550 likes | 702 Views
Cryptography in e-Business. Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College. Agenda. Simple protocols Logging in: MS-CHAP PKI Protocols About PKI Secure Email Secure Web Transactions: SSL. A Simple Application. Logging In
E N D
Cryptography in e-Business Guest Lecture, November 13, 2006, Olin College Steven R. Gordon Prof. of Info Tech Management Babson College
Agenda • Simple protocols • Logging in: MS-CHAP • PKI Protocols • About PKI • Secure Email • Secure Web Transactions: SSL
A Simple Application Logging In With MS-CHAP
Applicant (Client) Verifier (Server) MS-CHAP Challenge-Response Authentication Protocol Note: Both the client and the server know the client’s password. 1. Verifier creates Challenge Message Challenge 2. Verifier sends Challenge Message Source: Panko: Corporate Computer and Network Security by Raymond Panko, Prentice-Hall, 2005.
MS-CHAP Challenge-Response Authentication Protocol • 3. Applicant creates a Response Message: • Adds password toChallenge Message • (b) Hashes the resultant bit string • (c) The hash is theResponse Message Password Challenge Hashing (Not Encryption) Response Source: Panko: Corporate Computer and Network Security by Raymond Panko, Prentice-Hall, 2005.
MS-CHAP Challenge-Response Authentication Protocol 4. Applicant sends Response Message without encryption Transmitted Response Source: Panko: Corporate Computer and Network Security by Raymond Panko, Prentice-Hall, 2005.
MS-CHAP Challenge-Response Authentication Protocol 5. Verifier adds password to theChallenge Message it sent. Hashes the combination.This is the expectedResponse Message. Password Challenge Hashing Expected Response Source: Panko: Corporate Computer and Network Security by Raymond Panko, Prentice-Hall, 2005.
MS-CHAP Challenge-Response Authentication Protocol Transmitted Response =? Expected Response 6. If the two Response Messages are equal, the applicant knows the password and is authenticated. Sever logs Client in. Note that only hashing is involved. There is no encryption. Source: Panko: Corporate Computer and Network Security by Raymond Panko, Prentice-Hall, 2005.
Advantages of MS-CHAP • The password never gets transmitted • Eve can see the challenge and response • Eve cannot learn the password • Eve cannot respond to the challenge
Solutions to Key Distribution Problem • A selects a key and physically delivers it to B. • Trusted third party key distribution center selects a key and physically delivers it to A and B. • If A and B already share a key, it can be used to distribute a new key. • If A and B already share keys with key distribution center, it can distribute a new key. • Or …
Public Key Encryption • Each user gets a pair of keys • 1 private; 1 public • Public key is shared with the world and used for encryption • Private key is kept private and used for decryption • There is no way to determine the private key from knowledge of the public key • There is no need to exchange keys secretly
Public Key Encryption Bob’s public key Bob’s private key Alice creates message Encrypted message Bob reads message Eve cannot read intercepted message because Eve does not have Bob’s private key
Authentication • How does Bob know that message came from Alice? • Everyone knows Bob’s public key • Solution: • Alice signs the message
Authentication: Signing a Message • Alice hashes the message • She encrypts the hash, date, and time with her private key and appends it to message (signature) • Then entire message is encrypted with Bob’s public key
How Does Bob Know Message is From Alice? • Bob decrypts the message and reads the signature • Tries to decrypt the signature with Alice’s public key • OK: Must be Alice -- only she has the corresponding private key • Not OK: Sent by someone else
Non-Repudiation • Alice cannot repudiate message • Signature is hers • Signature hash matches document • Nobody else could have sent it and Bob could not have made it up
Integrity • Nobody can intercept the message, modify it, and resend • If so, hash would be incorrect
Potential Problems with Public Key Cryptography • Too hard to keep track of all partners’ public keys • What if partner wants to change public key (perhaps private key was compromised)? • Cannot trust sender to send you their public key, because they could be imposter • Solution is Public Key Infrastructure
Solution -- Digital Certificate • What is it? • Document signed with the private key of a well known third party (certificate issuer) • What does it contain • Name and public key of certificate owner • Serial number, expiration date • Other info on rights and privileges of owner • Name of certificate issuer
Physical Signatures/Seal Envelope ID (passport/license) Notary/Bank PKI Digital Signature Encryption Digital certificate Certificate authority Public Key InfrastructureAnalog to Physical World
Certificate Authority (CA) • The CA is a trusted and known authority for issuing digital certificates • Examples: • Verisign • Thawte • InstantSSL
How Does Bob Know Alice’s Certificate is Valid? • It is “signed” by a recognized certificate authority • It identifies Alice and her public key
Key Management Issues • Who generates the key pairs? • Should the CA have access to everyone’s private key? • If the CA doesn’t have a copy of the private key, how does it know that it has the right public key
Key Management Issues • Should the CA need to see physical proof of identity before issuing a certificate? • If not, how can CA avoid being fooled? • If so, how can CA have adequate geographical coverage?
