Public-Key Infrastructure Key Infrastructure - Encryption, Authentication, Signature Authentication, Encryption, Protocols

Public-key Infrastructure key Infrastructure - Encryption, authentication, signature authentication, Encryption, protocols. communication secure Bootstrapping To create, manage, distribute, use, store, and revoke digitaland revoke use, store, distribute, manage, To create, certificates. A set of hardware, software, people, policies, and policies, people, software, hardware, of A set procedures.     Public

Computer Center, CS, NCTU 2 In God We Trust We In God  CA: Certificate CA: Authority (1)

Computer Center, CS, NCTU 3 A certificate is signed by a CA. To verify the correctness theof certificate, check the signature of CA. Sign for the certificate.    In X.509 Contains data of the owner, such as Company Name, Server Name, Name, of as Serverthedata Name, CompanyName,owner,such Contains Address,… Email, the owner. of Publickey signatures.digitalFollowed bysome • • • • Certificate  CA: Certificate CA: Authority (2)

Computer Center, CS, NCTU 4 http://www.imacat.idv.tw/tech/sslcerts.html ” in Windows ” version.in Windows CHT Check the signature ofCA in Root the certificate of CA. Check the signature in ofthis CA certificate. The data of CA. To sign certificates for others.     憑證授權 Reference: In X.509, it is itself a certificate. itselfitis In X.509, CA contains CA. Eacha signatureof Root a validTo verify certificate “ • • • • • Certificate Authority (CA) Authority Certificate  CA: Certificate CA: Authority (3)

Computer Center, CS, NCTU 5 ) public key public 認證中心 ( X.509 and relative andrelative private key private Root CA • One of structure Tree Certificate Authority Certificate certificates signs which server Trusted     What is ? (1) a CA

Computer Center, CS, NCTU 6 」 ) 根目錄授權憑證「最高層認證中心 ( Install the certificate ofvia Root secure CA channel. Authorize to CA sign the certificates for users, instead. It is in the sky.    To trust Root CA To trust Root In Micro$oft: for users. thenot certificates do sign Root CA for itself.signs Root CA • • • • Root CA Root  What is ? (2) a CA

Computer Center, CS, NCTU 7 / per year / per host / per year 0 9,600 0 : NT $ letsencrypt.org : NT $ : NT : NT $ Encrypt https://  PublicCA Myself Let's • • • Cost of certificate of Cost Tree structure of CA of structure Tree   What is ? (3) a CA

Computer Center, CS, NCTU 8 X ) by the CA the by ) pub X A X , A, , key Certificate, Network Identity Network Certificate, key - pub priv A X Encryption / Signature Encryption  The expiration date The expiration Applications The name of the issuer CA CA issuer the of The name key public His/her Sig( The signature • • • • • A certificate of a user A consists: a user of A certificate Digital Certificate, Public Certificate, Digital a CA by issued is A certificate    Certificate (1)

Computer Center, CS, NCTU 9 ) , T , pub : X , Alice, A Alice, , ] CA CA priv (3) Generate (3) X , T) , pub Sig( , T) , pub , Alice, A Alice, , priv priv A , ID proofID , , Alice, A Alice, , pub Sig(X priv , pub Sig(X Alice, A Alice, (2) (4) =[Alice, A =[Alice, priv : CA know does not CA : A,X , A , pub Cert Note A Generate Certificate (2) Alice: (1)

Computer Center, CS, NCTU 10 safe someone first session key session key cryptosystem key - key cryptosystem key - is not guaranteed to be guaranteed not is session key session Symmetric Public   Transmit DATA by Transmit Guarantee the public key is ofis key publicthe Guarantee Someone Transmit • • • • Security of transmitting DATA transmitting of Security Guarantee of CA and certificate and of CA Guarantee   Certificate (3)

Computer Center, CS, NCTU 11 SSL & TLS Prevent eavesdropping and Prevent eavesdroppingtampering  Provide communication security over the Internet the over security communication Provide Layer Transport over segments Encrypt • • SSL/TLS SSL: Secure Sockets Layer Sockets Secure SSL: Security Lay Transport TLS:  SSL/TLS

Computer Center, CS, NCTU 13 (1) – IETF RFC developed by Netscape developed CBC vulnerability discovered in 2002 vulnerabilitydiscoveredCBC Newer versions of SSL/TLS are based on SSL 3.0SSL Newer versions of areon basedSSL/TLS 3.0to SSL Backward compatible A number of security flaws A number of security redesign A complete – –      SSL 2.0 was prohibited in 2011 by RFC 6176, and SSL 3.0 followed followed 3.0 SSL and 6176,RFC by 2011in prohibited was 2.0 SSL 7568RFC by 2015June in 1999.in 2246RFC 3.1): (SSL TLS 1.0 SSL 1.0: never publicly released publicly never SSL 1.0: 1995in released SSL 2.0: 1996in released SSL 3.0: • • • • • TLS SSL   History

