1 / 14

Trusted Key Server OpenPKSD TKS

IWFST 2005 International Workshop on Future Software Technology 2005 November 8 – 10, 2005 in Shanghai, China. Trusted Key Server OpenPKSD TKS. Hironobu SUZUKI hironobu@openpksd.org hironobu@h2np.net. Who am I. Co-chairman and COO of FSIJ Free Software Initiative of Japan Unix Expert

jabari
Download Presentation

Trusted Key Server OpenPKSD TKS

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. IWFST 2005 International Workshop on Future Software Technology 2005 November 8 – 10, 2005 in Shanghai, China Trusted Key ServerOpenPKSD TKS Hironobu SUZUKI hironobu@openpksd.org hironobu@h2np.net

  2. Who am I • Co-chairman and COO of FSIJ • Free Software Initiative of Japan • Unix Expert • Over 20 years professional career • Software consultant, President of my own company • Part-time teacher in some colleges • Waseda Univ. Senshu Univ. and Jissen Women Univ. • My own Free Software project and research project • OpenPKSD.ORG project • WCLSCAN project

  3. What Is OpenPGP • OpenPGP is a public key cryptography technology specification as defined RFC2440 • OpenPGP provides encryption, decryption, digital signature and others • PGP is cryptographic tool that was developed by Philip Zimmermann • GNUPG has been developed by GNU Privacy Guard project.

  4. Why We Need It? • Verify file for distribution • To distribute collect file • To avoid Trojan horse • Source code exchange • Between trustworthy developers • Example • Debian developer community uses OpenPGP among them Public key infrastructure is required to build trustful distribution

  5. Public Key Scheme • Alice generates a pair of public key and secret key • Alice sends a public key Bob • Bob make text encrypt using Alice’s public key and bob sends encrypted text to Alice • Only Alice can decrypt using her own secret key

  6. Digital Signature Scheme • Alice generates a pair of sign key and verify key • Alice sends a verify key to bob • Alice signs on Alice’s data using Alice’s sign key and send signed data to bob • Bob can verify Alice’s signed data using Alice’s verify key

  7. Where Is Alice’s Public/Verify Key? • Email • Do you want to send email again, again and again? • Personal website • Not too bad • Keyserver • Easy to find it • Pgp public key servers have been available since 1994 • OpenPKSD that is ruby version of keyserver has been available at http://openpksd.org since 2002

  8. Old Style Keyserver Since 1994 • Alice can’t handle her own public key • Cathy can put Alice’s public key • David can put his signature on Alice’s public key • Alice doesn't want it either

  9. Current keyserverkey flow diagram Key user Third party signer Key owner

  10. OpenPKSD TKS • Successor of OpenPKSD that is written in Ruby • Ruby is good for rapid programming • True Object Oriented language • I introduced OpenPKSD in Ruby Conference 2002 Seattle • Public key owners can handle their own key under OpenPKSD TKS (trusted key server) • Because TKS has their own public keys • Free Software • Free as in speech not as in beer

  11. TKS key flow diagram Key user Third party key signer Key owner

  12. Structure of OpenPKS TKS PostgreSQL Apache2 GNU gpg command Cgi scripts OpenPGP Packet Class OpenPKSD Class TKS Class DB handle Class Bit manipulate module (Written in C)

  13. Status of OpenPKSD TKS Project • Prototype developing was started in December 2004 and finished September 2005 • Test site http://tks.openpksd.org will be started next few month • Trusted keyserver service will start in April 2006

  14. Summary • Digital Signature is strongly required for Free Software/Open Source developers • OpenPKSD provides public key exchange infrastructure • OpenPKSD Trusted Keyserver, new version keyserver server system is coming soon. • Ruby is a strong glue between Apache2, extra-modules and Database and is good for server application

More Related