CERTIFICADOS DIGITALES

Presentación del tema: "CERTIFICADOS DIGITALES"— Transcripción de la presentación:

1 CERTIFICADOS DIGITALES
SEGURIDAD INFORMÁTICA Expositor: RONALD SERNA

2 Contenidos Overview. Fundamentos de seguridad TI.
Fundamentos de Certificados Digitales: Criptología. Aplicaciones en TI Demo. Preguntas

3 I. Overview

4 Overview La Internet es una red pública no segura.
Transacciones Web configura un protocolo seguro que viaja por IP: Certificados Digitales. http es por naturaleza sin estado.

5 Overview Tipos de amenazas en la Red Reconocimiento Acceso
Descubrimiento no autorizado de sistemas, servicios o vulnerabilidades. Acceso Manipulación no autorizada de datos, acceso a redes o privilegios. Denial of Service Negar acceso a servicios o redes.

6 Overview Ciclo De Seguridad Análisis de Riesgo
Monitoreo y Revisión Definición de Política de Seguridad Ciclo De Seguridad Cumplimiento de Políticas Implementación de Medidas de Protección “La seguridad no es un producto, es un proceso continuo”

7 II. Fundamentos de Seguridad

8 Fundamentos de seguridad TI
Preservación de la confidencialidad, integridad y disponibilidad de la información. (ISO/IEC 17799:2000). La información es un bien que, como otros importantes bienes de las empresas, tiene un valor en una organización y consecuentemente necesita ser protegido adecuadamente. La seguridad de la información protege la información de un amplio rango de amenazas para asegurar la continuidad de los negocios, minimizar los daños y maximizar el retorno de las inversiones y oportunidades de negocio. La información puede existir en varias formas. Puede ser impresa o escrita en papel, almacenada electronicamente, transmitida por correo o medios electrónicos, mostrada en películas, o hablada. Cualquiera sea la forma que la información tome, o los medios por los cuales sea compartida o almacenada, ésta debe ser siempre protegida apropiadamente.

9 Fundamentos de seguridad TI
Confidencialidad: Asegura que la información es accesible sólo a aquellos autorizados a tener acceso. AUTENTICACIÒN AUTORIZACIÒN

10 Fundamentos de seguridad TI
Integridad: Protege la exactitud y totalidad de la información.

11 Fundamentos de seguridad TI
Disponibilidad: Asegura que los usuarios autorizados tienen acceso a la información y bienes asociados cuando lo requieren.

12 Fundamentos de seguridad TI
Datos Información Segura Datos

13 III. Fundamentos de Certificados Digitales: Criptología

14 Contenidos Conceptos Cifrado Simétrico. Cifrado de llaves públicas.
Firmas digitales. Infraestructura de llaves públicas (PKI)

15 Conceptos Generales Definiciones
Criptografía: Arte de proteger la información al transformarla en un texto cifrado. Sólo quienes poseen una llave secreta pueden descifrar el mensaje. Criptoanálisis: Técnicas para descifrar mensajes cifrados. Criptología. Comprende la criptografía y el criptoanálisis. cryptography The art of protecting information by transforming it (encrypting it) into an unreadable format, called cipher text. Only those who possess a secret key can decipher (or decrypt) the message into plain text. Encrypted messages can sometimes be broken by cryptanalysis, also called codebreaking, although modern cryptography techniques are virtually unbreakable. As the Internet and other forms of electronic communication become more prevalent, electronic security is becoming increasingly important. Cryptography is used to protect messages, credit card information, and corporate data. One of the most popular cryptography systems used on the Internet is Pretty Good Privacy because it's effective and free. Cryptography systems can be broadly classified into symmetric-key systems that use a single key that both the sender and recipient have, and public-key systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses.

