Compliance Defects in Public-Key Cryptography

innocentsickAI and Robotics

Nov 21, 2013 (3 years and 7 months ago)

46 views

Compliance Defects in Public
-
key Cryptography


“ A public
-
key security system trusts its users to validate each
others’s public keys rigorously and to manage their own
private keys securely. Both tasks are hard to do well, but
public
-
key security systems lack a centralized infrastructure
for enforcing users' discipline. ”

Presented by Gene Yang

By Don Davis.

Outline


Public
-
key infrastructure services


How public
-
key infrastructure (PKI)
works


Compliance Defects


Conclusion

Public
-
key Infrastructure
services


A public
-
key security system comprise
three infrastructure services


Certification Authority (CA)


Signs users’ public keys


Directory


Public
-
access database of valid certificates


Certificate Revocation List (CRL)


Public
-
access database of invalid certificates

How PKI Works

1. Key Creation


The user create a new key pair.


The user proves his ID to CA (not electronically).



The CA signs a certificate that names the user


as the bearer of his new public key.


Public Key

ID

Root CA’s Private key

Root CA’s Public Key

CA

CA

(root)

CA

CA

CA

Public key

Private key



The user also recerives the Root CA’s


public key for later use.



The user chooses a secret pass

phrase, and


uses it to encrypt his asymmetric private key.

2. Single Sign On



At login, the user types his pass


phrase

to decrypt his private key.



With his private key, the user



participates in public
-
key protocols.

Certificate

User ID Info

User’s Public Key

CA ID Info

Digitally signed by
CA’s private key

How PKI works cont.

3. Authenticating Others


T
he user either exchanges certificates directly with other users,

or he get others'
certificates

from the Directory service.


Before using a certificate, the user must check the CRL

for notice of the
certificate's revocation
.


Must
validate the CA's signature.


4. Password
-
Change


The user should regularly change the pass

phrase with which he decrypts his

asymmetric private key
.


5. Key
-
Revocation


Certificates are time

stamped to expire after a few months or a year.


If a user's pass

phrase or his private key is compromised, then he must inform the
CRL

administrator,

who disseminates a notice that the corresponding public
-
key
certificate has been revoked



The user should check the CRL every time he uses a certificate, because the CRL
may be

updated at any moment.


Compliance Defects


Authenticating the User.


CA signs public
-
key certificate.


Problem: CA cannot trust electronic assurances of new
user.


Face to face identification checks are required. However,
it becomes unrealistic.


Authenticating the CA.


A
user must authenticate
public key certificate

by
checking its certifying signature and the signature on each
public key in its chain of
CA
s.


Problem: public
-
key crytography
cannot afford the user
any automatic procedure for validating the top
-
level CA
key.


Keep root key in the smart card or under the pass phrase’s
encryption.


Compliance Defects Cont.


Certificate Revocation Lists.


When a user's public key must be removed from use, the
only way to enforce prompt revocation is to check every
certificate before use against a Certificate Revocation List.


Problem:
a rigorous check of a certificate's validity
requires that the public key of each CRL in the chain to
the Root has to be revocation
-
checked
.


This extra performance burden makes it likely that

public
-

key deployment is proceeding without a revocation
infrastructure.

Compliance Defects Cont.


Private
-
Key Management
.


The user
must keep his private key in memory throughout
his login session.


Problem: it exposes a
long
-
lived secret, the private key.


Private key can be compromised by physical theft, viruses
and Trojan
-
House programs.


Pass phrase Quality.


User
don't share their pass

phrases with any security
service or administrator.


Problem: there is no way to enforce expiration or quality
controls on pass phrases.


If the user find the controls of local pass phrase is
inconvenient,
he can just use a more lenient program to
encrypt his private key.

Conclusion


Public
-
key's decentralized nature
actually places a lot of trust on users,
that properly belongs to the security
infrastructure and its administrators.


Question: Is
that public
-
key
cryptography best suited to securing
communications between servers
or
desktop applications?