Public Key Infrastructure (PKI)

What is the purpose of a certificate?

A certificate answers the critical questions:

• How can the recipient verify the sender’s public key? (To validate a digital signature)
• How can the sender verify the recipient’s public key? (To send an encrypted message)

What does a certificate consist of?

A certificate consists of a public key and a user ID of the owner, signed by a trusted third party (Certification Authority). This is called a public-key certificate or digital certificate.

What is a Digital Certificate?

A Digital Certificate binds a user or company identity to its public key, based on the X.509 standard.

What are some common uses for digital certificates?

Digital certificates are used in:

• Secure e-mail
• Virtual Private Networks (VPNs)
• Wireless (Wi-Fi) networks
• Web Servers (SSL/TLS)
• Network Authentication
• Code Signing

What is Public Key Infrastructure (PKI)?

PKI is the infrastructure needed to create, manage, store, distribute, and revoke digital certificates. It involves hardware, software, policies, and processes to manage asymmetric cryptography.

Who are the key players in PKI?

The key players in PKI include:

• Certification Authorities (CA)
• Registration Authorities (RA)
• PKI Repositories
• PKI Users

What is a Certification Authority (CA)?

A CA is responsible for issuing, revoking, and distributing public key certificates. It’s typically a trusted third-party organization, such as VeriSign, DigiCert, and Comodo. Certificates are signed with the CA’s private key for authenticity.

Why is it important to protect the CA’s private key?

The CA’s private key is crucial for the security of the entire PKI system. If it is compromised, attackers can issue fraudulent certificates.

What is the role of a Registration Authority (RA)?

An RA helps a CA by performing functions such as:

• Verifying the identity of certificate applicants
• Approving or rejecting certificate requests
• Handling certificate renewals, suspensions, or revocations

What is the purpose of PKI Repositories?

PKI Repositories store and distribute certificates, Certificate Revocation Lists (CRLs), and updates to certificates, allowing relying parties to retrieve this information.

What is the certificate issuance process?

• The RA verifies the subject’s information
• A public-private key pair is generated
• The CA issues the certificate to the verified subject

What is the process of using a certificate to verify a signature?

1. Fetch the certificate
2. Check the certificate against the Certificate Revocation List (CRL)
3. Verify the signature using the certificate

What is the life cycle of certificates?

The life cycle includes certificate issuance, usage, renewal, suspension, revocation, and expiration.

What are the reasons for certificate revocation?

Reasons for revocation (apart from expiration) include:

• Compromised private key
• Organizational changes (e.g., name or address change)
• Security breach or employee turnover

What is a Certificate Revocation List (CRL)?

A CRL is a list of certificates that are no longer valid, published regularly by the CA and distributed to relying parties.

What are the challenges with CRLs?

Challenges include:

• CRLs may not be issued frequently enough to combat attackers.
• Distribution of CRLs is expensive and vulnerable to denial-of-service attacks.

What is the X.509 standard?

X.509 is the most widely accepted format for public-key certificates. It’s used in network security applications like IPsec, SSL, and TLS.

What information does an X.509 certificate contain?

An X.509 certificate contains:

• Issuer: the Certification Authority (CA)
• Subject: the public key owner
• Signature: a hash of the certificate signed by the CA’s private key

What is the X.509 Certificate Revocation List (CRL)?

The CRL contains a serial number and revocation date for each revoked certificate. However, retrieving and storing CRLs is resource-intensive, and it is not commonly used in all applications.

What is the Online Certificate Status Protocol (OCSP)?

OCSP is a more efficient alternative to CRLs, allowing applications to query a CA to determine whether a specific certificate is valid or revoked.

What was the Comodo PKI attack?

In March 2011, attackers compromised an RA account in Comodo and issued 9 fraudulent certificates for domains like google.com and yahoo.com.

What was the response to the Comodo attack?

The compromised certificates were immediately revoked, and affected browsers and domain owners were notified. The RA account was suspended.

What was the DigiNotar PKI attack?

In June 2011, DigiNotar's network was breached, and attackers gained control of the CA servers. They issued 531 rogue certificates, including one for google.com, which was used in a Man-In-The-Middle attack on 300,000 Gmail users in Iran.

What was the response to the DigiNotar attack?

DigiNotar revoked the rogue certificates, but the breach led to the company's bankruptcy