Computer Center, CS, NCTU 14 2018 (2) – IETF RFC IETF Prevent CBC attacksPrevent CBC strengthsecurityEnhance new algorithmsIntroducecryptographic –    TLS 1.3: RFC in RFC 8446 TLS 1.3: TLS 1.1 (SSL 3.2): RFC 4346 in 2006in 4346RFC 3.2): (SSL TLS 1.1 2008in 5246RFC 3.3): (SSL TLS 1.2 • • • TLS  History

Computer Center, CS, NCTU 15 , and , with server’s publicwith server’s digital certificate digital random number number random a secure connection, and present a list and present connection, a secure common and hash function cipher common number Request key, and send it to serverto send itkey, and of supported ciphers and hash functionsand hash ciphersof supported server’swith send back (C/S) Generate session key(s) from from the random key(s)session Generate(C/S) (C) Encrypt a (C) Encrypt (S) Select certificate theof the validity (C) Confirm (C) C: Client / S: Server / C: Client      SSL/TLS Negotiation SSL/TLS

Computer Center, CS, NCTU 16 /465) smtps specific protocols specific - ), SIP, VoIP SIP, ), OpenVPN Use a different port number (https/433, (https/433, number port different Use a (STARTTLS) mechanism specific protocolUse a TCP UDP(DTLS) … NNTP,SMTP, FTP,HTTP, VPN ( • • • • • • Activate SSL/TLS connectionSSL/TLS Activate Protect application Protect Implemented on top of Transport Layer protocols Layer of Transport top on Implemented    SSL/TLS Applications SSL/TLS

Computer Center, CS, NCTU 17 - using - ervers certificates - S ssl - multiple irtual - V subjectAltName based support/apache - - based virtual hosts for web basedhosts for web service virtual - Certificate needs reissuing whenever adding a new virtual serveradding whenevera new reissuing virtualneeds Certificate named Cannotsupport   sni.htm RFC 4366RFC http://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI SNI support also must browser The client https://www.digicert.com/ssl Wildcard certificate Wildcard in names host virtual all Add Disadvantages • • • • • • • Server Name Indication (SNI) Indication Server Name All virtual servers belong to the same domain same to the belong servers virtual All   Support for Named

Computer Center, CS, NCTU 18 OpenSSL devel - devel - libressl , libressl , devel ) - openssl =base , ssl WITH_OPENSSL_PORT make.conf ' OpenSSL, LibreSSL or their or LibreSSL OpenSSL, ' openssl , : base openssl openssl options is deprecated is options /crypto/ _ src DEFAULT_VERSIONS+= WITH_OPENSSL_BASE, WITH_OPENSSL_BASE, values Possible /    usr WITH andPorts OpenSSLBase versions / security/ • • • • SSL library selection (in selection SSL library In ports http://www.openssl.org/ In system https://wiki.freebsd.org/DEFAULT_VERSIONS#SSL_Library_Selection     OpenSSL

Computer Center, CS, NCTU 20 Example: Apache SSL settings

https://publicca.hinet.net/SSL_download.htm – restart apache restart  Generate private key of Web keyprivateServerGenerateof Web of certificatetheFillRequest RootCA thecertificate using Sign Generate private keyprivateGenerateof RootCA of Certificate.theFillRequest thecertificateitself.Sign       Flow Generate certificate of Web Server Webof certificate Generate configuration apache Modify Generate random seed random Generate RootCA Generate • • • • Flow  Example: Example: Apache settings SSL

Computer Center, CS, NCTU 22 – num file - file - rnd rnd out /etc/ssl/RootCA/private/.rnd 1024 /etc/ssl/RootCA/private/.rnd out - out - rwx /etc/ssl/RootCA/private/.rnd rwx - rwx - Generate Generate random seed % chmod go chmod % % openssl rand openssl % chmod go chmod openssl rand openssl   Example: Example: Apache settings SSL

Computer Center, CS, NCTU 23 num file - \ key - rootca – out - RootCA file - rnd file - key rand rand /etc/ssl/RootCA/private/.rnd /etc/ssl/RootCA/private/.rnd rand - - - des3 des3 - rootca - rwx /etc/ssl/RootCA/private/rootca.key.pem rwx - rwx - Generate Generate private key of out /etc/ssl/RootCA/private/rootca.key.pem 2048 /etc/ssl/RootCA/private/rootca.key.pem out - password) like (something asked are phrase Note: % chmod go chmod % • % openssl genrsa openssl % chmod go chmod openssl genrsa openssl   Example: Example: Apache settings SSL

