Cryptography and Java - CRS4

sunflowerplateAI and Robotics

Nov 21, 2013 (3 years and 9 months ago)

70 views

Certification

Andrea Piras

piras@crs4.it

Contents

Brief Overview of Asymmetric Cryptography

What is certification?

X.509

X.509 Certificate

Extensions

Qualified Certificate

QC Extensions

Certificate Authority

Italian CAs

Certificate Revocation List

Contents

Java Packages

Java Code Example

Microsoft, Netscape & Certificates

Bibliography

Brief Overview of Asymmetric Cryptography

Based on
: discrete logarithm problem, elliptic curve discrete
logarithm problem, factoring problem, e
-
root problem

Key Pair:

Public (can be showed), Private (kept secret)

Encryption(public key)


Decryption(private key)


Encryption(private key)


Decryption(public key)


Brief Overview of Asymmetric Cryptography

Attack: Man in the middle

A

B

X

What is certification?

It’s

the

process

to

release

certificates

(digital

documents

attesting

to

the

binding

of

a

public

key

to

an

individual

or

an

entity)
.


Not

perform

cryptographic

operations

with

keys
.


It’s

a

service

of

the

public

key

infrastructure

(PKI)
.

X.509

It’s

the

ITU
-
T

(also

known

as

CCITT)

Recommendation

to

define

the

certificate

sintax
.


Used

in

a

lot

of

authentification

and

secure

communication

protocols

(ex
.

SSL)
.

Exist 3 versions:


Version 1 published in 1988


Version 2 published in 1993


Version 3 published in 1995

X.509 Certificate

An X.509certificate consists of the following fields:

Version

Integer (1, 2 or 3)

Serial number

Own and unique integer

Signature algorithm ID

Identificator of the signature algorithm and the optional parameters


Issuer name

Some information about the issuer:
country, locality, state or
province, street, organization, organizational unit, common
name,

e
-
mail, etc.

Validity period

Two dates: not valid before and not valid after

X.509 Certificate

Subject

name

As

issuer

name

(coun
try,

locality,

state

or

province,

street,

organization,


organizational

unit,

common

name,

e
-
mail,

etc)
.

Subject

public

key


The

certificated

public

key
;

key

algorithms
:

ECDSA,

Diffie

Hellman,


DSA,

RSA
.

Issuer

unique

identifier


Versions

2

and

3

only

Subject

unique

identifier

Versions

2

and

3

only

Extensions

Version

3

only

Signature

on

the

above

fields

Using

private

key

of

the

issuer

Extensions

Critical

If it is impossible
performing the extension,
the certificate is
refused

Not Critical

If it is impossible
performing the extension,
the extension is
ignored

CAN REVOLUTIONIZE THE CERTIFICATE USE

Extensions

AuthorityKeyIdentifier

indicate which is issuer public key corrisponding at the private key used for signing,

ever not critic.

BasicConstraints

used only in a CA Certificates, how deep a certification path, if the deep is 0 it’s a

CA leader certificate, ever critic.

CertificatePolicies

some phrases insert by the issuer.

CRLDistributionPoints

how find informations about distribution points and the reason, ever not critic.

IssuerAltName

alternative name for the issuer.

SubjectAltName

alternative name for the issuer, critic if the subject is null.

Extensions

NameConstraints

a name space within which all subject names in subsequent certificates in
a certification path, can been indicated restrictions to some subject name
or subject alternative names, if no name of the type is in the certificate it’s
acceptable, it’s possible make restrictions on host or domain, minimun
number is 0 and the maximun is absent,

used only in CA certificate and ever
critic.

KeyUsage


the

purpose

of

the

key

in

the

certificate
:

digitalSignature,

nonRepudiation,

keyEncipherment,

dataEncipherment,

keyAgreement,

keyCertSign,

cRLSign,

encipherOnly,

decipherOnly
;

ever

critic
.

Ex
.

if

the

public

key

is

used

only

for

signing,

digitalSignature

and

nonRepudiation

must

be

setted

true
.

ExtendedKeyUsage


some

addition

to

or

in

place

of

the

basic

purposes

of

the

KeyUsage
.

Extensions

SubjectKeyIdentifier

obtained

applying

SHA
-
1

at

the

certicate

public

key,

recommended,

ever

not

critic
.

SubjectDirectoryAttributes


another subject informations, ever not critic.

PolicyMappings


used

in

CA

certificate

for

mapping

the

issuer

policy

with

the

subject

policy

making

the

issuer

equal

to

the

subject,

not

critic

if

it’s

a

CA

certicate
.

PolicyConstraints


constrains

path

validation

to

prohibit

policy

mapping

or

require

that

each

certificate

in

a

path

contains

an

acceptable

policy

identifier
.

Qualified Certificate

Extension of the X.509 certificate


Identify the subject with an high level of security
preventing repudiation


Must contain the extensions:


BiometricInformation


CertificatePolicies


KeyUsage


QualifiedCertificateStatements


SubjectDirectoryAttributes

QC Extensions

BiometricInformation

holds the hash value corresponding to some specific biometric

information which itsself is not included but may be referenced

by means of an URI.


