4. Public Key Infrastructures Distributing public keys is critical in public key

Question

4. Public Key Infrastructures Distributing public keys is critical in public key cryptography. How does a party ensure that a public key belongs to an entity? A trusted third party, the Certificate Authority, certifies that a public key is associated with a subject by signing a certificate. There exist many commercial CAs (Verisign, Symantec, etc) but OpenSSL allows you to create a minimal Certificate Authority. A Certificate Authority is a part of a Public Key Infrastructure, which also includes a Registration Authority, and a Repository. 1. Create a directory layout for your Certificate Authority. The crl directory will hold CRLs (CertificateRevocation List) and the certs directory will hold user certificates. The Certification Authority keeps a database of all signed certificates and CRLs (in the ca/root-ca/db directory). The private directory will hold all the private information (private keys). root@kali:~#mkdir CA root@kali:~#cd CA root@kali:~/CA#mkdir crl root@kali:~/CA#mkdir certs root@kali:~/CA#mkdir ca root@kali:~/CA#cd ca root@kali:~/CA/ca#mkdir root-ca root@kali:~/CA/ca#cd root-ca root@kali:~/CA/ca/root-ca#mkdir db root@kali:~/CA/ca/root-ca#mkdir private root@kali:~/CA/ca/root-ca#chmod 700 private 2. OpenSSL also maintains a text database of issued certificates and their status. Create the database files: root@kali:~/CA/ca/root-ca#touch db/root-ca.db root@kali:~/CA/ca/root-ca#touch db/root-ca.db.attr root@kali:~/CA/ca/root-ca#cat > db/root-ca.crt.srl root@kali:~/CA/ca/root-ca#01 root@kali:~/CA/ca/root-ca#cat > db/root-ca.crl.srl root@kali:~/CA/ca/root-ca#01 3. Generate a new RSA key pair for the CA and create a Certificate Signing Request (CSR) for your CA. You will be prompted for the information that will be included in the certificate. root@kali:~/CA/ca/root-ca#cd ../.. root@kali:~/CA#openssl req -new -out root-ca.csr -keyout ca/root-ca/private/root-ca.key 4. Create a self-signed root certificate from the CSR. Note that the configuration file root-ca.conf must be located in the working directory. If you downloaded it to your home folder, you can use the mv command to move it to the working directory (“.”): root@kali:~/CA#mv /root/Desktop/root-ca.conf . root@kali:~/CA#openssl ca -config root-ca.conf -selfsign -in root-ca.csr -out ca/root-ca.crt 5. Create a CRL (empty) root@kali:~/CA#openssl ca -gencrl -config root-ca.conf -out crl/root-ca.crl 6. Your CA generates key pairs and signs certificates for its clients. First, a Certificate Signing request is prepared. You will be prompted for the information to be included in the certificate. Include information to create a certificate for yourself. Typically, this information must be verified by the Registration Authority. root@kali:~/CA#openssl req -new -out certs/nelly.csr -keyout certs/nelly.key 7. After the keys are generated and the requested is ready, the certificate request is signed by a CA. A copy of the certificate is saved in the certificate archive under the name ca/root-ca/.pem : root@kali:~/CA#openssl ca -config root-ca.conf -in certs/nelly.csr -out certs/nelly.crt 8. To view the information within the certificate: root@kali:~/CA#openssl x509 -in certs/nelly.crt -text -noout | more 9. The private key, the certificate, and the CA root certificate can be packed into a PKCS#12 bundle protected by a password. This format (often with a .pfx extension) is used to distribute keys and certificates to end users. Users can then install their pkcs12 into a trusted certificate store (javakeystore, web browser, etc). root@kali:~/CA#openssl pkcs12 -export -inkey certs/nelly.key -in certs/nelly.crt -certfile ca/root-ca.crt -out certs/nelly.p12 10. In order to verify a certificate, all the certificates in the certificate chain must be verified, all the way up to the root certificate, which is not verified (because it is trusted). In our case: root@kali:~/CA#openssl verify -verbose -CAfile ca/root-ca.crt certs/nelly.crt Copy and paste the output of step 8 below:

Explanation / Answer

Certificate Services is one foundation for the Public Key Infrastructure (PKI) that provides the means for safeguarding and authenticating information. The relationship between a certificate holder, the certificate holder's identity, and the certificate holder's public key is a critical portion of PKI. This infrastructure is made up of the following parts:

The Public/Private Key Pair

PKI requires the use of public/private key pairs. The mathematics of public/private key pairs is beyond the scope of this documentation, but it is important to note the functional relationship between a public and a private key. PKI cryptographic algorithms use the public key of the receiver of an encrypted message to encrypt data, and the related private key and only the related private key to decrypt the encrypted message.

