prescribing rate of Digital Signature Certificate according to IT (CA)
rules, 2010.
![Page 15: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/15.jpg)
PKI IN BANGLADESH – MODEL
Issued by Sub-CA
Issued by Licensed CA
Accredited by CCA
Office of the CCA Root CA
Licensed CAs (Public/Private)
Sub CA
(Internal/External)
Subscribers
![Page 16: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/16.jpg)
PKI IN BANGLADESH – Licensed CAs
Mango Teleservices Ltd. (www.mangoca.com)
Dohatec New Media. (www.dohatec-ca.com.bd)
Data Edge Ltd. (www.dataedgeid.com)
Banglaphone Ltd. (www.banglaphone.net.bd)
Computer Services Ltd. (www.ca.computerservicesltd.com)
Bangladesh Computer Council. (www.bcc.gov.bd)
![Page 17: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/17.jpg)
PKI BUSINESS IN BANGLADESH
![Page 18: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/18.jpg)
PKI BUSINESS IN BANGLADESH
Service Provided:
• SSL certificate for TT service & Foreign Remittance
• Class 2 certificates
Purpose:
• Multifactor login from a dedicated system of distant branch. Secure communication channel between server & branch.
![Page 19: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/19.jpg)
PKI BUSINESS IN BANGLADESH
Service Provided:
• SSL certificate
Purpose:
• To Secure communication channel between server & client.
![Page 20: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/20.jpg)
PKI BUSINESS IN BANGLADESH
Service Provided:
• SSL certificate
Purpose:
• Secure communication channel between server & client.
![Page 21: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/21.jpg)
PKI BUSINESS IN BANGLADESH
Service Provided:
• Class 2 certificates
Purpose
• Secure communication among 4 personnel of finance team.
![Page 22: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/22.jpg)
PKI BUSINESS IN BANGLADESH
Service Provided:
• Class 1 certificate
• Class 2 certificate
• Class 3 certificate
Purpose:
• Issuing digitally signed registration cards & admit cards.
![Page 23: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/23.jpg)
PKI BUSINESS IN BANGLADESH
Service Provided:
• Class 2 certificate
• Cryptographic hardware token
Purpose:
• Document authorization, to use in e-file management system.
![Page 24: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/24.jpg)
PKI BUSINESS IN BANGLADESH
Service Provided:
• Class 2 certificate
• SSL certificate
• Cryptographic hardware token
Purpose:
• Send & receive encrypted document within a secure channel.
![Page 25: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/25.jpg)
PKI BUSINESS IN BANGLADESH
Service Provide:
Class 2 certificate
SSL Certificate for JBGC
Cryptographic hardware token
Purpose:
Document authorization & secure communication channel between server & client.
![Page 26: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/26.jpg)
PKI BUSINESS IN BANGLADESH
![Page 27: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/27.jpg)
ADVANTAGES OF LOCAL PKI
• Local regulatory authorized.
• Local law governed for legal assistance.
• Accountability for service.
• Local currency exchange and remittance.
• Regulatory earning for government.
![Page 28: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/28.jpg)
LIMITATION
The only limitation so far is Bangladesh is not recognized internationally to PKI registry.
Internet Explorer, Chrome, Firefox, Opera etc. browsers recognition is required.
International PKI forum association is required.
![Page 29: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/29.jpg)
CONCLUSION
• For such technology progressive country we need data transaction security & authenticity.
• For such services regulatory observation is highly required.
• Accountability for local organizations will allow client trust & flexibility.
• Local financial transaction will allow local revenue earning & government revenue.
![Page 31: PKI Industry growth in Bangladesh](https://reader034.vdocuments.mx/reader034/viewer/2022042605/58d1ddfd1a28ab66108b5cbb/html5/thumbnails/31.jpg)
Gratitude Declaration
Computer Services Ltd.Data Edge Ltd.Controller of Certifying Authority