Formation HES Yverdon 2003

1. Introduction to PKI Technology Sylvain Maret Février 2002 Version 2.01

11. If PKI is the answer then… What is the question? On the Internet no one knows you're a dog!

18. Services, Mechanisms, Algorithms A typical security protocol provides one or more services Services Mechanisms Algorithms Services are built from Mechanisms Mechanisms are implemented using Algorithms SSL, IPSEC, TLS, SSH, etc... Signatures Encryption Hashing DSA RSA RSA DES SHA MD5

19. Security Protocol Layers The further down you go, the more transparent it is The further up you go, the easier it is to deploy Application Presentation Session Transport DataLink Physical Application Presentation Session Transport Network DataLink Physical Network S/MIME, PGP SSL, TLS, SSH IPSEC Hardware link encryption

26. Secret-Key Cryptography

51. Public Key Cryptography

62. Diffie-Hellman: How it works ? Alice’s private key Bob’s private key Alice’s public key Bob’s public key = Share Secret Key Share Secret Key

64. Comparative Public-Key table

65. Message-Digest Algorithms

67. Message-Digest Algorithms Input Message Fixed-length Digest Hash Function

72. Random Numbers

75. Keys Length

80. Public-Key vs Secret-key

81. Message Authentication Code

83. Message Authentication Code + Input Message HMAC Secret-Key Hash Function

84. Digital Signature

87. Digital Signature: Basics Plaintext Simple signature using PRIVATE-key Plaintext Ciphertext (Signature) Alice’s private key Alice’s public key

88. Digital Signature: How it works? Alice’s private key Signature Alice’s Public key Signature Plaintext MD1 = MD2 ??? Plaintext Digest

91. Hybrid Cryptosystems

93. Example: Diffie-Hellman and Secret-Key cryptosystem = Share Secret Key Share Secret Key Plaintext Plaintext Ciphertext Asymmetric Symmetric

96. RSA Key wrapping encryption

98. RSA Key wrapping decryption

99. RSA Key wrapping question ? How sure can Alice be about Bob’s presumed public-key ?

100. Man in the Middle Attack!

101. SSH: How it works ?

104. SSH: Why ? Attacker with sniffer Network Original TCP Packet Login: rome Password: abc123 Unix Host Telnet to Unix Host

105. SSH-1 Protocol (Hybrid Crypto) TCP Auth request SSH Client Server DATA Client performs TCP handshake with the server at port 22 for SSH standard port Start authentication process. Client send authentication request Server decrypt the session key with the two private keys. Begin bulk encrypted data exchange. Client encrypts Server decrypts request, encrypts and sends response S S 22 Session The server responds with two keys. Host key 1024 bit RSA and a Server key 768 bit RSA (Generated hourly) Client verify host key and generate a secret key that is used for bulk encryption then encrypt this secret key twice with Host and Server public keys and send it to the server SSH Symmetric Encrypted data SSH Handshake Public Key

109. SSH Tunneling mode SSH Server HTTP 127.0.0.1 1999 Encrypted SSH tunnel Clear text Web server DMZ Corporate Net SSH Client

110. PKCS

113. Smart Card

119. Quiz !

121. PKI Introduction

124. Remember Alice, Bob and Charlie... Bob has no proof of the “link” between Alice’s public-keys and her identities So What ?

125. Third Trusted Party No more Charly Implicit Trust Trusted Authority Direct Trust Direct Trust

131. Demo: certificate view

135. How to build a Certificate X.509 Certificate CA’s Signature X.509 Fields Public key Identity etc. Digital Signature Process CA

137. Verifying a certificate? MD1 = MD2 ??? CA’s public key CA’s Signature X.509 Fields Public key Identity etc.

147. OSCP LDAP OCSP FTP, http others OCSP over http PKI enable Applications Pushing Revocation OCSP Responder CA Backend

150. Let’s be practical! User enrolls for certificate http://www... User mailed retrieval PIN User retrieves certificate http://www... Admin Approves request http://www... User mailed acknowledgement Admin mailed notification RA CA User Security Officer LDAP Certificate installed

153. S/MIME

158. SSL / TLS

165. SSL Handshake TCP Hello GET URL Client Server DATA Client performs TCP handshake with the server at port 443 for HTTPS which is HTTP in SSL Start Cipher negotiation. Client sends SSL HELLO containing ciphers supported by the client and a random number. Start pass secret. Server sends it’s CERTIFICATE. Client and Server exchange CHANGE CIPHER SPEC and FINISH messages. Begin bulk encrypted data exchange. Client encrypts and sends HTTP GET. Server decrypts request, encrypts and sends response Server sends FINISH and closes with TCP handshake S A SSL connection consists of an SSL handshake followed by bulk encrypted protocol S 443 Cert The server responds with a HELLO containing the ciphers to use and a random number. Note the server selects the ciphers to be used. RSA, RC4 and MD5 are most common. Client uses certificate to encrypt the pre-master Secret and sends to Server. Both compute bulk encryption KEYS from secret and random numbers. Bulk Encrypted HTTP Protocol Symmetric SSL Handshake Asymmetric 0.2 - 4 KB

167. Demo: Wrong URL !

175. Demo: unknown certificate

176. IPSEC

181. IPSec Tunnel mode IP TCP Application UDP IP TCP Application UDP IP AH/ESP Protected Data IP AH/ESP Protected Data Protected Traffic Hosts IPSec gateway

183. Transport mode Protected Traffic IP TCP Application UDP IP TCP Application UDP

185. SPI and SA (Basics) SPI: 0x1234567 Encryption (ESP): DES Authentication (AH): SHA-1 DES Key: 0x1615613651365365326536 SHA-1: 0x32676362736347672672644 SPI: 0x1234567 SA

188. Manual IPSec SA SPI SA SPI

190. IKE Key management using PKI SA SPI SA SPI Negotiation with Automatic Key Management X509 X509

191. Questions?

192. Pour plus d’informations e-Xpert Solutions SA Sylvain Maret Route de Pré-Marais 29 CH-1233 Bernex / Genève +41 22 727 05 55 [email_address]