Embed Size (px)
Citation preview
1
Public Key InfrastructuresPublic Key Infrastructures
Chapter 6Private Keys
Cryptography and ComputeralgebraVangelis KaratsiolisAlexander Wiesmaier
2
How to store private keys?
3
Personal Security Environment (PSE)
Private keys are stored in PSEs
4
Realisation of PSEs : Tokens
Secure storing of private keys
in Software in Hardware
PKCS#12Application specific
(e.g. Netscape)Java KeyStore SmartcardUSB-Token
HardwareSecurityModule(HSM)
5
Token properties
Compatibility
Portability
Availability
Access protection
6
PKCS#12
Software based PSE
Format for secure transport and storing
Most typical format for software PSEs
Available at:http://www.rsa.com/rsalabs/node.asp?id=2138
7
PKCS#12: Modes
Public Key Privacy Mode:Encryption with a symmetric key. This symmetric key is encrypted with the public key of the receiver.
Password Privacy Mode:Encryption with one symmetric key, which is derived from a password.
Public Key Integrity Mode:Signed with a private key. The receiver can verify the message.
Password Integrity Mode:A MAC is calculated which can be verified by the receiver.
8
PKCS#12: StructureAuthenticatedSafe
ContentInfo
Plain data
Encrypted data
Enveloped data
9
Example
Personal nformation Exchange
Password: 123456
10
11
Java Keystores
Implementation of the KeyStore Class
Two types:JKS
Proprietary algorithmsWeak encryption
JCEKSStandard algorithmsStrong encryptionPart of the JCE (Java Cryptography Extensions)Since Java 1.4
Easy Administration with keytool 12
KeyStore example
keytool -genkey -alias test -keyalg RSA-keysize 1024 -keypass 123456-storepass 123456 -keystore test.ks
Run: ../Certificates/keytool.bat
13
Application specific
Examples:
MozillaWindows
14
Private key import in Firefox
15
Private key access in Firefox
16
Private key import in Windows
17
Private key access in Windows
18
Application specific
Netscape FamilyMozilla, Firefox, Thunderbird, SeaMonkeyThrough Software Security ModuleThe standard implementation is proprietaryThe format for the import is PKCS#12
Windows Internet Explorer, Outlook/ExpressThe standard implementation is proprietaryThrough Cryptographic Service ProviderThe format for the import is PKCS#12
19
Hardware Security Module
Secure storage and use of keys
(Pseudo)random number generation
Key pair generation
Calculation of digital signatures
Key archiving
Acceleration for cryptographic schemes
20
Hardware Security Module
Protect the keys against
Mechanical attacks
Temperature attacks
Manipulation of the voltage
Chemical attacks
The keys are destroyed in case of danger
21
Hardware Security Module
But…
Keys can be accidentally destroyed
e.g. due to mechanical influence during transport
22
Network Attached HSM
Speed
Availability
Robustness
23
Smartcards
Secure key storing and use
Key pair generation (not all)
Calculation of digital signatures
Decryption
24
Access over PKCS#11
Interface to the card
Support functions like:Change PIN, Sign, Decrypt, Write certificate
But:Some functions are not supported (e.g. change PUK)Possibly many libraries are needed for supporting different cards and readers.
Available at:http://www.rsa.com/rsalabs/node.asp?id=2133
25
PKCS#15
Specifies the structure of the card in the card
Every directory in the card is an application
Pointers to cryptographic objekts (ODF)
PrivateKey
PublicKey
Certificate
There is a a newer specification based on it: ISO 7816-15
Available at:
http://www.rsa.com/rsalabs/node.asp?id=2141 26
Structure PKCS#15
DescriptorDF(PKCS#15)
FurtherDFs/EFs
UserdataEF (DIR)
TokenInfo
MasterFile
ADFCDFPrKDFODF
Pointer to PrivateKey Data, Certificate Data, Authentication Data (PIN) and Token Information (Serial number)
27
E4 NetKey (TeleSec)
E4 evaluated (according to ITSEC)
Global files (serial number, etc.)