16 Conceptos Generales Definiciones
Cifrado: (Encryption). Traslación de datos en un código secreto. Brinda confidencialidad de datos. Tipos: simétrica y asimétrica. Descifrado: (Decryption). Proceso de decodificar datos que han sido cifrados. Requiere de una llave secreta o contraseña. encryption The translation of data into a secret code. Encryption is the most effective way to achieve data security. To read an encrypted file, you must have access to a secret key or password that enables you to decrypt it. Unencrypted data is called plain text ; encrypted data is referred to as cipher text. There are two main types of encryption: asymmetric encryption (also called public-key encryption) and symmetric encryption. decryption The process of decoding data that has been encrypted into a secret format. Decryption requires a secret key or password.

17 Criptografía Esquema General
CIFRADO DESCIFRADO

18 Criptografía Clasificación de sistemas criptográficos
Sistemas de llave simétrica. Uso de llave única. Sistemas de llave pública. Uso de dos llaves. Cryptography systems can be broadly classified into symmetric-key systems that use a single key that both the sender and recipient have, and public-key systems that use two keys, a public key known to everyone and a private key that only the recipient of messages uses.

19 Cifrado Simétrico

20 Llave común para cifrar y descifrar el mensaje.
Cifrado Simétrico Llave común para cifrar y descifrar el mensaje. Ventaja: Simple y rápido. Desventaja: intercambio de llaves. An encryption system in which the sender and receiver of a message share a single, common key that is used to encrypt and decrypt the message. Contrast this with public-key cryptology, which utilizes two keys - a public key to encrypt messages and a private key to decrypt them. Symmetric-key systems are simpler and faster, but their main drawback is that the two parties must somehow exchange the key in a secure way. Public-key encryption avoids this problem because the public key can be distributed in a non-secure way, and the private key is never transmitted. Symmetric-key cryptography is sometimes called secret-key cryptography. The most popular symmetric-key system is the Data Encryption Standard (DES).

21 Cifrado Simétrico Esquema General

22 Cifrado Simétrico Ejemplos de algoritmos
DES: Data Encryption Standard. 3DES: Triple DES. AES: Advanced Encryption Standard. IDEA: International Data Encryption Algorithm.

23 Cifrado Simétrico DES: Data Encryption Standard
Sistema de cifrado simétrico más popular. Desarrollado por IBM en 1970. Estándar ANSI X (1981). Trabaja con bloques de 64 bits y llave de 56 bits. Referencias: DES Short for Data Encryption Standard, a popular symmetric-key encryption method developed in 1975 and standardized by ANSI in 1981 as ANSI X DES uses a 56-bit key. Data Encryption Standard (DES) is a widely-used method of data encryption using a private (secret) key that was judged so difficult to break by the U.S. government that it was restricted for exportation to other countries. There are 72,000,000,000,000,000 (72 quadrillion) or more possible encryption keys that can be used. For each given message, the key is chosen at random from among this enormous number of keys. Like other private key cryptographic methods, both the sender and the receiver must know and use the same private key. DES applies a 56-bit key to each 64-bit block of data. The process can run in several modes and involves 16 rounds or operations. Although this is considered "strong" encryption, many companies use "triple DES", which applies three keys in succession. This is not to say that a DES-encrypted message cannot be "broken." Early in 1997, Rivest-Shamir-Adleman, owners of another encryption approach, offered a $10,000 reward for breaking a DES message. A cooperative effort on the Internet of over 14,000 computer users trying out various keys finally deciphered the message, discovering the key after running through only 18 quadrillion of the 72 quadrillion possible keys! Few messages sent today with DES encryption are likely to be subject to this kind of code-breaking effort. DES originated at IBM in 1977 and was adopted by the U.S. Department of Defense. It is specified in the ANSI X3.92 and X3.106 standards and in the Federal FIPS 46 and 81 standards. Concerned that the encryption algorithm could be used by unfriendly governments, the U.S. government has prevented export of the encryption software. However, free versions of the software are widely available on bulletin board services and Web sites. Since there is some concern that the encryption algorithm will remain relatively unbreakable, NIST has indicated DES will not be recertified as a standard and submissions for its replacement are being accepted. The next standard will be known as the Advanced Encryption Standard (AES).

