《774-資訊科學系.ppt》由会员分享,可在线阅读,更多相关《774-資訊科學系.ppt(29页珍藏版)》请在三一文库上搜索。
1、Public-key infrastructure: X.509 - Certificate,曾文貴 資訊科學系 交通大學,InfoSec Lab, NCTU CIS,2,Authentication of public keys,Public key usage: Encryption,?,InfoSec Lab, NCTU CIS,3,Authentication of public keys (cont.),Verification of a digital signature,InfoSec Lab, NCTU CIS,4,Authentication of public keys,H
2、ow does Bob know that the received key KUA (or KVA) is valid, i.e., “authentic”, “not revoked”, and “not expired” ?,InfoSec Lab, NCTU CIS,5,Authentication of public keys,Off-line/on-line approach,Trusted agent T,Bob: KVT,(1),(Alice, KUA, Sig(KRT, Alice, KUA),Trusted agent T1,Trusted agent T2,PKI (X.
3、509): On-line,(John, KUJ, Sig(KRT1, Alice, KUJ),InfoSec Lab, NCTU CIS,6,Directory service,Directory A server or distributed set of servers that maintains a database of information about users. The database consists of user names and their corresponding information, such as network address (for email
4、 service, etc), public-key certificate, etc. ITU-T X.500 series: define a directory service,InfoSec Lab, NCTU CIS,7,X.509,Part of X.500 directory service Based on public-key encryption and digital signature Provide public-key certificates of users Define authentication protocols based on public-key
5、certificates Used in S/MIME, IP security, SSL/TLS, SET, etc.,InfoSec Lab, NCTU CIS,8,CA (Certificate Authority),A CA is a trusted server that issues certificates. CA X has a private signing key KRX and a well-known verification key KVX corresponding to KRX There are a lot of CAs, usually arranged in
6、 the tree structure,InfoSec Lab, NCTU CIS,9,InfoSec Lab, NCTU CIS,10,CA (cont.),InfoSec Lab, NCTU CIS,11,Certificate,網路身份證 A certificate is issued by a CA X A certificate of a user A consists of: The name of the issuer CA X his/her public key KUA the signature Sig(KRX, A, KUA) by the CA X the expira
7、tion date Range of application, such as, encryption/signature ,InfoSec Lab, NCTU CIS,12,Certificate acquisition,Note: CA does not know KRA,InfoSec Lab, NCTU CIS,13,Certificate (cont.),A certificate is put in the directory by the CA or by the user so that every one can query its data. The directory d
8、oes not create the public key. It merely provides an easily accessible location for users to obtain certificates.,InfoSec Lab, NCTU CIS,14,Certificate format,InfoSec Lab, NCTU CIS,15,Certificate format (cont.),A real example,InfoSec Lab, NCTU CIS,16,Certificate elements,Version: currently v2 and v3
9、Serial number: an integer value, unique with the issuing CA. Signature algorithm identifier: the algorithm used to sign the certificate together with parameters Issuer name: X.500 name of the CA that created and signed this certificate Period of validity: consist of two dates, the first and last on
10、which the certificate is valid,InfoSec Lab, NCTU CIS,17,Certificate elements (cont.),Subject name: the name of the user Subjects public-key information: the public key of the user, the system in which this key can be used and parameters Issuer unique identifier: to identify the name of the issuing C
11、A in case of ambiguity occurred in X.500 Extensions: for other purposes (in V3) Signature: covers all of the other fields of the certificate. It contains the hash code of the other fields, encrypted with the CAs private key. This field includes the signature algorithm identifier.,InfoSec Lab, NCTU C
12、IS,18,Notations,CA=CAV, SN, AI, CA, TA, A, Ap Y: the certificate of user X issued by CA Y YI: the signing of I by Y. It consists of Y with an encrypted hash code appended. When user Z gets certificate Y and CA Ys public key, he/she can verify the validity of Y.,InfoSec Lab, NCTU CIS,19,Verify certif
13、icates,To verify X, one has to get the public key of CA X and then verify this certificate. X.509 uses Hierarchical structure to search the appropriate verification key of the certificate.,InfoSec Lab, NCTU CIS,20,X.509 hierarchy,InfoSec Lab, NCTU CIS,21,X.509 hierarchy (cont.),A wants to verify Bs
14、certificate Z A has only CA Xs public key Path to find CA Zs public key: X W V Y Z,InfoSec Lab, NCTU CIS,22,Revocation of certificates,Each CA should maintain a certificate revocation list (CRL) that contains Certificates that are revoked before the expiration date Directory service: provide the rev
15、ocation list of a CA,InfoSec Lab, NCTU CIS,23,Real example,申請GCA電子憑證 自然人申請憑證流程圖.htm 相關應用.htm 網路報繳稅.htm 公路電子監理 資料查詢 GCA的電子憑證 gca0000000.cer 個人的電子憑證 0400002280.cer,InfoSec Lab, NCTU CIS,24,VeriSign CA,3 classes for certificates (digital ID), depending on assurance of the holders identity Every one can
16、 get a free class-1 digital ID VeriSign homepage Version.htm Homework Get a personal certificate from GCA Get a digital ID from VeriSign,InfoSec Lab, NCTU CIS,25,VeriSign CA (cont.),InfoSec Lab, NCTU CIS,26,Authentication procedures with public keys,Each party knows anothers public key by “certificate” or other means Levels of authentication One-way authentication Two-way authentication Three-way authentication,InfoSec Lab, NCTU CIS,27,One-way authentication,InfoSec Lab, NCTU CIS,28,Two-way authentication,InfoSec Lab, NCTU CIS,29,Three-way authentication,