Similarly, a digital signature of the content, described in greater detail below, is created with the signer's private key. The corresponding public key, which is available to everyone, is used to verify this signature. The secrecy of the private key must be maintained because the framework falls apart after the private key is compromised.

A private key can be stored, in protected format, on a disk, in which case it can only be used with that specific computer unless it is physically moved to another computer. An alternative is to have a key on a smart card that can be used on a different computer provided it has a smart card reader and supporting software.

The public key, but not the private key, of the subject of a digital certificate is included as part of the certificate request. That public key becomes part of the issued certificate.

The Certificate Request

Before a certificate is issued, a certificate request must be generated. This request applies to one entity, for example, an end-user, a computer, or an application. For discussion, assume that the entity is yourself. Details of your identity are included in the certificate request. After the request is generated, it is submitted to a certification authority (CA). The CA then uses your identity information to determine whether the request meets the CA's criteria for issuing a certificate. If the CA approves the request, it issues a certificate to you, as the entity named in the request.

The Certification Authority

Before issuing your certificate, the CA verifies your identity. When the certificate is issued, your identity is bound to the certificate, which contains your public key. Your certificate also contains the CA's digital signature (which can be verified by anyone who receives your certificate).

Because your certificate contains the identity of the issuing CA, an interested party that trusts this CA can extend that trust to your certificate. The issuance of a certificate does not establish trust, but transfers trust. If the certificate consumer does not trust the issuing CA, it will not (or at least should not) trust your certificate.

The Certificate

In addition to your public key and the identity of the issuing CA, the issued certificate contains information about the purposes of your key and certificate. Furthermore, it includes the path to the CA's list of revoked certificates, and it specifies the certificate validity period (beginning and ending dates).

Assuming the certificate consumer trusts the issuing CA for your certificate, the certificate consumer must determine whether the certificate is still valid by comparing the certificate's beginning and ending dates with the current time and by checking that your certificate in not on the CA's list of revoked certificates.

The Certificate Revocation List

Assuming the certificate is being used in a valid time period and the certificate consumer trusts the issuing CA, there is one more item for the certificate consumer to check before using the certificate: the certificate revocation list (CRL). The certificate consumer checks the CA's CRL (the path to which is included as an extension in your certificate) to ensure your certificate is not on the list of certificates that have been revoked. CRLs exist because there are times when a certificate has not expired, but it can no longer be trusted. Periodically, the CA will publish an updated CRL. Certificate consumers are responsible for comparing certificates to the current CRL before considering the certificate trustworthy.

Your Public Key Used for Encryption

If a sender wants to encrypt a message before sending it to you, the sender first retrieves your certificate. After the sender determines that the CA is trusted and your certificate is valid and not revoked, the sender uses your public key (recall it is part of the certificate) with cryptographic algorithms to encrypt the plaintext message into ciphertext. When you receive the ciphertext, you use your private key to decrypt the ciphertext.

If a third party intercepts the ciphertext email message, the third party will not be able to decrypt it without access to your private key.

Note that the bulk of the activities listed here are handled by software, not directly by the user.

Your Public Key Used for Signature Verification

If a third party intercepts the intended message, alters it (even slightly), and forwards it and the original signature to the recipient, the recipient, upon examination of the message and signature, will be able to determine that the message is suspect. Similarly, if a third party creates a message and sends it with a bogus digital signature under the guise that it originated from you, the recipient will be able to use your public key to determine that the message and signature do not correspond to each other.

Nonrepudiation is also supported by digital signatures. If the sender of a signed message denies sending the message, the recipient can use the signature to refute that claim.

Related Questions

Navigate

• Browse (All)
• Browse 4
• Subjects

Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.