24 Cifrado Simétrico 3DES: Triple DES
Cifrado de un texto tres veces con el des. Modalidades: DES-EEE3. DES-EDE3. DES-EEE2. DES-EDE2.

25 Cifrado Simétrico AES: Advanced Encription Standard
Reemplaza a DES en el gobierno de EEUU desde octubre 2000. Trabaja con bloques de 128 bits y llaves de 128, 192 y 256 bits. Referencias: AES: Short for Advanced Encryption Standard, a symmetric 128-bit block data encryption technique developed by Belgian cryptographers Joan Daemen and Vincent Rijmen. The U.S government adopted the algorithm as its encryption technique in October 2000, replacing the DES encryption it used. AES works at multiple network layers simultaneously. The National Institute of Standards and Technology (NIST) of the U.S. Department of Commerce selected the algorithm, called Rijndael (pronounced Rhine Dahl or Rain Doll), out of a group of five algorithms under consideration, including one called MARS from a large research team at IBM. The Advanced Encryption Standard (AES) is an encryption algorithm for securing sensitive but unclassified material by U.S. Government agencies and, as a likely consequence, may eventually become the de facto encryption standard for commercial transactions in the private sector. (Encryption for the US military and other classified communications is handled by separate, secret algorithms.) In January of 1997, a process was initiated by the National Institute of Standards and Technology (NIST), a unit of the U.S. Commerce Department, to find a more robust replacement for the Data Encryption Standard (DES) and to a lesser degree Triple DES. The specification called for a symmetric algorithm (same key for encryption and decryption) using block encryption (see block cipher) of 128 bits in size, supporting key sizes of 128, 192 and 256 bits, as a minimum. The algorithm was required to be royalty-free for use worldwide and offer security of a sufficient level to protect data for the next 20 to 30 years. It was to be easy to implement in hardware and software, as well as in restricted environments (for example, in a smart card) and offer good defenses against various attack techniques. The entire selection process was fully open to public scrutiny and comment, it being decided that full visibility would ensure the best possible analysis of the designs. In 1998, the NIST selected 15 candidates for the AES, which were then subject to preliminary analysis by the world cryptographic community, including the National Security Agency. On the basis of this, in August 1999, NIST selected five algorithms for more extensive analysis. These were: MARS, submitted by a large team from IBM Research RC6, submitted by RSA Security Rijndael, submitted by two Belgian cryptographers, Joan Daemen and Vincent Rijmen Serpent, submitted by Ross Andersen, Eli Biham and Lars Knudsen Twofish, submitted by a large team of researchers including Counterpane's respected cryptographer, Bruce Schneier Implementations of all of the above were tested extensively in ANSI C and Java languages for speed and reliability in such measures as encryption and decryption speeds, key and algorithm set-up time and resistance to various attacks, both in hardware- and software-centric systems. Once again, detailed analysis was provided by the global cryptographic community (including some teams trying to break their own submissions). The end result was that on October 2, 2000, NIST announced that Rijndael had been selected as the proposed standard. On December 6, 2001, the Secretary of Commerce officially approved Federal Information Processing Standard (FIPS) 197, which specifies that all sensitive, unclassified documents will use Rijndael as the Advanced Encryption Standard.

26 Cifrado Simétrico IDEA
Es considerado muy seguro. Patentado por Ascom-Tech. Es libre para uso no comercial. Trabaja con bloques de 64 bits y llave de 128 bits. Referencias: IDEA (International Data Encryption Algorithm) is an encryption algorithm developed at ETH in Zurich, Switzerland. It uses a block cipher with a 128-bit key, and is generally considered to be very secure. It is considered among the best publicly known algorithms. In the several years that it has been in use, no practical attacks on it have been published despite of a number of attempts to find some. IDEA is patented in the United States and in most of the European countries. The patent is held by Ascom-Tech. Non-commercial use of IDEA is free. Commercial licenses can be obtained by contacting Ascom-Tech.

