Embed Size (px)
Citation preview
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/981
Certificates:Certificates:X.509 and CA
Contents Copyright © E. Gerck, 1998. All rights reserved. Allowed copying and public distribution of the complete work only, with author and source
citation.
brNovaware MCG -- http://www.mcg.org.br
Certificates are viewed as secure communication channels between two parties in a dialogue. Certification is shown to be mathematically equivalent to distance measurement in a metric space. The model is exemplified with X.509 - Certification Authorities (CA).
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/982
“ On the Internet, nobody knows you’re a dog.”
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/983
"Much of the public discussion and rhetoric is about encryption -- with little attention focused on what is needed to make its use trustworthy."
“What is less discussed is the need to bind a system of trust to the security systems. This is the only way that security will be truly achieved. What do I mean by this? Security is concerned with locks, fences and guards. Trust is about whether they work.”
US Director of Central Intelligence, George J. Tenet (1998)
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/984
•Information (Shannon, 1948):Information (Shannon, 1948):
Information is “that which is transferred from a source to a destination, using a communication channel”.
Information is what you do not expect
•Trust (Gerck, 1998): Trust (Gerck, 1998): (http://www.mcg.org.br/trustdef.htm)(http://www.mcg.org.br/trustdef.htm)
Trust is “that which is essential to a communication channel but which cannot be transferred from a source to a destination using that channel".
Trust is what you know you know you know
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/985
• Sense and Reference (Frege, 1910): Sense and Reference (Frege, 1910):
For any referent, sense (Sinn, meaning) and reference (Bedeutung, name) are independent variables:
Reference
Sense
?
?
?
?
?
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/986
Certification and Cryptography
Asymmetric cryptography allows for:• two keys: public-key and private-key• Public-key security• private protocols
Certification allows for :• Origin authentication• Data-integrity authentication
A private conversation with a thief ...is not secure just because it is private!
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/987
Certification
Certification is expressed by certificates:
(Gerck) A certificate is a secure process for the designation of attributes to an entity, within a process boundary. (http://www.mcg.org.br/cie.htm)
(X.509v3) "user certificate; public key certificate; certificate: The public keys of a user, together with some other information, rendered unforgeable by encipherment with the private key of the certification authority which issued it.". (http://www.mcg.org.br/mirrors.htm)
A certificate is a secure communication channel!
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/988
Certificate
• A certificate is a secure communication channel
• Certificates are cryptographically signed by the issuer
• Certificates transport information• Information has no meaning -- it is just
references...even if it is signed!
Is it true that “2 = 2” ?Depends on semantics!In C it is wrong! It should be “2 == 2”
Without meaning communication does not occur!
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/989
Certificate
Are certificates trustful because they certify, or certify because they are trustful?
• Stance: objective (the first) versus subjective (the second)
• Risk is borne by the user (i.e., the verifier, the relying party) who is in the subjective stance
• Trust is neither embedded nor infused in the certificate
• Trust is relative to the user's point of view
• ”Trust is in the eyes of the beholder"http://www.mcg.org.br/augustine.txt
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/9810
Certification
http://www.mcg.org.br/intrinsic.htm
Name
Key
(Skywalker, K2)
(Skywalker, K1, revoked)
(Bob, K3)
CA
Alice...one also needs:3. CA-invariant
X.509:1. Key-invariant2. Trust-invariant
1
2
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/9811
X.509 Certification and CA
1. Key-invariant: Trust the CA and get CA’s certificate
2. Trust-invariant: Use the trusted CA’s key and verify subscriber’s public-key certificate and absence of CRL
...but, one also needs (beyond X.509):3. CA-invariant: challenge subscriber’s private-key confirm subscriber is willing to use it be independent from the CA
After that ... You can eject the booster! Binary relationship can be used for time
indefinite.
http://www.mcg.org.br/certover.pdf -- or, cert.htm
© E. Gerck - X.509 and CA SegNet III - Brasilia, DF - Brazil - August/9812
Certificates:Certificates:X.509 and CA
Contents Copyright © E. Gerck, 1998. All rights reserved. Allowed copying and public distribution of the complete work only, with author and source
citation.
brNovaware MCG -- http://www.mcg.org.br
Certificates are viewed as secure communication channels between two parties in a dialogue. Certification is shown to be mathematically equivalent to distance measurement in a metric space. The model is exemplified with X.509 - Certification Authorities (CA).
