Public Key Infrastructures

Transcription

1 Public Key Infrastructures Chapter 6 Private Keys Cryptography and Computeralgebra Johannes Buchmann 1

2 How to store private keys? 2

3 Personal Security Environment (PSE) Private keys are stored in PSEs 3

4 Realisation of PSEs : Tokens Secure storing of private keys in Software in Hardware PKCS#12 Java KeyStore Application specific (e.g. Netscape) USB-Token Smartcard Hardware Security Module (HSM) 4

5 Token properties Compatibility Portability Availability Access protection 5

6 PKCS#12 Software based PSE Format for secure transport and storing Most typical format for software PSEs Available at: 6

7 PKCS#12: Modes Public Key Privacy Mode: Encryption with a symmetric key. This symmetric key is encrypted with the public key of the receiver. Password Privacy Mode: Encryption with one symmetric key, which is derived from a password. Public Key Integrity Mode: Signed with a private key. The receiver can verify the message. Password Integrity Mode: A MAC is calculated which can be verified by the receiver. 7

8 PKCS#12: Structure AuthenticatedSafe ContentInfo Plain Data Encrypted Data Enveloped data 8

9 Example Personal nformation Exchange Password:

10 10

11 Java Keystores Implementation of the KeyStore Class Two types: JKS Proprietary algorithms Weak encryption JCEKS Standard algorithms Strong encryption Part of the JCE (Java Cryptography Extensions) Since Java 1.4 Easy Administration with keytool 11

12 KeyStore example keytool -genkey -alias test -keyalg RSA -keysize keypass storepass keystore test.ks Run:../Certificates/keytool.bat 12

13 Application specific Examples: Mozilla Windows 13

14 Private key import in Firefox 14

15 Private key access in Firefox 15

16 Private key import in Windows 16

17 Private key access in Windows 17

18 Application specific Netscape Family Mozilla, Firefox, Thunderbird, SeaMonkey Through Software Security Module The standard implementation is proprietary The format for the import is PKCS#12 Windows Internet Explorer, Outlook/Express The standard implementation is proprietary Through Cryptographic Service Provider The format for the import is PKCS#12 18

19 Hardware Security Module Secure storing and use of keys Pseudorandom number generation Key pair generation Calculation of digital signatures Key archiving Acceleration for cryptographic schemes 19

20 Hardware Security Module Protect the keys against Mechanical attacks Temperature attacks Manipulation of the voltage Chemical attacks The keys are destroyed in case of danger 20

21 Hardware Security Module But Keys can be accidentally destroyed e.g. due to mechanical influence during transport Reduced number of keys 21

22 Smartcards Secure key storing and use Key pair generation (not all) Calculation of digital signatures Decryption 22

23 Interface to the card Access over PKCS#11 Support functions like: Change PIN, Sign, Decrypt, Write certificate But: Some functions are not supported (e.g. change PUK) Possibly many libraries are needed for supporting different cards and readers. Available at: 23

24 Access over PKCS#15 Specifies the structure of the card in the card Every directory in the card is an application Pointers to cryptographic objekts (ODF) PrivateKey PublicKey Certificate Available at: 24

25 Structure PKCS#15 MasterFile Descriptor DF(PKCS#15) Userdata EF (DIR) Furter DFs/EFs ODF PrKDF CDF ADF TokenInfo Pointer to PrivateKey Data, Certificate Data, Authentication Data (PIN) and Token Information (Serial number) 25

26 E4 NetKey (TeleSec) E4 evaluated (according to ITSEC) Global files (serial number, etc.) SigG application Pre-keyd with one key-pair according to SigG (Signature Act) NetKey application 3 key pairs (pre-keyed) Null-PIN scheme (patented) 26

27 Java Cards No filesystem but applets JCRE (Java Card Runtime Environment) manages: the resources of the card the communication with the outside world the execution of the applets controls: the compliance with the security limitations 27

28 Java Cards Like normal Java code but No long, double, float Characters and Strings Multidimensional arrays Threads Object serialisation und cloning Dynamic loading of classes (like drivers) Security Manager Garbage Collector not always present 28

29 Life cycle of private keys Generation Backup storing Recovery Transport Use start state state end state Destruction 29

30 Life cycle of private keys Generation Backup Storing Recovery Transport appropriate parameters Use Destruction secure random number generator shielding against eavesdropping 30

31 Life cycle of private keys Generation Backup Storing Recovery Transport persistent storing Use deletion from the generator appropriate access protection Destruction 31

32 Life cycle of private keys Generation Backup Storing Recovery Transport Use Destruction correct receiver guaranteed delivery appropriate transport security mechanisms 32

33 Life cycle of private keys Generation Backup Storing Recovery Transport easy for the authorised users Use Destruction impossible for the unauthorised users protection of the private key 33

