Public key infrastructure ( PKI ) is a set of roles, policies, and procedures necessary to create, manage, distribute, use, store, and revoke digital certificates and manage public -key encryption. The objective of the PKI is to facilitate the transfer of secure electronic information for various network activities such as e-commerce, internet banking and confidential email. Required for activities where a simple password is an inadequate authentication method and more stringent evidence is required to confirm the identity of the parties involved in the communication and to validate the transferred information.
In cryptography, the PKI is an arrangement that binds the public key with the identity of each entity (such as people and organizations). Binding is done through the process of registration and issuance of certificates on and by the certificate authority (CA). Depending on the level of binding guarantees, this can be done by automated processes or under human supervision.
The role of the PKI that guarantees valid and correct registration is called the registration authority (RA). RA is responsible for receiving a request for a digital certificate and authenticating the entity making the request. In Microsoft PKI, registration authorities are usually called CA subordinates.
An entity must be uniquely identified within each CA domain based on information about that entity. A third-party validation authority (VA) may provide information of this entity on behalf of CA.
Video Public key infrastructure
Design
Public key cryptography is a cryptographic technique that allows an entity to communicate securely on an insecure public network, and reliably verify the identity of the entity through a digital signature.
Public key infrastructure (PKI) is a system for the manufacture, storage, and distribution of digital certificates used to verify that certain public keys belong to a particular entity. The PKI generates a digital certificate that maps the public key to the entity, safely stores this certificate in the central repository and revokes it if necessary.
PKI consists of:
- The certificate authority (CA) that stores, issues and signs a digital certificate
- The registration authority verifies the identity of the entity requesting their digital certificate for storage in CA
- The center directory - that is, a safe location for storing and indexing keys
- The certificate management system manages things like access to the stored certificate or the delivery of the certificate to be issued.
- The certificate policy which states the PKI's requirements regarding its procedures. The aim was to enable outsiders to analyze the feasibility of the PKI.
Maps Public key infrastructure
Certification method
Broadly speaking, there are traditionally three approaches to gaining this trust: certificate authority (CAs), trust networks (WoT), and simple public key infrastructure (SPKI).
The main role of CA is to digitally sign and publish public keys that are tied to a given user. This is done using a private CA key, so trust in a user's key depends on a person's trust in the validity of the CA key. When a CA is a separate third party of users and systems, it is called the Registration Authority (RA), which may or may not be separate from CA. Key-to-user binding is defined, depending on the level of binding assurance, with the software or under human control.
Trusted third-party terms (TTP) may also be used for certificate authority (CA). In addition, the PKI itself is often used as a synonym for CA implementation.
In this trust relationship model, CA is a trusted third party - trusted both by the subject (owner) of the certificate and by the party who relies on the certificate.
According to NetCraft, the industry standard for monitoring Active TLS certificates states that- "Although the global ecosystem [TLS] is competitive, it is dominated by a handful of CA - three certificate authorities (Symantec, Comodo, GoDaddy) for three-quarters of all published [TLS] on a publicly facing web server.The top position has been held by Symantec (or VeriSign before it was purchased by Symantec) since our survey began, with it currently accounting for just under one-third of all certificates To illustrate different methodological effects, among a million the busiest site, Symantec releases 44% of valid and trusted certificates used - significantly more than its entire market share. "
Temporary certificate and single sign-on
This approach involves a server that acts as an offline certificate authority in a single sign-on system. The single sign-on server will issue a digital certificate to the client system, but never store it. Users can run programs, etc. With a temporary certificate. It is common to find these solutions with X.509-based certificates.
Web trust
An alternative approach to the public authentication problem of public key information is the web-of-trust scheme, which uses self-signed certificates and third-party certification of the certificate. The term single "trust network" does not imply the existence of a trust network, or a common point of trust, but rather one of a number of "confidence nets" that potentially decompose. Examples of this approach are PGP (Pretty Good Privacy) and GnuPG (OpenPGP implementation, PGP standard specification). Because PGP and implementation allow the use of digital e-mail signatures for self-publication of public key information, it is relatively easy to implement a person's trust network.