QualifiedCertificateStatements

statements about qualified certificate, ex:
restrictions on CA's
liability, certificate issued in accordance with a particular
legal system.

Certificate Authority

Any trusted administration able to issue

certificates assuring the subject identity

and which is his public key.

Exist a hierarchy of Cas


CA certificate lower level CAs

Low level CA release low assurance certificates

High level CA release high assurance certificates

VERY HIGH LEVEL OF SECURITY

Italian CAs

The

candidate

company

must

present

the

request

and

58

documents

(legal,

administrative,

econimic,

security

planning,

operation

planning)
.

AIPA

(
Autorità

per

l'Informatica

nella

Pubblica


Amministrazione
)

is

the

italian

authority,

born

with

the

law

12

February

1993
,

no
.
39
,

to

release

the

permission

to

a

company

to

issuing

certificates
.

20 march

2001

7

CA

known

by

AIPA

S
.
I
.
A
.

S
.
p
.
A
.

(
27
/
01
/
2000
)




Seceti

S
.
p
.
A
.

(
06
/
07
/
2000
)


Certificate Revocation List

A

list

of

certificates

revoked

before

their

expiration

date
.


The

causes

are
:


certificated

public

key

compromised


certificate

subject

changed

CA’s

private

key

compromised


A

CRL

is

maintained

by

a

CA
.


The

CRLs

are

downloadable

by

verifiers

from

CAs

or

central

repositories,

or

CAs

send

CRLs

to

verifiers

at

regular

intervals
.


When

the

certificate

expires,

it’s

cancelled

from

the

CRL
.

Java Packages

ADD

SECURITY

PROVIDER

Java Code Example

CREATE

KEY

PAIR

import java.util.*;

import java.security.*;

import javax.crypto.*;

import iaik.x509.*;

import iaik.x509.extensions.*;

import iaik.asn1.*;

import iaik.asn1.structures.*;


public class CertificateExample{


public static void main(String[] args){


Security.addProvider(new iaik.security.provider.IAIK());



X509Certificate cert = new X509Certificate();



KeyPairGenerator kpg =


KeyPairGenerator.getInstance(“RSA”, "IAIK");


kpg.initialize(1024, new SecureRandom());


KeyPair kp = generator.generateKeyPair();


….

CREATE

USAGE

PERIOD

CREATE

EXTEN
-

SIONS

CREATE

ISSUER

Java Code Example


….


Name issuer = new Name();


issuer.addRDN(ObjectID.country, “IT");


issuer.addRDN(ObjectID.organization ,“CRS4");


issuer.addRDN(ObjectID.commonName,




“CRS4 Certificate");



Vector extensions = new Vector();


extensions.addElement(new KeyUsage(


KeyUsage.digitalSignature | KeyUsage.decipherOnly));



GregorianCalendar dateStart = new GregorianCalendar();


GregorianCalendar dateStop = new GregorianCalendar();


dateStart.add(Calendar.DATE,
-
1);


dateStop.add(Calendar.MONTH, 6);


….


CERTIFICATE CREATED

Java Code Example


….


cert.setSerialNumber(java.math.BigInteger.valueOf(1));


cert.setIssuerDN(issuer);


cert.setSubjectDN(issuer);


cert.setPublicKey(kp.getPublic());


cert.setValidNotBefore(dateStart.getTime());


cert.setValidNotAfter(dateStop.getTime());


cert.addExtension(extensions[0]);


cert.sign(AlgorithmID.sha1WithRSAEncryption, kp.getPrivate());


….


}

}


Microsoft, Netscape & Certificates

Microsoft Windows 2000

Microsoft Internet Explorer 5.5

Microsoft Outlook Express 5.5


Netscape Navigator 4.75

Netscape Messenger 4.75

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft Internet Explorer ignores the html tag

<keygen>
,

own of Netscape

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Netscape

knows

CA

certificates

from

user

certificates

because,

before

to

send

the

certificate,

it’s

sent

own

content
-
type
:

application/x
-
x509
-
ca
-
cert

for CA certificate

application/x
-
x509
-
user
-
cert

for user certificate

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Microsoft, Netscape and Certificates

Bibliography



RSA Security Faqs


http://www.rsasecurity.com/rsalabs/faq



Public Key Infrastructure


http://www.opengroup.org/security/pki


http://csrc.ncsl.nist.gov/pki



Ferragina
,
Luccio
,
Appunti di crittografia
, Università degli Studi di Pisa
-

Dipartimento di Informatica, settembre 2000



IAIK
-
JCE

2.61 Reference


http://jcewww.iaik.tu
-
graz.ac.at



International Telecommucation Unit
-
Telecommunication Standardization
Sector (ITU
-
T)


http://www.itu.int/ITU
-
T

Bibliography



RFC3039
-

Qualified Certificate Profile


ftp://ftp.rfc
-
editor.org/in
-
notes/rfc3039.txt



RFC2459
-

Certificate and CRL Profile



http://www.ietf.org/rfc/rfc2459.txt



AIPA
-

Autorità per l'Informatica nella Pubblica Amministrazione

http://www.aipa.it

http://www.aipa.it/servizi[3/normativa[4/circolari[2/aipacr22.asp