34 Life cycle of private keys Generation Backup Storing Recovery Transport unrecoverable Use Destruction easy for authorised users impossible for unauthorised users 34

35 Life cycle of private keys Generation Storing Backup Recovery Transport persistent storing Use only for certain keys appropriate access protection Destruction 35

36 Life cycle of private keys Generation Backup Storing Recovery Transport correct reestablishment Use Destruction easy for authorised users impossible for unauthorised users 36

37 User generates key PGP Example 37

38 Generation 38

39 Generation 39

40 Generation 40

41 Generation 41

42 Generation 42

43 Generation 43

44 Generation 44

45 Generation 45

46 Storing 46

47 Transport 47

48 Transport 48

49 Transport File contents../certificates/test User.cxt 49

50 Use 50

51 Use 51

52 Destruction 52

53 Destruction 53

54 Destruction 54

55 Backup 55

56 Backup 56

57 Backup 57

58 Backup 58

59 Recovery 59

60 Recovery 60

61 Recovery 61

62 Trust center generates key Trust center example TUDCard 62

63 Generation The manufacturer creates the keys input output 63

64 Storing Contains the private key A file exists that holds the private key. Security condition: PSO (Perform Security Operation) after PIN has been correctly given. 64

65 Transport By snail mail 65

66 Use First Use detection Null-PIN technique 66

67 Use PIN-Entry necessary for PSO 67

68 Use Set PIN See PUK Download certificate 68

69 Destruction Physical destruction of the card. high temperature, etc 69

70 Backup Every key is stored in a PKCS#12 file input output 70

71 Recovery An example TUDCardKeyRecovery 71

72 User generates key The user generates its own private key 72

73 Generate keytool -genkey -keyalg RSA -keystore keystore.ks -alias myalias 73

74 Store keytool -genkey -keyalg RSA -keystore keystore.ks -alias myalias 74

75 Transport The key is already at the client side. 75

76 Use In order to use the private key, the public key is certified by a CA. Thawte example 76

77 77

78 78

79 79

80 80

81 81

82 82

83 Hi! Please use your browser to go to the following URL: Once you have connected successfully to the above address, you must copy and paste the "probe" and "ping" values below into the appropriate text boxes: Probe: value Ping: value You should save this message until you have completed the enrollment process, just in case. But you MUST go to the above URL within 24 hours, or we will delete your request information and you'll have to start over! If you have problems completing the above please contact our support team by going to the following URL: Regards, The thawte team thawte Certification 83

84 84

85 85

86 86

87 87

88 88

89 89

90 address 90

91 91

92 92

93 93

94 keytool -certreq -keystore keystore.ks -file csr.txt -alias myalias 94

95 -----BEGIN NEW CERTIFICATE REQUEST----- MIIBrDCCARUCAQwbDELMAkGA1UEBhMCREUxDjAMBgNVB TBUhlc3NlMRIwEAYDVQQHEwlEYXJtN57qbnyAfAAAAAAA c3rhzhqxddkbgnvata1rvrdemmaoga1uecxmdq0rdmr wgwydvqqdexrwy5nzwxpcyblyxjhn57qbnyafaaaaaaa dhnpb2xpcznzanbqhkig9w0baqefaaobjqawgykcgyearoj ITHFBR5orQ9dB4qkP/gMhS1hCNiowdM2CrJINiowdM2CCCCE +Qrzut77pzzjlEBLQeeMC0Q88LF8tTJfFoUKdGni/PAAiOPHxv NXFFH0YZs4/P7gXMAX+9eEgGNiowdM2CrJINiowdM2CCCCE jl2ig7pyqlkggwibvxyqmex2tkk9tkwqcvfjl6bktjiijermgoly i79dk3cdwx26z8caweaaaaaniowdm2crjiniowdm2cccceee MA0GCSqGSIb3DEBBAUAAGBAIvbaheW+lVaDdRN57qbnyAf3 qqxd2gcjmbccco8v3tn9zc4mseniowdm2crjiniowdm2cccc pxxtfqg4uqo0urjiniowdm2ctrpzletorjntoxxirlhp9+lln XnER43nYvcLZ/QIChlfIX6KiPrJINiowdM2CrJINiowdM2CCCC Elr81bvYRq6G/bGxrz4K55c17UIqPtlGN7yQEDxYZ5e END NEW CERTIFICATE REQUEST

96 96

97 97

98 98

99 The user receives a URL that contains the certificate inside a PKCS#7 structure 99

100 keytool -import -file test.crt -alias myalias -trustcacerts -keystore keystore.ks 100

101 Destruction 101

102 Backup A simple copy of the file to: a CD a USB stick an external hard disc or similar The password may be changed. 102

103 Recovery Recovery from the copy location. Password is needed. 103