SigG application
Pre-keyd with one key-pair according to SigG(Signature Act)
NetKey application
3 key pairs (pre-keyed)
Null-PIN scheme (patented)
28
Java Cards
No filesystem but applets
JCRE (Java Card Runtime Environment)
manages:
the resources of the card
the communication with the outside world
the execution of the applets
controls:
the compliance with the security limitations
29
Java Cards
Like normal Java code but not:
Long, double, float
Characters and strings
Multidimensional arrays
Threads
Object serialisation und cloning
Dynamic loading of classes (like drivers)
Security Manager
Garbage Collector not always present
30
Examples
Of secure signature-creation devices
Secure signature-creation devices
31
Use
Destruction
Transport
Storing
Backup
Recovery
Generation
Life cycle of private keys
start state
state
end state
32
Use
Destruction
Transport
Storing
Backup
Recovery
GenerationGeneration
Life cycle of private keys
appropriate parameters
secure random number generator
shielding against eavesdropping
•…
33
Use
Destruction
Transport
StoringStoring
Backup
Recovery
Generation
Life cycle of private keys
persistent storing
deletion from the generator
appropriate access protection
…
34
Use
Destruction
TransportTransport
Storing
Backup
Recovery
Generation
Life cycle of private keys
correct receiver
guaranteed delivery
appropriate transport security mechanisms…
35
UseUse
Destruction
Transport
Storing
Backup
Recovery
Generation
Life cycle of private keys
easy for the authorised users
impossible for the unauthorisedusers
protection of the private key
…36
Use
DestructionDestruction
Transport
Storing
Backup
Recovery
Generation
Life cycle of private keys
unrecoverable
easy for authorised users
impossible for unauthorisedusers
•…
37
Use
Destruction
Transport
Storing
BackupBackup
Recovery
Generation
Life cycle of private keys
persistent storing
only for certain keys
appropriate access protection
…
38
Use
Destruction
Transport
Storing
Backup
RecoveryRecovery
Generation
Life cycle of private keys
correct reestablishment
easy for authorised users
impossible for unauthorisedusers
…
39
User generates key
Example 1:
User generates key (PGP)
40
Generation
41
Generation
42
Generation
43
Generation
44
Generation
45
Generation
46
Generation
47
Generation
48
Storing
49
Transport
50
Transport
51
Transport
File contents
../Certificates/Test User.cxt
52
Use
53
Use
54
Destruction
55
Destruction
56
Destruction
57
Backup
58
Backup
59
Backup
60
Backup
61
Recovery
62
Recovery
63
Recovery
64
Trust center generates key
Example 2:
Trust center generates key (X.509)
TUDCard
65
Generation
The manufacturer creates the keys
input
output 66
Storing
Contains the private key
A file exists that holds the private key.
Security condition:
PSO (Perform Security Operation) after PIN has been correctly given.
67
TransportBy snail mail
68
Use
First Use detection
Null-PIN technique
69
Use
PIN-Entry
necessary
for PSO
70
Use
Set PINSee PUKDownload certificate
71
Destruction
Physical destruction of the card.
high temperature, etc…
72
Backup
input
output
Every key is stored in a PKCS#12 file
73
User generates key
Example 3:
User generates key (X.509)
The user generates its own private key
74
Generate
keytool -genkey -keyalg RSA -keystore keystore.ks -alias myalias
75
Store
keytool -genkey -keyalg RSA -keystore keystore.ks -alias myalias
76
Transport
The key is already at the client side.
77
UseIn order to use the private key, the public key is certified by a CA.
Thawte example
78
79 80
81 82
83 84
Hi! Please use your browser to go to the following URL: https://www.thawte.com/cgi/enroll/personal/step8.exeOnce you have connected successfully to the above address, you must copy and paste the "probe" and "ping" values below into the appropriate text boxes:Probe: value Ping: valueYou should save this message until you have completed the enrollment process, just in case. But you MUST go to the above URL within 24 hours, or we will delete your request information and you'll have to start over! If you have problems completing the above please contact our support team by going to the following URL: https://www.thawte.com/cgi/support/contents.exeRegards, The thawte team thawte Certification
85 86
87 88
89 90
91
email address
92
93 94
95
keytool -certreq -keystore keystore.ks -file csr.txt -alias myalias
96
-----BEGIN NEW CERTIFICATE REQUEST-----MIIBrDCCARUCAQwbDELMAkGA1UEBhMCREUxDjAMBgNVBTBUhlc3NlMRIwEAYDVQQHEwlEYXJtN57qbnyAfAAAAAAAc3RhZHQxDDKBgNVATA1RVRDEMMAoGA1UECxMDQ0RDMRwGwYDVQQDExRWY5nZWxpcyBLYXJhN57qbnyAfAAAAAAAdHNpb2xpcznzANBqhkiG9w0BAQEFAAOBjQAwgYkCgYEAroJITHFBR5orQ9dB4qkP/gMhS1hCNiowdM2CrJINiowdM2CCCCE+Qrzut77pzzjlEBLQeeMC0Q88LF8tTJfFoUKdGni/PAAiOPHxvNXFFH0YZs4/P7gXMAX+9eEgGNiowdM2CrJINiowdM2CCCCEjL2ig7PyQlkGGwIbvxYQmEX2TKk9tKWqCvFjl6BKTjIIjErmgolyi79dk3Cdwx26Z8CAwEAAaAANiowdM2CrJINiowdM2CCCCEEEMA0GCSqGSIb3DEBBAUAAGBAIvbaheW+lVaDdRN57qbnyAf3qqxD2GcjmBcCcO8v3TN9zc4mSENiowdM2CrJINiowdM2CCCCpXXTFQg4UqO0urJINiowdM2CtrPzlEtORJNtoxxiRLHp9+LLNXnER43nYvcLZ/QIChlfIX6KiPrJINiowdM2CrJINiowdM2CCCCElr81bvYRq6G/bGxrz4K55c17UIqPtlGN7yQEDxYZ5e+-----END NEW CERTIFICATE REQUEST-----
97 98
99 100
The user receives a URL that contains thecertificate inside a PKCS#7 structure
101
keytool -import -file test.crt -alias myalias -trustcacerts -keystore keystore.ks
102
Destruction
103
Backup
A simple copy of the file to:a CDa USB stickan external hard disc… or similar
The password may be changed.
104
Recovery
Recovery from the copy location.
Password is needed.
