SecuritySecurity

Keys, Signatures, EncryptiKeys, Signatures, Encryptionon

Slides bySlides by

Jyrki NummenmaaJyrki Nummenmaa‘‘

KeysKeys

Keys are the basis for encryption.Keys are the basis for encryption. They can be used for They can be used for

- identification, - identification, - encryption, - encryption, - signatures, - signatures, - and certificates.- and certificates.

We will skip the mathematics and only We will skip the mathematics and only explain how the keys can be used.explain how the keys can be used.

Using a secret key -Using a secret key -GeneralGeneral

Messages are encrypted using a secret Messages are encrypted using a secret key known for both parties.key known for both parties.

Usually faster algorithms than with Usually faster algorithms than with public/private key pairs.public/private key pairs.

Problem: How can both parties get to Problem: How can both parties get to know the secret key whilst keeping it know the secret key whilst keeping it secret?secret?

Using a secret key -Using a secret key -EncryptionEncryption

The sender encrypts the message using The sender encrypts the message using an algorithm (which may be publicly well an algorithm (which may be publicly well know) and the secret key (which is know) and the secret key (which is secret, as the name implies)secret, as the name implies)

The recipient decrypts the message The recipient decrypts the message using a well-known algorithm and the using a well-known algorithm and the secret key (of course, the algorithms secret key (of course, the algorithms must be matching). must be matching).

Using a private/public key pair -Using a private/public key pair -GeneralGeneral

Each communicating agent has a Each communicating agent has a private key, only known to herself, and private key, only known to herself, and a public key, known to all.a public key, known to all.

Principle: both keys are needed for Principle: both keys are needed for certain operations (next slides will certain operations (next slides will explain more).explain more).

Slower algorithms than with the single Slower algorithms than with the single secret key.secret key.

Using a private/public key pair -Using a private/public key pair -Generating a key pairGenerating a key pair

The key pair is generated using a The key pair is generated using a random number algorithm in such a way random number algorithm in such a way that the keys match.that the keys match.

The private key can be protected with a The private key can be protected with a passphrase, which you must know to be passphrase, which you must know to be able to use the private key (to create the able to use the private key (to create the “real” private key from the passphrase “real” private key from the passphrase and the permanently stored private key.and the permanently stored private key.

Using a private/public key pair -Using a private/public key pair -EncryptionEncryption

A sender encrypts a document using A sender encrypts a document using the recipient’s public key (known to the recipient’s public key (known to everyone) and a well-known algorithm.everyone) and a well-known algorithm.

Decryption is in practice only possible Decryption is in practice only possible with the recipients private key (known to with the recipients private key (known to the recipient only) - no-one else can the recipient only) - no-one else can read the encrypted document.read the encrypted document.

Encryption in practice for Encryption in practice for communicating secure processescommunicating secure processes

As secret key algorithms are faster, it is As secret key algorithms are faster, it is practical to use the public keys to agree practical to use the public keys to agree on a one-time session secret key.on a one-time session secret key.

For this, both parties can create one-time For this, both parties can create one-time session key pairs (private and public).session key pairs (private and public).

The secret session key is used for The secret session key is used for communication.communication.

This is what e.g. SSL does. This is what e.g. SSL does.

Using a private/public key pair -Using a private/public key pair -Message integrity/1Message integrity/1

Message integrity = the message has Message integrity = the message has not been changed or corruptednot been changed or corrupted

Tentative solution: calculate a code Tentative solution: calculate a code from the document and send it along. from the document and send it along. On receipt, a new code is being On receipt, a new code is being calculated and compared with the code calculated and compared with the code that was sent. If they match, the that was sent. If they match, the message has not changed.message has not changed.

Using a private/public key pair -Using a private/public key pair -Message integrity/2Message integrity/2

The tentative solution works against The tentative solution works against corruption (a checksum).corruption (a checksum).

However, if someone wants to change However, if someone wants to change the message, then she could also the message, then she could also change the code (checksum).change the code (checksum).

Using a private/public key pair -Using a private/public key pair -Message integrity/3Message integrity/3

Improved solution: compute the code Improved solution: compute the code using the senders private key and the using the senders private key and the message. (Encrypt the code using the message. (Encrypt the code using the private key.) = Create a signature or private key.) = Create a signature or electronically sign the document.electronically sign the document.

The recipient can use sender’s public The recipient can use sender’s public key to decrypt the code. Then it is key to decrypt the code. Then it is possible to check message integrity.possible to check message integrity.

Using a private/public key pair -Using a private/public key pair -Message integrity/4Message integrity/4

Q: What’s the difference between this Q: What’s the difference between this and encryption?and encryption?

A: The information the sender is giving A: The information the sender is giving out can be public and non-encrypted. It out can be public and non-encrypted. It is only if you want to verify that the is only if you want to verify that the message has not been changed that message has not been changed that you use the sender’s public key to you use the sender’s public key to check this.check this.

Authentication/1Authentication/1

Suppose you receive mail from Suppose you receive mail from Elvis.Presley@heaven.com and you also Elvis.Presley@heaven.com and you also get Elvis’ public key.get Elvis’ public key.