Computer Center, CS, NCTU 24 \ file - req - rootca NCTU out - – Taiwan file - State]: - key CS - file Enter please) Enter nasa.cs.nctu.edu.tw - TW ， file: - rootca req (Enter please) (Enter - key - HsinChu (No need (No key /etc/ssl/RootCA/private/rootca.key.pem /etc/ssl/RootCA/private/rootca.key.pem key key - - rootca new - [email protected] new rwx /etc/ssl/RootCA/private/rootca.req.pem rwx - - rwx - Fill the Fill Request of Certificate out /etc/ssl/RootCA/private/rootca.req.pem out - Common Name (eg, YOUR name) []: name) YOUR (eg, Name Common []: Address Email []: password challenge A []: name company optional An Country Name (2 letter code) [AU]: code) letter(2 Name Country [Some name) (full Name Province or State []: city) (eg, Name Locality Ltd]: Pty Widgits [Internet company) (eg, Name Organization []: section) (eg, Name Unit Organizational Enter pass phrase for rootca for phrase pass Enter % chmod go chmod % % openssl req openssl % chmod go chmod openssl req openssl   Example: Example: Apache settings SSL

Computer Center, CS, NCTU 25 file - crt - signkey out - - rootca – extfile - out extfile /etc/ssl/openssl.cnf /etc/ssl/openssl.cnf extfile - - sha1 file - - sha1 - req file - - num crt extensions v3_ca v3_ca extensions - - signkey /etc/ssl/RootCA/private/rootca.key.pem /etc/ssl/RootCA/private/rootca.key.pem signkey days days 5109 days rootca - - - file in - - req rootca - req - req - rwx /etc/ssl/RootCA/private/rootca.crt.pem rwx file - rwx - - key - f /etc/ssl/RootCA/private/rootca.req.pem f rootca - Sign the certificate the Sign certificate itself f extensions v3_ca extensions /etc/ssl/RootCA/private/rootca.req.pem in - - - /etc/ssl/RootCA/private/rootca.crt.pem %chmod go %chmod %rm %rm % openssl x509 openssl % chmod go chmod rm rm rootca openssl x509 openssl path_of_openssl.cnf    Example: Example: Apache settings SSL

Computer Center, CS, NCTU 26 – num file - key file - - key host - out out /etc/ssl/nasa/private/nasa.key.pem 2048 /etc/ssl/nasa/private/nasa.key.pem out - host - rwx /etc/ssl/nasa/private/nasa.key.pem rwx - rwx - Generate Generate private key of Server Web %chmod go %chmod %openssl genrsa %openssl chmod go chmod openssl genrsa openssl   Example: Example: Apache settings SSL

Computer Center, CS, NCTU 27 out - file - req - host out – - file - key - file - host req - key /etc/ssl/nasa/private/nasa.key.pem /etc/ssl/nasa/private/nasa.key.pem key key - - host new - new rwx /etc/ssl/nasa/private/nasa.req.pem rwx - - rwx - Fill the Fill Request of Certificate /etc/ssl/nasa/private/nasa.req.pem % chmod go chmod % % openssl req openssl % chmod go chmod openssl req openssl   Example: Example: Apache settings SSL

Computer Center, CS, NCTU 28 file - key file - - req - rootca CAcreateserial host - path_of_openssl.cnf in - – RootCA CAkey CAkey - extfile extfile extfile/etc/ssl/openssl.cnf - - file - sha1 crt sha1 - - - CAcreateserial CAcreateserial - num rootca days 365 days CA /etc/ssl/RootCA/private/rootca.crt.pem file to Root CA, and do following do and CA, to Root file file - - - - CA days ( in both RootCA and Web Server) Web and RootCA both ( in - - file back to Web Server Webto back file srl - req - - req - file crt req - - - file - req rootca - crt - f /etc/ssl/nasa/private/nasa.req.pem - host extensionsv3_ca /etc/ssl/RootCA/private/rootca.key.pemCAkey /etc/ssl/RootCA/private/rootca.srl CAserial in /etc/ssl/nasa/private/nasa.req.pem out /etc/ssl/nasa/private/nasa.crt.pem host f ------% rm rm % % openssl x509 % Sign the certificate the Sign certificate using extensions v3_ca extensions CAserial out Transmit host Transmit rm rm openssl x509 openssl - - - • • • Tramsmit host Tramsmit RootCA in steps  Example: Example: Apache settings SSL

