PKI

Summary

Attacks on PKI

• implementation bugs: null-byte parsing vulnerability in OpenSSL certificate names
• CA compromise: rogue CA issuing false certificates
• social engineering: typosquatting, homograph, and subdomain spoofing to mimic trusted sites
• too many root CAs: weakens global trust — any one compromised CA can issue fake certificates

Revocation

• certificates can be revoked before expiry (e.g. key compromised, entity closed, CA hacked)
• mechanisms:
  • CRL (Certificate Revocation List): signed list of revoked certs
  • OCSP (Online Certificate Status Protocol): real-time query to verify if a certificate is still valid

Concept

Public Key Infrastructure(PKI)

• since PKC requires a secure broadcast channel to distribute public keys
• ensure that public keys are authentic

Certificate Authority(CA)

• trusted third party that issues and signs certificates
• maintains a verified directory of identity -> public key mappings

Certificates

• digital document that binds an entity to a public key
• digitally signed by a CA
• implies that the public key belongs to the entity during the validity period
• fields:
  • entity’s name (e.g. www.nus.edu.sg)
  • entity’s public key
  • validity period
  • signature by CA, hashed by CA private key (authenticity)
  • usage info (encryption, signing, CA authority, etc.)
• standard: ITU-T X.509

Self-signed certificates

• signed by its owner
• needs user to manually accept

CA chain

• root CAs are pre-installed in browsers/OS, used to sign other CAs
  • root CA(self signed) -> intermmediate CA -> end-entity CA