public key infrastructures · download certificate 69 destruction physical destruction of the card....
TRANSCRIPT
1
1
Public Key InfrastructuresPublic Key Infrastructures
Chapter 6Private Keys
Cryptography and Computeralgebra
Johannes Buchmann
2
How to store private keys?
3
Personal Security Environment (PSE)
Private keys are stored in PSEs
4
Realisation of PSEs : Tokens
Secure storing of private keys
in Software in Hardware
PKCS#12Application specific
(e.g. Netscape)Java KeyStore SmartcardUSB-Token
HardwareSecurityModule(HSM)
5
Token properties
Compatibility
Portability
Availability
Access protection
6
PKCS#12
Software based PSE
Format for secure transport and storing
Most typical format for software PSEs
Available at:http://www.rsa.com/rsalabs/node.asp?id=2138
2
7
PKCS#12: Modes
Public Key Privacy Mode:Encryption with a symmetric key. This symmetric key is encrypted with the public key of the receiver.
Password Privacy Mode:Encryption with one symmetric key, which is derived from a password.
Public Key Integrity Mode:Signed with a private key. The receiver can verify the message.
Password Integrity Mode:A MAC is calculated which can be verified by the receiver.
8
PKCS#12: Structure
AuthenticatedSafe
ContentInfo
Plain Data
Encrypted Data
Enveloped data
9
Example
Personal nformation Exchange
Password: 123456
10
11
Java Keystores
Implementation of the KeyStore Class
Two types:JKS
Proprietary algorithmsWeak encryption
JCEKSStandard algorithmsStrong encryptionPart of the JCE (Java Cryptography Extensions)Since Java 1.4
Easy Administration with keytool 12
KeyStore example
keytool -genkey -alias test -keyalg RSA-keysize 1024 -keypass 123456-storepass 123456 -keystore test.ks
Run: ../Certificates/keytool.bat
3
13
Application specific
Examples:
MozillaWindows
14
Private key import in Firefox
15
Private key access in Firefox
16
Private key import in Windows
17
Private key access in Windows
18
Application specific
Netscape FamilyMozilla, Firefox, Thunderbird, SeaMonkeyThrough Software Security ModuleThe standard implementation is proprietaryThe format for the import is PKCS#12
Windows Internet Explorer, Outlook/ExpressThe standard implementation is proprietaryThrough Cryptographic Service ProviderThe format for the import is PKCS#12
4
19
Hardware Security Module
Secure storing and use of keys
Pseudorandom number generation
Key pair generation
Calculation of digital signatures
Key archiving
Acceleration for cryptographic schemes
20
Hardware Security Module
Protect the keys against
Mechanical attacks
Temperature attacks
Manipulation of the voltage
Chemical attacks
The keys are destroyed in case of danger
21
Hardware Security Module
But…
Keys can be accidentally destroyed
e.g. due to mechanical influence during transport
Reduced number of keys
22
Smartcards
Secure key storing and use
Key pair generation (not all)
Calculation of digital signatures
Decryption
23
Access over PKCS#11
Interface to the card
Support functions like:Change PIN, Sign, Decrypt, Write certificate
But:Some functions are not supported (e.g. change PUK)Possibly many libraries are needed for supporting different cards and readers.
Available at:http://www.rsa.com/rsalabs/node.asp?id=2133
24
Access over PKCS#15
Specifies the structure of the card in the card
Every directory in the card is an application
Pointers to cryptographic objekts (ODF)
PrivateKey
PublicKey
Certificate
Available at:
http://www.rsa.com/rsalabs/node.asp?id=2141
5
25
Structure PKCS#15
DescriptorDF(PKCS#15)
FurterDFs/EFs
UserdataEF (DIR)
TokenInfo
MasterFile
ADFCDFPrKDFODF
Pointer to PrivateKey Data, Certificate Data, Authentication Data (PIN) and Token Information (Serial number)
26
E4 NetKey (TeleSec)
E4 evaluated (according to ITSEC)
Global files (serial number, etc.)
