Understanding the Public Key Infrastructure
Richard Sinn
This article introduces the concepts of Internet security, secret
key and public key encryption, digital signatures, the Public Key
Infrastructure (PKI), and certificate definition. Then, an API
example is provided to show how developers can obtain a Web
certificate using a program.
Internet security
A lot of e-business functions can now be done online. Many users
have set up accounts to check their credit card statements, shop, or
pay various bills online. For most of us, as long as the Web sites
are brand names and we have a user ID and password, we log in and do
our online transactions. But how secure are Internet
transactions?
Almost all communication over the Internet today uses
Transmission Control Protocol/Internet Protocol (TCP/IP). TCP/IP is
based on the traditional seven-layer Open Systems Interconnection
(OSI) model, but provides a more flexible and easier to use
framework to create a connection from one computer to another by
routing the transactions through a variety of intermediate computing
devices in separate networks. TCP/IP is the worldwide standard for
basic Internet and intranet communications protocol.
The flexibility of TCP/IP, which allows data to pass through
intermediate computing devices such as routers, computers, and
bridges, makes it possible for a third party to interfere with
Internet communications. The following are some of the common
Internet security issues:
- Data eavesdropping
In this case, a device can be placed
between two computers where a TCP/IP connection is established.
Data thus remains intact, but privacy is compromised. Credit card,
social security, and account numbers can be stolen through
eavesdropping.
- Data tampering
A device is placed to intercept the data in
transit. Data is then altered or replaced before it is sent to the
recipient. For example, someone can alter the transfer amount to
and from a bank account.
- Entity repudiation
Data is passed to a person who poses as
the intended recipient. TCP/IP spoofing is a common trick where
someone replaces the intended recipient computer with a different
machine that has the same TCP/IP configuration. Thus, all data is
sent to this newly configured machine.
A set of well-established techniques and standards known as
public key cryptography helps avoid the Internet security
complications mentioned above.
Cryptography overview
Before we go into detail about what PKI is, let's understand the
basic core of cryptography. To communicate data confidentially
between two persons, one of the common ways is to perform
transformation of data to gibberish-encryption. The intended
recipient must be able to transform the gibberish back to its
original form (decrypt) to read the sender's data. Anyone
eavesdropping on the data would not be able to understand the
gibberish. There are two kinds of encryption: secret key (symmetric)
encryption and public key (asymmetric) encryption.
1. Secret key encryption
Secret key encryption is also
called symmetric key encryption. In this encryption method, a shared
secret (the secret key) is given to both the sender and the
recipient before the data transit. The secret key specifies exactly
how the transformation to and from gibberish is to be accomplished.
The transformation to gibberish is called encryption and the
transformation back to the original text is called decryption. The
entire encryption and decryption algorithm is called a cipher, and
the encryption and decryption process uses the same secret key.
Figure 1 shows the secret key process.
Figure 1: Secret key process
2. Public key encryption
Although symmetric ciphers have
advantages such as a small implementation size and fast encryption
and decryption speeds, they suffer from significant drawbacks in the
Internet environment. They are as follow:
- The need for secret key exchange for unknown
entities
Symmetric ciphers rely completely on the fact that
both the sender and the recipient have the same secret key. Thus,
the secret key has to be shared before the secure Internet
communication happens. This additional step can be extremely
difficult or highly inconvenient in most Internet environments.
For example, how do business to consumer (B2C) Web sites exchange
a secret key for the first-time consumer (two previously unknown
entities)? As a matter of fact, this additional step of sharing a
secret key poses the main barrier for Internet communication
between two unknown entities.
- Security scalability
In a community of 100 symmetric
cipher users, each individual has to keep 100 secret keys to
communicate with all the users. (Ninety-nine keys are for
decryption from other users; one key is for the individual to
encrypt data.) Thus, the whole community has to keep (100*100)/2 =
5,000 secret keys. To be proved by induction, a community of
n users requires up to n*n/2 unique secret keys. In
other words, we have to keep track of a lot of keys when using
symmetric cipher for communication.
Fortunately, there is a technology called public key encryption
(also called asymmetric encryption) that can solve both of these
problems. Public key encryption involves a pair of keys (a public
and a private key) associated with an entity that needs to
authenticate its identity electronically or to sign or encrypt data.
In the Internet model, a browser, such as Microsoft® Internet
Explorer or Netscape® Communicator, generates the public and private
key pair. The public key is published, and the corresponding private
key is kept secret somewhere in your computer. Microsoft stores it
in the Windows registry, and Netscape stores the key in its
certificate store. Data encrypted with your public key can be
decrypted only with your private key and vice versa.
Figure 2: Public key process
Figure 2 demonstrates that you can freely distribute a public
key. Only you, with the private key, are able to read data encrypted
using the corresponding public key. In general, to send encrypted
data over the Internet, you perform the following steps:
- Sender downloads the recipient's public key from some
repository, such as a certificate database.
- Sender encrypts the data with that recipient's public key.
- The recipient receiving the encrypted data decrypts it with
the recipient's corresponding private key.
Using these guidelines, you can send secret data to individuals
on the Internet without exchanging anything before the
transaction.
Public key encryption is great, but it still has its own
shortcoming. Compared with symmetric key encryption, public key
encryption is based on algorithms created by RSA Data Security,
which require a lot more computation and might not be appropriate
for transferring large amounts of data. So, how do we take the
advantages of both the symmetric key and the public key encryption?