Key Management • What if a company wanted multiple keys for its different subsidiaries, departments, and/or servers? • Should it be allowed to generate new keys and sub-certificates?
Key Management • Where and how should private keys be stored? • How can a certificate be revoked? • How is a certificate renewed?
PKI Components and Relationships Source: PGP Corporation webcast, “PGP Education Series -- Is PKI Relevant?”, viewed on 3/18/04.
PKI Components • Need to add Certificate Revocation List • Usually maintained by CA • Periodically downloaded to CA’s cross-certificate partners
Trust users if you trust the root CA Trust based on brand Example: Verisign Hierarchical Trust Relationships Source: http://www.pgpi.org/doc/pgpintro/
Network Trust Relationships • There is no root authority • Based on who knows who • Assumes six degrees of separation • Example: PGP
PKI Standards Leave (too many?) Options • X.509 Version 3 Certificate • Version, Validity period, Serial Number • Issuer identifier (could be domain name, email, or directory name) and signature • Subject identifier (same options), public key, and algorithms used for encryption • Optional identifiers for issuer and subject • Optional extensions • CA’s digital signature
Examples of Optional X.509 Certificate Extensions • List of allowed uses (such as only for email) • Certificate policies • Subject directory attributes • CRL distribution points • Additional signers
Obtain a Free Personal Digital Certificate • Go to Comodo • Fill out form selecting defaults • Accept
Pick Up and Install Digital Certificate • Within a few minutes, you’ll receive email with your collection password • Click on Collect and Install Certificate • If you are using Outlook • Follow the instructions to pick up and install your digital • Otherwise, do not continue until you have Outlook installed and configured
Configure Outlook to Use Your Certificate • In Outlook, select Tools/Options/Security • Click the “Settings” button in the Encrypted e-mail section • Click the “Choose” button to select your certificate for signing and encryption • Check “Send these certificates with signed messages” • Click OK, Apply, and OK
Sign An E-Mail Message • Create an email message to yourself • Click Options/Security Settings/Add Digital Signature • Send the message
Check Your Digital Signature • Note “secure message” icon in your inbox next to incoming message • Open message. Note security iconin upper right corner • Click on the security icon
Click on Signer then View Details
Click onView Certificate Explore:Issuer StatementTrust tab Certification Path tab
Now click on Details tab Click on any of the fields, includingPublic key, to seecertificate details.
Close the Message • Click OK and Close and Close to return to the message view • Close the message
Optional: Configure Outlook to Always Use Your Certificate • Select Tools/Options/Security • Check “Add digital signature …” • Click Apply and OK
Adding Encryption • Create a new message to yourself • Select Options/Security Settings/Encrypt • Try to send the message. What happens? • You can only send encrypted messages to people whose public keys are published
Publish Your Public Key • Select Tools/Options/Security • Select “Publish to GAL…” • Outlook confirms you are publishing your key to the global address list • Click on OK • Click on OK again to close Security window
Test Your Encryption • Send yourself a message • Note encryption iconnext to message in inbox • Click on blue lock icon in upper right corner
Details are availablefor the Encryption Layer. If message is signed, details will also be available for the signer.
Your Certificate is Known to IE • Select Tools/Internet Options/Content • Click Certificates • Highlight your Comodo certificate • Click on View