Computer Center, CS, NCTU 29 – ssl.conf - access.log common access.log - error.log - /etc/ssl/nasa/private/nasa.key.pem /etc/ssl/nasa/nasa.crt.pem /home/wwwadm/data nasa.cs.nctu.edu.tw:443 Certificate Certificate (8) Authority Include etc/apache22/extra/httpd Include • Options Indexes FollowSymLinks Indexes Options allow,deny Order AllowOverride All AllowOverride all from Allow SSLEngine on SSLEngine ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:!SSLv2:+EXP:+eNULL SSLCipherSuite SSLCertificateFile SSLCertificateKeyFile ServerName [email protected] ServerAdmin /var/log/httpd/nasa.cs ErrorLog /var/log/httpd/nasa.cs CustomLog ## _default_:443>

Computer Center, CS, NCTU 30 (1) – file ------crt ------host END CERTIFICATE BEGIN CERTIFICATE % vim % vim  View the content of Certificate Certificate of content the View pCE9dEqbmHvUb+hwvI2OTJAKcM0G1wBmFF7au1G9e6O9hj34voppLdfVz5+mu5ai ELgGQXpVrFPSzZG0PyAr5rxtOI8E7yl7jl2pu7yXk9jgsiWl ----- aWxiaWc1Lm1hdGgubmN0dS5lZHUudHeCCQC+VAc27/oZdTAMBgNVHRMEBTADAQH/ MA0GCSqGSIb3DQEBBQUAA4IBAQCLkNba9LSpCTOh7Ws3h18WSKQXVxnLHxWUepC8 ZG3Q/dT++L54EiyBLmXwnr67gfUPhN1Qb/v1ixThlNBIjIrOZvEiyqjrmrQBABpt x0+APW8TAdYfslQvGfhDptNeKWoYc7fxlxw3TXwQf2JhL+a10m2ZeEMSg1iuIyqg +Dq3jGCb3R66NoKo/ToO5J6CAnkG7spYiDNukkvoEPNKaqXMC3K6pOzBDQwWBpH7 kFLgfOpw+9RW9TCB1QYDVR0jBIHNMIHKgBR958Azmc9N7gbmkFLgfOpw+9RW9aGB pqSBozCBoDELMAkGA1UEBhMCVFcxDzANBgNVBAgTBlRhaXdhbjEQMA4GA1UEBxMH SHNpbkNodTENMAsGA1UEChMETkNUVTELMAkGA1UECxMCQU0xIjAgBgNVBAMTGWV2 aWxiaWc1Lm1hdGgubmN0dS5lZHUudHcxLjAsBgkqhkiG9w0BCQEWH3JhbmR5QGV2 MIIE0DCCA7igAwIBAgIJAL5UBzbv+hl1MA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD VQQGEwJUVzEPMA0GA1UECBMGVGFpd2FuMRAwDgYDVQQHEwdIc2luQ2h1MQ0wCwYD VQQKEwROQ1RVMQswCQYDVQQLEwJBTTEiMCAGA1UEAxMZZXZpbGJpZzUubWF0aC5u …… 9xMw8qMBHnxUVHOUVbECAwEAAaOCAQkwggEFMB0GA1UdDgQWBBR958Azmc9N7gbm -----

Computer Center, CS, NCTU 31 =. =.. (2) – emailAddress emailAddress file - crt - host , O=NCTU, OU=CS, CN=../ in , O=NCTU, OU=CS, CN=../ - HsinChu HsinChu text rsaEncryption - : : sha1WithRSAEncryption : (2048 bit) (2048 bit): : 65537 (0x10001) ------...... Public Key Modulus Exponent : C=TW, ST=Taiwan, L= Algorithm: sha1WithRSAEncryption : C=TW, ST=Taiwan, L= RSA ...... Public Key Algorithm ...... e0:b2:25:a5 X509v3 extensions: 8b:90:d6:da:f4:b4:a9:09:33:a1:ed:6b:37:87:5f:16:48:a4: Subject Public Key Info: ...... Signature Algorithm Issuer Validity Subject END CERTIFICATE BEGIN CERTIFICATE % openssl x509% openssl Signature Data:  View the content of Certificate Certificate of content the View ------MIIE0DCCA7igAwIBAgIJAL5UBzbv+hl1MA0GCSqGSIb3DQEBBQUAMIGgMQswCQYD ...... ELgGQXpVrFPSzZG0PyAr5rxtOI8E7yl7jl2pu7yXk9jgsiWl Certificate:

Computer Center, CS, NCTU 32 Appendix: PGP http://security.nknu.edu.tw/textbook/chap15.pdf gnupg Encryption Signature • • Reference: Reference: Will talk more in Network Administration Network in more talk Will security/ Pretty Good Good Privacy Pretty key system Public      PGP

Computer Center, CS, NCTU 34