The Secure Socket Layer (SSL) protocol approach is to use the slower
public key encryption to send a symmetric key (a small piece of
data) between two communication parties; the parties then use the
symmetric key (a faster way) to encrypt additional data that flows
between them.
Digital signatures
Encryption and decryption address the problem of data
eavesdropping that we mentioned before. Digital signatures can be
used to address entity repudiation and data tampering.
A digital signature is analogous to a handwritten signature
because a single entity can sign some data with its private key, but
any number of entities can read the signature and verify its
accuracy using the signer's public key. Digital signature is based
on one-way hash, which is a mathematical function that provides the
following properties:
- The hashed data provides a unique value. Any change in the
original data (even one character) results in a different hash
value.
- The content of the hashed data cannot be deduced from the
hash. Thus, the hashing procedure is "one-way" only.
Using one-way hash, producing a digital signature is a two-step
process:
- The signer one-way hashes the data to a fixed-size value.
- The signer then subjects the hashed value to a private key
encryption.
Verification is a similar process:
- The verifier uses the same one-way hash algorithm on the
transmitted data to generate a fixed-size hash value.
- The verifier uses the signer's public key to decrypt the
digital signature that accompanies the transmitted data to get the
decrypted hash value.
- If the two hash values in step 1 and 2 match, signature
verification is successful. If they do not match, signature
verification fails.
PKI advantages
An infrastructure is a foundation or underpinning for a large
environment. One good example is the electric power infrastructure.
The power plant, power grid, wiring, and other devices form the
electric power infrastructure that enables a user to just plug in
electronic equipment to get the voltage and current needed for
operation. Thus, the principle is that the infrastructure provides
services so that entities can simply tap into and use it on an
as-needed basis.
PKI is an infrastructure built using public key cryptography that
allows users to tap in and take advantage of the security PKI
offers. PKI provides three primary services:
- Authentication - The assurance to the recipient that the
sender is who the sender claims to be. This is achieved by means
of digital signature.
- Integrity - The assurance to the recipient that data has not
been altered during Internet communication. This is achieved by
means of digital signature.
- Confidentiality - The assurance to a sender and recipient that
no one can read a particular piece of data except the intended
recipient. This is achieved by means of encryption.
What is a Web certificate?
A Web certificate is an electronic document used to identify an
individual, a company, or any other entity. Like a passport, a
certificate provides generally recognized proof of an entity's
identity. In the Internet world, most certificates follow the X.509
standard. An X.509 certificate binds a public key to a subject
identity. A trusted third party called Certificate Authority (CA)
issues certificates. A Web certificate is digitally signed by the
issuer (CA) and is valid for a certain period (mostly one year).
Figures 3 and 4 show what a certificate looks like using Windows
graphical interfaces.
Figure 3: General certificate
information
Figure 4: Detailed certificate
information
PKI uses certificates to address the problem of entity
repudiation (impersonation). Certificates help prevent the use of
fake public keys for impersonation. Only the public key associated
and certified by the certificate works with the corresponding
private key possessed by the entity identified by the certificate.
The CA's digital signature enables the certificate to function as a
"letter of introduction" for users who trust the CA but don't
recognize the entity identified by the certificate.
Developing a program to get a certificate
So, now we know what PKI and Web certificates are. How do we get
one? First, we have to find a CA that issues certificates. In the
Internet model, we have to find a public CA, instead of one that
only works in a private network. VeriSign is a popular vendor for
providing PKI certificates (also called digital IDs) for the
Internet.
Once registered with VeriSign, developers can use the VeriSign
APIs to obtain a certificate through a program. Listing 1 shows C++
pseudocode on how to obtain a Web certificate using VeriSign's APIs.
Visit http://www.verisign.com/enterprise/library/index.html
for the full API documentation.
Listing 1: C++ pseudocode for obtaining a certificate //
// Getting a certificate from CA and save to a file in C++
//
//
// Read all the certificate name and value pairs from a text file.
//
ReadNameValuePair(...);
//
// Sign the pairs we read in
//
// In this API, given a list of name and value pairs,
// it returns a signed and encrypted CRS PKCSReq message
// in PKCS10 format. This is the request for a certificate.
//
VSAA_EncodePKCSReq(...);
//
// Network call to CA for certificate request
//
// This API sends CRS request messages to crs.exe
// and receives a returned CRS response from crs.exe.
//
VSAA_ExchangeMsg(...);
//
// This API decodes the response from the CA and verifies the input
// data using the signing tool. The output will be in PKCS7 format.
//
VSAA_DecodeCertRep(...);
//
// This API extracts the certificate from the PKCS7 construct.
//
VSAA_ExtractCert(...);
Conclusion
PKI in e-business is becoming one of the hottest fields. This
article gives an introduction to different technologies used in PKI
and some pointers on where to look for additional information.
For more information
Meet the author
Richard Sinn is a Senior Software Engineer with Oblix Inc, a
Silicon Valley e-business infrastructure start-up company. He is
also a lecturer at San Jose State University and a freelance writer
for different magazines, books, and journals. Richard was an adjunct
Professor at the University of Minnesota while he worked at IBM
Rochester and IBM Silicon Valley Laboratory. He can be reached at webmaster@openloop.com or
at his Web
site. |