A certificate authority (CA) binds public keys to user identities through digital certificates. This establishes a public key infrastructure (PKI) based on asymmetric cryptography. However, a single CA cannot handle all public key queries, so certificate authority hierarchies are used with multiple levels of CAs. The X.509 standard defines the structure of digital certificates, including the issuer, validity period, subject, and signature.

1. Certificate Authority
Network Security

2. PKI Concept
 An arrangement that binds public keys with
respective user identities by means of a certificate
authority (CA).
 Public Key Infrastructure based on asymmetric
cryptography. Relies on a key pair, one private and
one public
– Private key is secret
– Public key is freely available, linked to identity of
certificate owner
– Private key cannot be computed from public key
 Concept is then applied into applications

3. PKI Concept
PROBLEM?
Any intruder (Eve) can forge public key
and and can break the secrecy
between two parties (Alice, Bob)

4. Certification Authority
An Organization that binds public key to an
entity
Or an entity which issues digital certificates
for use by other parties.
Also called trusted third party (TTP).

5. Public Key Infrastructure
We want to use public key universally
Single CA is not sufficient to handle public
queries
Example Single DNS is not sufficient to
handle multiple clients request for IPs

6. Certificate Authority
Hierarchy
We need a hierarchical structure
Root CA
CA1 CA2
CA1 CA2 CA1
Root CA: Certify
performance of CAs in
second level
Level 1: Operate in large
geographical areas or
logical areas
Level 2: Operate in Small
geographical areas

7. Certificate Authority Hierarchy
Every body trust Root CA
Not trust intermediate CAs
Alice may obtain bobs certificate from
some authority but not trust it and
ultimately ask next higher CA to certify the
original certificate

8. X.509 Certificate Format
A protocol used for PKI
X.509 describe certificate in a structural
way
Uses Abstract Syntax Notation 1 Standard.

9. X.509 Structure
 Version
 Serial Number Id used by CA
 Algorithm ID
 Issuer Name of CA
 Validity Start and end Period of Certificate
• Not Before
• Not After
 Subject Entity whoes PK is being certified
 Subject Public Key Info
• PK Algorithm
• Subject Public Key
 Issuer Unique Identifier (Optional)
 Subject Unique Identifier (Optional)
 Extensions (Optional)
• ...
 Certificate Signature Algorithm
 Certificate Signature

10. ASN.1
 Based on hierarchical structure.
 A standard and flexible notation that describes
data structures for representing, encoding,
transmitting, and decoding data.
 Top level uses integer values:
– 0 ITU-use
– 1 ISO use
– 2 joint ITU-ISO use.
 Second level depends on first level for different
standards administered by the unit.

11. ASN.1
0 1 2
16 (country)
840 (USA)
1 (Organization)
1589932 SCU
35 COEN
1 Algorithms
1 SuperSchwarz1
• Under 2, 16 specifies
country.
• Under 2, 16, 840 specifies
US.

12. Problems with PKI
 System originally contains entire globe.
– Would require one root CA.
– Governments are fickle and don’t like to trust
each other.
– Alternative
– Pretty Good Privacy is a computer program
that provides cryptographic privacy and
authentication
PGP’s Web of Trust

13. PGP’s Web of Trust
 Public / private keys with an attached name, email
address, and optional photo.
 No centralized CA to sign keys.
– PGP users sign keys when they’ve verified the
owner’s identity, so in essence each PGP user is
acting as a CA.
– Your trust of a public key is related to how many
signing “hops” you are away from that key and how
much you trust each signer along the route.
 Decentralized key distribution – users send keys.
 Makes key management issues very apparent
– Web of trust depends on end users verifying and
signing large quantities of keys.

14. Trust model issues
Who to trust?
– Which certificates can be trusted
Source of Trust
– How it is established?
Limiting/controlling trust in a given
environment

15. Common Trust Models
CA Hierarchy (Monopoly)
Web (Oligarchy)
User-centric (Anarchy)
Distributed

16. CA Hierarchy
Tree architecture
Single Root CA
– Number of subordinate CA’s
• Etc…
– Parent certifies children
– Leaves are non-CA (end-) entities
Typically CA either certifies other CA’s or
end-entities, but not both
Everyone has Root CA PK

17. Distributed Trust Architecture
A set of independent hierarchies
Cross-certification or PKI networking
– Connect the hierarchies
Fully-meshed – all CAs are cross-certified

18. Web Model
 A bunch of root CAs
pre-installed in
browsers
 The set of root CAs can
be modified
 Root CAs are unrelated
(no cross-certification)
– Except by “CA powers”
of browser manufacturer
– Browser manufacturer =
(implicit) Root CA –Any wrongdoing at any of these CAs
can cause serious trouble.

19. PKI Trust Model
Verisign once certified
Microsoft fraudulently.

20. User-Centric (Anarchy)
PGP
User = her own Root CA
– Webs of trust
Good
– User fully responsible for trust
Bad
– User fully responsible for trust
– Corporate/gov/etc. like to have central control
• User-centric not friendly to centralized trust policies