SigG application
Pre-keyd with one key-pair according to SigG(Signature Act)
NetKey application
3 key pairs (pre-keyed)
Null-PIN scheme (patented)
27
Java Cards
No filesystem but applets
JCRE (Java Card Runtime Environment)
manages:
the resources of the card
the communication with the outside world
the execution of the applets
controls:
the compliance with the security limitations
28
Java Cards
Like normal Java code but
No long, double, float
Characters and Strings
Multidimensional arrays
Threads
Object serialisation und cloning
Dynamic loading of classes (like drivers)
Security Manager
Garbage Collector not always present
29
Use
Destruction
Transport
storing
Backup
Recovery
Generation
Life cycle of private keys
start state
state
end state
30
Use
Destruction
Transport
Storing
Backup
Recovery
GenerationGeneration
Life cycle of private keys
appropriate parameters
secure random number generator
shielding against eavesdropping
•…
6
31
Use
Destruction
Transport
StoringStoring
Backup
Recovery
Generation
Life cycle of private keys
persistent storing
deletion from the generator
appropriate access protection
…
32
Use
Destruction
TransportTransport
Storing
Backup
Recovery
Generation
Life cycle of private keys
correct receiver
guaranteed delivery
appropriate transport security mechanisms…
33
UseUse
Destruction
Transport
Storing
Backup
Recovery
Generation
Life cycle of private keys
easy for the authorised users
impossible for the unauthorisedusers
protection of the private key
…34
Use
DestructionDestruction
Transport
Storing
Backup
Recovery
Generation
Life cycle of private keys
unrecoverable
easy for authorised users
impossible for unauthorisedusers
•…
35
Use
Destruction
Transport
Storing
BackupBackup
Recovery
Generation
Life cycle of private keys
persistent storing
only for certain keys
appropriate access protection
…
36
Use
Destruction
Transport
Storing
Backup
RecoveryRecovery
Generation
Life cycle of private keys
correct reestablishment
easy for authorised users
impossible for unauthorisedusers
…
7
37
User generates key
PGP Example
38
Generation
39
Generation
40
Generation
41
Generation
42
Generation
8
43
Generation
44
Generation
45
Generation
46
Storing
47
Transport
48
Transport
9
49
Transport
File contents
../Certificates/Test User.cxt
50
Use
51
Use
52
Destruction
53
Destruction
54
Destruction
10
55
Backup
56
Backup
57
Backup
58
Backup
59
Recovery
60
Recovery
11
61
Recovery
62
Trust center generates key
Trust center example
TUDCard
63
Generation
The manufacturer creates the keys
input
output 64
Storing
Contains the private key
A file exists that holds the private key.
Security condition:
PSO (Perform Security Operation) after PIN has been correctly given.
65
TransportBy snail mail
66
Use
First Use detection
Null-PIN technique
12
67
Use
PIN-Entry
necessary
for PSO
68
Use
Set PINSee PUKDownload certificate
69
Destruction
Physical destruction of the card.
high temperature, etc…
70
Backup
input
output
Every key is stored in a PKCS#12 file
71
Recovery
An example…
TUDCardKeyRecovery
72
User generates key
The user generates its own private key
13
73
Generate
keytool -genkey -keyalg RSA -keystore keystore.ks -alias myalias
74
Store
keytool -genkey -keyalg RSA -keystore keystore.ks -alias myalias
75
Transport
The key is already at the client side.
76
UseIn order to use the private key, the public key is certified by a CA.
Thawte example
77 78
14
79 80
81 82
83
Hi! Please use your browser to go to the following URL: https://www.thawte.com/cgi/enroll/personal/step8.exeOnce you have connected successfully to the above address, you must copy and paste the "probe" and "ping" values below into the appropriate text boxes:Probe: value Ping: valueYou should save this message until you have completed the enrollment process, just in case. But you MUST go to the above URL within 24 hours, or we will delete your request information and you'll have to start over! If you have problems completing the above please contact our support team by going to the following URL: https://www.thawte.com/cgi/support/contents.exeRegards, The thawte team thawte Certification 84
15
85 86
87 88
89 90
email address
16
91 92
93 94
keytool -certreq -keystore keystore.ks -file csr.txt -alias myalias
95
-----BEGIN NEW CERTIFICATE REQUEST-----MIIBrDCCARUCAQwbDELMAkGA1UEBhMCREUxDjAMBgNVBTBUhlc3NlMRIwEAYDVQQHEwlEYXJtN57qbnyAfAAAAAAAc3RhZHQxDDKBgNVATA1RVRDEMMAoGA1UECxMDQ0RDMRwGwYDVQQDExRWY5nZWxpcyBLYXJhN57qbnyAfAAAAAAAdHNpb2xpcznzANBqhkiG9w0BAQEFAAOBjQAwgYkCgYEAroJITHFBR5orQ9dB4qkP/gMhS1hCNiowdM2CrJINiowdM2CCCCE+Qrzut77pzzjlEBLQeeMC0Q88LF8tTJfFoUKdGni/PAAiOPHxvNXFFH0YZs4/P7gXMAX+9eEgGNiowdM2CrJINiowdM2CCCCEjL2ig7PyQlkGGwIbvxYQmEX2TKk9tKWqCvFjl6BKTjIIjErmgolyi79dk3Cdwx26Z8CAwEAAaAANiowdM2CrJINiowdM2CCCCEEEMA0GCSqGSIb3DEBBAUAAGBAIvbaheW+lVaDdRN57qbnyAf3qqxD2GcjmBcCcO8v3TN9zc4mSENiowdM2CrJINiowdM2CCCCpXXTFQg4UqO0urJINiowdM2CtrPzlEtORJNtoxxiRLHp9+LLNXnER43nYvcLZ/QIChlfIX6KiPrJINiowdM2CrJINiowdM2CCCCElr81bvYRq6G/bGxrz4K55c17UIqPtlGN7yQEDxYZ5e+-----END NEW CERTIFICATE REQUEST-----
96
17
97 98
99
The user receives a URL that contains thecertificate inside a PKCS#7 structure
100
keytool -import -file test.crt -alias myalias -trustcacerts -keystore keystore.ks
101
Destruction
102
Backup
A simple copy of the file to:a CDa USB stickan external hard disc… or similar
The password may be changed.
18
103
Recovery
Recovery from the copy location.
Password is needed.