27 Cifrado de Llaves Públicas

28 Cifrado de Llaves Públicas
Inventada en 1976 por Diffie y Hellman. Ventajas: mayor seguridad. Desventajas: mayor procesamiento. Utiliza 2 llaves independientes pero relacionadas matemáticamente: Una pública, otra privada. Asimétricas: lo que se cifra con una se descifra con la otra. A partir de una no se puede deducir la otra. public-key encryption A cryptographic system that uses two keys -- a public key known to everyone and a private or secret key known only to the recipient of the message. When John wants to send a secure message to Jane, he uses Jane's public key to encrypt the message. Jane then uses her private key to decrypt it. An important element to the public key system is that the public and private keys are related in such a way that only the public key can be used to encrypt messages and only the corresponding private key can be used to decrypt them. Moreover, it is virtually impossible to deduce the private key if you know the public key. Public-key systems, such as Pretty Good Privacy (PGP), are becoming popular for transmitting information via the Internet. They are extremely secure and relatively simple to use. The only difficulty with public-key systems is that you need to know the recipient's public key to encrypt a message for him or her. What's needed, therefore, is a global registry of public keys, which is one of the promises of the new LDAP technology. Public key cryptography was invented in 1976 by Whitfield Diffie and Martin Hellman. For this reason, it is sometime called Diffie-Hellman encryption. It is also called asymmetric encryption because it uses two keys instead of one key (symmetric encryption).

29 Cifrado de Llaves Públicas Esquema General

30 Cifrado de llaves públicas Ejemplos de algoritmos
RSA. PGP: Pretty Good Privacy. EEC: Ellictic Curve Criptography.

31 Cifrado de llaves públicas RSA
Utilizado en transmisión de datos por internet. Inventado por Rivest, Shamir y Adelmar. Basado en dificultad de multiplicar dos números primos grandes. Referencia: RSA An public-key encryption technology developed by RSA Data Security, Inc. The acronym stands for Rivest, Shamir, and Adelman, the inventors of the technique. The RSA algorithm is based on the fact that there is no efficient way to factor very large numbers. Deducing an RSA key, therefore, requires an extraordinary amount of computer processing power and time. The RSA algorithm has become the de facto standard for industrial-strength encryption, especially for data sent over the Internet. It is built into many software products, including Netscape Navigator and Microsoft Internet Explorer. The technology is so powerful that the U.S. government has restricted exporting it to foreign countries. A similar technology that is also used widely is offered by a company called Cylink. RSA is an Internet encryption and authentication system that uses an algorithm developed in 1977 by Ron Rivest, Adi Shamir, and Leonard Adleman. The RSA algorithm is the most commonly used encryption and authentication algorithm and is included as part of the Web browsers from Microsoft and Netscape. It's also part of Lotus Notes, Intuit's Quicken, and many other products. The encryption system is owned by RSA Security. The company licenses the algorithm technologies and also sells development kits. The technologies are part of existing or proposed Web, Internet, and computing standards. How the RSA System Works The mathematical details of the algorithm used in obtaining the public and private keys are available at the RSA Web site. Briefly, the algorithm involves multiplying two large prime numbers (a prime number is a number divisible only by that number and 1) and through additional operations deriving a set of two numbers that constitutes the public key and another set that is the private key. Once the keys have been developed, the original prime numbers are no longer important and can be discarded. Both the public and the private keys are needed for encryption /decryption but only the owner of a private key ever needs to know it. Using the RSA system, the private key never needs to be sent across the Internet. The private key is used to decrypt text that has been encrypted with the public key. Thus, if I send you a message, I can find out your public key (but not your private key) from a central administrator and encrypt a message to you using your public key. When you receive it, you decrypt it with your private key. In addition to encrypting messages (which ensures privacy), you can authenticate yourself to me (so I know that it is really you who sent the message) by using your private key to encrypt a digital certificate. When I receive it, I can use your public key to decrypt it.