One of the benefits of web trust, as in PGP, is that it can interoperate with PKI CA fully trusted by all parties in the domain (such as internal CA within the company) who are willing to guarantee a certificate, such as a trusted carrier. If the "trust network" is truly trusted, because of the nature of the trust network, trusting a certificate is giving trust to all the certificates on the web. The PKI is just as valuable as the standards and practices that control the issuance of certificates and including the privately instituted PGP or trust network can significantly degrade the trust of the company or the implementation of the PKI domain.
The web of trust concept was first proposed by PGP creator Phil Zimmermann in 1992 in a manual for PGP version 2.0:
Over time, you will collect keys from others that you may want to assign as a trusted introduction. Everyone else will choose their own trust identifier. And everyone will gradually collect and distribute with their key signature certification collections from others, in the hope that whoever receives it will believe at least one or two of the signatures. This will lead to the emergence of decentralized, decentralized trust networks for all public keys.
Simple public key infrastructure
Another alternative, which does not deal with public authentication of public key information, is a simple public key infrastructure (SPKI) that grows from three independent attempts to address the complexity of X.509 and PGP trust networks. SPKI does not associate users with people, because key is trustworthy, not the person. SPKI does not use the idea of ​​trust, because verifier is also a publisher. This is called an "authorization loop" in the SPKI terminology, where authorization is an integral part of the design.
Block-based PKI
The approach that emerged for the PKI was to use blockchain technology commonly associated with modern cryptocurrency. Because blockchain technology aims to provide a distributed and irreversible ledger, it has qualities that are considered very suitable for public key storage and management. Emercoin is an example of blockchain-based cryptocurrency that supports the storage of various types of public keys (SSH, GPG, RFC 2230, etc.) and provides open source software that directly supports PKI for OpenSSH servers. While blockchain technology can approach the "work proof" that often underlies trustworthiness that relies on the parties in the PKI, problems remain as administrative conformity with policy, operational security and software implementation quality. The Certification Authority paradigm has this issue regardless of the cryptographic methods and basic algorithms used, and the PKI that attempts to bless the certificate with a trustworthy property must also address this issue.
Blockchain as a technology has its own limits such as low throughput that leads to the possibility of long response time and high transaction costs. Building an independently distributed PKI protocol with a special consensus and a cryptocurrency economy can solve this problem.
History
Developments in the PKI occurred in the early 1970s at the British intelligence agency GCHQ, in which James Ellis, Clifford Cocks and others made important discoveries related to key encryption and distribution algorithms. However, since GCHQ developments were highly classified, the results of this work were kept secret and were not publicly acknowledged until the mid-1990s.
Public disclosure of both secure key exchanges and asymmetric key algorithms in 1976 by Diffie, Hellman, Rivest, Shamir, and Adleman transformed secure communications completely. With the further development of high-speed digital electronic communications (Internet and its predecessors), the need becomes clear for ways in which users can safely communicate with each other, and as a further consequence of that, for the ways in which users can sure with whom they actually interact.
Various cryptographic protocols are created and analyzed where new cryptographic primitives can be used effectively. With the invention of the World Wide Web and its rapid deployment, the need for authentication and secure communications is becoming increasingly acute. Commercial reasons (e.g., Ecommerce, online access to a database belonging to a web browser) are sufficient. Taher Elgamal and others in Netscape developed the SSL protocol ('https' in Web URL); it includes the establishment of keys, server authentication (before v3, the only way), and so on. The PKI structure is created for users/websites that want secure communications.
Vendors and entrepreneurs see the great market possibilities, start a company (or a new project in an existing company), and start anxious for legal recognition and protection of responsibility. An American Bar Association technology project published extensive analysis of several aspects of PKI operation law (see ABA's digital signature guide), and shortly thereafter, several US states (Utah became the first in 1995) and other jurisdictions around the world began to enact law and adopt regulations. Consumer groups ask questions about privacy, access, and consideration of responsibilities, which are more considered in some jurisdictions than others.
Different laws and regulations, there are technical and operational issues in transforming the PKI scheme into a successful commercial operation, and progress is much slower than predicted by the pioneers.
In the first few years of the 21st century, the underlying cryptography technique is clearly not easy to apply properly. The operating procedure (manual or automatic) is not easy to be designed properly (or even if designed so, to execute perfectly, required by the technique). Existing standards are insufficient.
