pki 201 key management

PKI 201 – Key Management By Aman Hardikar

Agenda

• Basic Cryptosystem

• Types of Keys

• Key Life Cycle

• Pre Operational

• Creation

• Distribution

• Operation

• Post Operational

• Destruction

• Storage

• X509 Certificate Basics

An Example of a Basic Crypto System

• Three keys

• 1 symmetric key

• 1 public key

• 1 private key

• Three algorithms

• 1 symmetric cipher algorithm (block / stream)

• 1 asymmetric cipher algorithm

• 1 hashing algorithm

• Optional

• RNG (Random Number Generator)

Biggest Problem

Key Management

• Why?

• Easier to steal the key than to break the lock.

In general, majority of the attacks on a cryptosystem were on Key

Management.

Types of Keys

To mitigate key management issues, multiple keys were created according to

its designated purpose.

Private Signature Key Public Key Transport Key

Public Signature Key Symmetric Key Agreement Key

Symmetric Authentication Key Private Static Key Agreement Key

Private Authentication Key Public Static Key Agreement Key

Public Authentication Key Private Ephemeral Key Agreement Key

Symmetric Data Encryption Key Public Ephemeral Key Agreement Key

Symmetric Key Wrapping Key Symmetric Authorization Key

Symmetric Master Key Public Authorization Key

Private Key Transport Key Private Authorization Key

Cryptographic Strength & Key Size

Comparable Key Strength

Bits Symmetric

Algorithm

RSA ECC

80 2kTripleDEA 1024 160–223

112 3kTripleDEA 2048 224–255

128 AES-128 3072 256–383

192 AES-192 7680 384–511

256 AES-256 15360 512+

• Ephemeral or temporary keys

• Long life keys

OUP (Originator Usage Period)

Time during which cryptographic protection may be applied to data

Key Lifecycle

Key Lifecycle - Preoperational

• Installing key policies

• Selecting algorithms

• Registering attributes

• Key parameters

Keys are registered (binding them to subject’s identity).

In PKI, it is implemented using x509 certificate.

X.509 certificate binds a public key with subject name (user)

Key Lifecycle - Creation

• Avoid weak keys

• Avoid weak algorithms or weak implementations of algorithms

• Process of key generation

• Type, purpose and crypto applications of keys

Key Lifecycle – Creation (2)

Random Number Generators (RNG)

• Produce a sequence of 0s and 1s for use in cryptography

• Combined into sub-sequences or blocks of random numbers

• Types

• Deterministic

• Produces sequence based on a known value (seed)

• Nondeterministic

• Produces sequence based on an unpredictable source

Key Lifecycle - Distribution

• Based on the type of the key

• Requirements

• Availability of the keys

• Association of keys with intended use

• Integrity – detection of change during transit

• Confidentiality – split knowledge principle

• Distribution

• Private keys – split knowledge, trusted entities for distribution

• Public keys – X509 certificate

• Manual key distribution (encrypted using key wrapping keys)

• Wrapping keys are generally public keys

• If private keys are used, then a separate distribution channel should be

established

Keys used only for encrypting data in storage should not be distributed.

Key Lifecycle - Operation

• Backup and recovery mechanisms

• Compromised backups

• Controls for detecting a compromise

• Regeneration

• Updates and changes

• Crypto period expiration

• Suspected or real key compromise

• Rekeying

• Needs redistribution

• Updating the key

• No redistribution required

• Produced based on the old key

• Known to all parties

Key Lifecycle – Post-operation

• Key not operational

• Access to keys needed

• Decrypt data

• Verify signature

Key Lifecycle - Destruction

• Zeroization

• Replacing key material with ‘0’ or ‘o’ or something meaning less

• Not just the key material at rest, other places should also be considered

Key Storage

• Provide Integrity

• Provide Confidentiality

• Association with application and objects

• Assurance of domain parameters

Keys are protected with additional level of access control.

Destroying of key material using zeroization, if required.

Key Escrow

• Multiple parties/agencies storing part of the key.

• Generally operates with two components held with two independent agents.

• Risks

• Collusion

• Failure of reassembling

Ex: SKIPJACK and LEAF method.

Key States / Transitions

Digital Certificate

An electronic identity issued to a person, system, or an organization by a

competent authority after verifying the credentials of the entity.

In PKI, all digital certificates were issued based on the X.509 standard.

X.509v3 Certificate

SSL Certificate:

Version: 2

Serial Number: 4294967295

Signature Algorithm: sha1WithRSAEncryption

Issuer: /C=US/O=DigiCert Inc/OU=www.digicert.com/CN=DigiCert High Assurance CA-3

Not valid before: Dec 1 00:00:00 2010 GMT

Not valid after: Dec 4 12:00:00 2013 GMT

Subject: /C=GB/ST=Lancashire/L=Bolton/O=Bolton Metropolitan Borough Council/OU=Bolton/CN=*.bolton.gov.uk

Public Key Algorithm: rsaEncryption

RSA Public Key: (2048 bit)

Modulus (2048 bit):

00:c4:84:24:fb:93:61:c4:3e:82:dc:6b:f0:d7:75:

7e:93:93:a3:fe:34:05:1b:f0:12:37:e0:b2:f1:0f:

bd:b5:aa:57:ee:53:ac:67:af:62:48:15:21:c8:14:

…………

48:a5:46:07:77:07:c0:e5:ff:5c:b9:5c:72:27:e6:

d6:e4:2c:a4:3d:55:3b:3c:aa:bf:71:69:af:c8:63:

66:1f

Exponent: 65537 (0x10001)

X509v3 Extensions:

X509v3 Authority Key Identifier:

keyid:50:EA:73:89:DB:29:FB:10:8F:9E:E5:01:20:D4:DE:79:99:48:83:F7

X509v3 Subject Key Identifier:

08:BC:EF:1E:D5:0D:92:26:7B:6C:CA:E9:48:A9:ED:EB:AE:C0:B1:BC

X509v3 Subject Alternative Name:

DNS:*.bolton.gov.uk, DNS:bolton.gov.uk, DNS:ebiz.bolton.gov.uk

X509v3 Key Usage: critical

Digital Signature, Key Encipherment

X509v3 Extended Key Usage:

TLS Web Server Authentication, TLS Web Client Authentication

X509v3 CRL Distribution Points:

URI:http://crl3.digicert.com/ca3-g8.crl

URI:http://crl4.digicert.com/ca3-g8.crl

X509v3 Certificate Policies:

Policy: 2.16.840.1.114412.1.3.0.1

CPS: http://www.digicert.com/ssl-cps-repository.htm

User Notice:

Explicit Text:

Authority Information Access:

OCSP - URI:http://ocsp.digicert.com

CA Issuers - URI:http://cacerts.digicert.com/DigiCertHighAssuranceCA-3.crt

X509v3 Basic Constraints: critical

CA:FALSE

X.509v3 Certificate Signing

Continued …..

PKI 202/203

• Trust Models

• CRL Models

• Working of SSL, SMIME

• Walk through using software

• Architectural Weaknesses

• Auditing a PKI Infrastructure