You receive messages which open with You receive messages which open with the public key -> you conclude that they the public key -> you conclude that they have been sent using a matching private have been sent using a matching private key.key.

How can you be sure who the sender is?How can you be sure who the sender is?

Authentication/2Authentication/2

Several possibilities:Several possibilities:• It is Elvis himself, it is really his e-mail It is Elvis himself, it is really his e-mail

address, it is really his public key.address, it is really his public key.• It is Elvis’s e-mail address, but someone is It is Elvis’s e-mail address, but someone is

misusing it somehow, and he has misusing it somehow, and he has generated a public/private key pair and generated a public/private key pair and sent you the public key (public part).sent you the public key (public part).

• It is not even Elvis’ e-mail address.It is not even Elvis’ e-mail address.

Authentication/3Authentication/3

The real question is: How can you be The real question is: How can you be sure of a sender’s identity in the Internet sure of a sender’s identity in the Internet world?world?

Quite often, you are convinced that Quite often, you are convinced that such a person or company exists.such a person or company exists.

Then, you need to know if the e-mail Then, you need to know if the e-mail and the identity match.and the identity match.

Authentication/4Authentication/4CertificatesCertificates

A certificate is a document where A certificate is a document where someone states that a public key really someone states that a public key really belongs to the right person/company.belongs to the right person/company.

A certificate must be digitally signed by A certificate must be digitally signed by someone.someone.

That someone may be a person, but That someone may be a person, but more generally, it is a Certificate more generally, it is a Certificate Authority (CA).Authority (CA).

Authentication/5Authentication/5Certificate AuthoritiesCertificate Authorities

A Certificate Authority (CA) is generally-A Certificate Authority (CA) is generally-trusted generally-known enterprise.trusted generally-known enterprise.

The CA makes it’s public key (or a message The CA makes it’s public key (or a message digest of it) publicly available so widely that digest of it) publicly available so widely that it is not practical for anyone else to claim to it is not practical for anyone else to claim to be that CA.be that CA.

The CA (like VeriSign, see The CA (like VeriSign, see www.verisign.com) usually charges money www.verisign.com) usually charges money for its services.for its services.

Authentication/6Authentication/6CertificationCertification

The CA digitally signs public keys. (Or The CA digitally signs public keys. (Or gives digital identities with private keys gives digital identities with private keys and matching digitally signed public and matching digitally signed public keys.)keys.)

Anyone can check the certificate Anyone can check the certificate against the CA’s public key, thus against the CA’s public key, thus making sure that the CA certifies the making sure that the CA certifies the public key.public key.

Authentication/7Authentication/7Levels of certificationLevels of certification

There are different levels of certification, on There are different levels of certification, on the following linesthe following lines• Certifying that a public key and an e-mail address Certifying that a public key and an e-mail address

belong together.belong together.• Certifying that a public key and a person’s identity Certifying that a public key and a person’s identity

belong together (for this you need to visit the CA in belong together (for this you need to visit the CA in person).person).

• Certifying that a company’s name and a public key Certifying that a company’s name and a public key belong together…belong together…

• Read more from VeriSign.Read more from VeriSign.

Authentication/8Authentication/8Certification chainsCertification chains

A certified person or company can give A certified person or company can give a certificate to another.a certificate to another.

For example, if a CA (A) gives a For example, if a CA (A) gives a certificate to Netscape (B), and certificate to Netscape (B), and Netscape gives a certificate to some Netscape gives a certificate to some Java applet programming company (C), Java applet programming company (C), then you can verify B’s public key using then you can verify B’s public key using A’s and C’s public key using B’s.A’s and C’s public key using B’s.

Authentication/9Authentication/9Certification risksCertification risks

It all comes back to a CA, either directly It all comes back to a CA, either directly or via a certificate chain. or via a certificate chain.

In fact, it all comes back to the CA’s In fact, it all comes back to the CA’s private key.private key.

If someone guesses or steals or is able If someone guesses or steals or is able to compute (shouldn’t be possible) the to compute (shouldn’t be possible) the CA’s private key, everything collapses.CA’s private key, everything collapses.

Available implementationsAvailable implementations

Java offers a java.security package which Java offers a java.security package which comes with Java2 (jdk1.2.2) and a comes with Java2 (jdk1.2.2) and a java.cryptix package, which is only available java.cryptix package, which is only available in the US, however, there are other in the US, however, there are other implementations, like the one on implementations, like the one on www.cryptix.org.www.cryptix.org.

SSL can be used through shttp.SSL can be used through shttp. However, we will start with PGP, which does However, we will start with PGP, which does

not require programming.not require programming.

PGP (Pretty Good Privacy)PGP (Pretty Good Privacy)

PGP is a public/private key pair system.PGP is a public/private key pair system. PGP is publicly available on e.g. PGP is publicly available on e.g.

kielo.uta.fi - start with kielo.uta.fi - start with pgp -hpgp -h PGP can be used for encryption and PGP can be used for encryption and

signatures.signatures. You will need to create yourself a key You will need to create yourself a key

pair, after which you can start operating pair, after which you can start operating with it.with it.