PKI vendors have found the market, but that's not quite the market that was dreamed of in the mid-1990s, and has grown more slowly and in a somewhat different way than anticipated. The PKI has not solved some of the problems they expected, and some large vendors have either been out of business or acquired by others. PKI most successful in government implementation; the largest PKI implementation to date is the PKI Information Defense Information infrastructure (DISA) for the Public Access Card program.
Usage
PKI of one kind or another, and from one of several vendors, has many uses, including providing public keys and bindings to user identities used to:
- Encrypt and/or authenticate senders of e-mail messages (e.g., using OpenPGP or S/MIME)
- Encrypt and/or authenticate documents (for example, XML Signature or XML Encryption standard if the document is encrypted as XML)
- User authentication to the app (e.g., smart card logon, client authentication with SSL). There is an experimental use for digitally signed HTTP authentication in the Enigform project and mod_openpgp
- Bootstrapping secure communication protocols, such as Internet key exchange (IKE) and SSL. In both cases, the initial setting of the secure channel ("security association") uses an asymmetric key - the public key - the method, whereas the actual communication uses the faster symmetric key - that is, the secret key - the method.
- Mobile signatures are electronic signatures created using mobile devices and depend on signature or certification services in an independent telecommunication environment location
- Internet things require secure communication between trusted devices. Public key infrastructure enables devices to obtain and update X509 certificates that are used to build trust between devices and encrypt communications using TLS
Open source implementation
- OpenSSL is the CA form and the simplest tool for the PKI. This is a toolkit, developed in C, which is included in all major Linux distributions, and can be used both for building your own (simple) CA and for applications that enable PKI. (Apache License)
- EJBCA is a complete Enterprise Class, CA implementation, developed in Java. This can be used to set the CA both for internal use and as a service. (LGPL License)
- OpenCA is a full-featured CA implementation using a number of different tools. OpenCA uses OpenSSL for basic PKI operations.
- XCA is a graphical interface, and a database. XCA uses OpenSSL for basic PKI operations.
- (Stopped) TinyCA is a graphical interface for OpenSSL.
- Respondents XiPKI, CA and OCSP. With SHA3 support, based on OSGi (Java).
- IoT_pki is a simple PKI created using python cryptography library
- DogTag is a full featured CA developed and maintained as part of the Fedora Project.
- The open source CFSSL toolkit is developed by CloudFlare to sign, verify, and package TLS certificates. (BSD 2-clause licensed)
- Vault tools to securely manage (including TLS certificates) developed by HashiCorp. (Licensed Mozilla Public License 2.0 licenses)
Criticism
Some argue that buying a certificate to secure a website with SSL and securing software with code signing is a costly undertaking for small businesses. However, the emergence of free alternatives like Let's Encrypt, has changed this. Currently Symantec holds a major stake in the PKI certificate market that sells one-third of all certificates issued globally by 2013. HTTP/2, the latest version of the HTTP protocol enables insecure connections in theory, in practice large browser companies have explained that they will supports this state-of-art protocol only through TLS connections secured by the PKI. Implementation of the HTTP/2 web browser includes Edge from Microsoft, Chrome from Google, Firefox from Mozilla, and Opera supports HTTP/2 just above TLS by using the ALPN extension of the TLS protocol. This means that in order to get the benefits of HTTP/2 speed, website owners will be forced to purchase SSL certificates controlled by companies like Symantec.
The current web browser carries a pre-installed broker certificate issued and signed by the Certificate Authority. This means the browser needs to bring a large number of different certificate providers, increasing the risk of key compromises.
When a key is known to be compromised, it can be fixed by revoking the certificate, but such a compromise is not easily detected and can be a major security breach. The browser must issue a security patch to revoke the intermediate certificate issued by the compromised root certificate authority. Some practical security vulnerabilities of X.509 certificates and known cases where keys are taken from the main Certificate Authority are listed below.
- See PKI security issues with X.509
- See Comodo CA Offenses
- See CA Diginotar Violation
See also
- Certificate-Enhanced Certificate-Less
References
Source of the article : Wikipedia
0 Comments