X.509 standard and CA’s operationX.509 standard and CA’s operation

Certificate path validationCertificate path validation

Dec. 18, 20012001824C&IS lab.

Vo Duc Liem

2

ContentsContents

1. Introduction

2. Previous Works

3. Proposed method

4. Assessment

5. Conclusion and further work

3

IntroductionIntroduction

Certificate path validation A & B has certificate from different CA

A trust CA-B?

CA-A & CA-B cross certificate

easy!

Not Cross validation path from

CA-B to “most trusted” CA by A

A spend time & power for verifying

Root CA

CA-B

B

CA-A

A

Cross ?

4

Previous workPrevious work

Method of certificate path validation

Full path validation Computation O(n)

Delegation certificate path validation O(1)

Simple Certificate Validation Protocol O(1)

Offline Path Validation* O(1) or no cost

*: Method is presented in IWAP01

5

Proposed methodProposed method

Assumption

Number of CA’s not huge as user

CA is stable entity and play right role,

CA is responsible in law

The trust between CA’s: CA trust his child

6

Validating ProcessValidating Process

CA-B

CA

Root CA

User B

CA-A

CA

User A

List of valid CAs(May sign by root CA)

ECA

ECA1

Cert. of CA-B

Cert. of B

7

List of Valid CAList of Valid CA

ECA1: produce list of its child CA’s, sign and send to ECA2

ECA2 verifies ECA1 signature; sign on list

…

Root CA: check signature and sign

List of ECA

Issuer ECA1

…

Root CA

Root CA signature Alg.

Root CA signature on all above fields

Exp. List of valid CA

8

Steps of validationSteps of validation

A check in CRL for B certificate

If not, verify by public key of CA-B (ECA)

Check existence of CA-B in the list of valid CA of ECA1

If exist, verify CA-B’s certificate by ECA1 public key

Verify the list of valid CA of ECA1 by public key of Root CA

9

AssessmentAssessment

Correctness Only right public key can verify signature made by respective

private key

Security No one can make fake certificate or change the list without

knowing of private key

The list of valid CA does not need change frequently

Need 3 signature verification process

Reduce power computing for users.

10

Conclusion and further workConclusion and further work

Understand X.509 and CA’s operation

Proposed method of Certificate path validation

For future: Find out all possible attack

Consider cross-certificate at high level

11

ReferencesReferences

① Cryptography and Network Security: Principles and Practice, William Stalling, Prentice Hall 1998

② ITU-T X.509 v3 recommendation (1997)③ IETF – RFC 2459, Internet X.509 Public Key Infrastructure

Certificate and CRL Profile, 1999④ IETF – RFC 2560, Internet X.509 Public Key Infrastructure

Online Certificate Status Protocol – OCSP, 1999⑤ IETF – Internet drafts, Simple Certificate Validation Protocol,

2001⑥ NIST - Public key infrastructure study – Final report 1997⑦ Network Security: PRIVATE Communication in a PUBLIC

World, C. Kaufman, R. Perlman, M, Speciner, Prentice Hall 1995.

⑧ Efficient offline path validation – Byoungcheon Lee, Kwangjo Kim, Moongseog Seo, Weonkeun Huh - IWAP 2001 document

⑨ On the complexity of Public-key Certificate Validation – Diana Berbecaru, Antonio Lioy, Marius Marian – ISC2001, LNCS 2200, p183-203, 2001