32 Cifrado de llaves públicas PGP: Pretty Good Privacy
Desarrollada por Philip Zimmerman. Muy utilizada en seguridad de correo electrónico. Técnica efectiva, fácil de usar y libre para uso no comerciales. Se basa en una combinación de cifrado simétrico y llaves públicas. Referencias: The International PGP Home Page Pretty Good PrivacyA technique for encrypting messages developed by Philip Zimmerman. PGP is one of the most common ways to protect messages on the Internet because it is effective, easy to use, and free. PGP is based on the public-key method, which uses two keys -- one is a public key that you disseminate to anyone from whom you want to receive a message. The other is a private key that you use to decrypt messages that you receive. To encrypt a message using PGP, you need the PGP encryption package, which is available for free from a number of sources. The official repository is at the Massachusetts Institute of Technology. PGP is such an effective encryption tool that the U.S. government actually brought a lawsuit against Zimmerman for putting it in the public domain and hence making it available to enemies of the U.S. After a public outcry, the U.S. lawsuit was dropped, but it is still illegal to use PGP in many other countries. Pretty Good Privacy (PGP) is a popular program used to encrypt and decrypt over the Internet. It can also be used to send an encrypted digital signature that lets the receiver verify the sender's identity and know that the message was not changed en route. Available both as freeware and in a low-cost commercial version, PGP is the most widely used privacy-ensuring program by individuals and is also used by many corporations. Developed by Philip R. Zimmermann in 1991, PGP has become a de facto standard for security. PGP can also be used to encrypt files being stored so that they are unreadable by other users or intruders. How It Works PGP uses a variation of the public key system. In this system, each user has a publicly known encryption key and a private key known only to that user. You encrypt a message you send to someone else using their public key. When they receive it, they decrypt it using their private key. Since encrypting an entire message can be time-consuming, PGP uses a faster encryption algorithm to encrypt the message and then uses the public key to encrypt the shorter key that was used to encrypt the entire message. Both the encrypted message and the short key are sent to the receiver who first uses the receiver's private key to decrypt the short key and then uses that key to decrypt the message. PGP comes in two public key versions - Rivest-Shamir-Adleman (RSA) and Diffie-Hellman. The RSA version, for which PGP must pay a license fee to RSA, uses the IDEA algorithm to generate a short key for the entire message and RSA to encrypt the short key. The Diffie-Hellman version uses the CAST algorithm for the short key to encrypt the message and the Diffie-Hellman algorithm to encrypt the short key. For sending digital signatures, PGP uses an efficient algorithm that generates a hash (or mathematical summary) from the user's name and other signature information. This hash code is then encrypted with the sender's private key. The receiver uses the sender's public key to decrypt the hash code. If it matches the hash code sent as the digital signature for the message, then the receiver is sure that the message has arrived securely from the stated sender. PGP's RSA version uses the MD5 algorithm to generate the hash code. PGP's Diffie-Hellman version uses the SHA-1 algorithm to generate the hash code. To use PGP, you download or purchase it and install it on your computer system. Typically, it contains a user interface that works with your customary program. You also need to register the public key that your PGP program gives you with a PGP public-key server so that people you exchange messages with will be able to find your public key. Network Associates maintains an LDAP/HTTP public key server that has 300,000 registered public keys. This server has mirror sites around the world. Where Can You Use PGP? Originally, the U.S. government restricted the exportation of PGP technology. Today, however, PGP encrypted can be exchanged with users outside the U.S if you have the correct versions of PGP at both ends. Unlike most other encryption products, the international version is just as secure as the domestic version. The freely available PGP cannot legally be used for commercial purposes - for that, one must obtain the commercial version from Network Associates (formerly PGP, Inc.). There are several versions of PGP in use. Add-ons can be purchased that allow backwards compatibility for newer RSA versions with older versions. However, the Diffie-Hellman and RSA versions of PGP do not work with each other since they use different algorithms.

33 Cifrado de llaves públicas ECC: Elliptic Curve Cryptography
Utilizado en aplicaciones móbiles. Se basa en las propiedades de la ecuación de una curva elíptica. Usa llaves más cortas que RSA. Más rápido y requiere menos recursos de procesamiento. Referencias: The IEEE P1363 Home Page. Standard Specifications For Public-Key Cryptography. Traditional Public-Key Cryptography ( & P1363a) This includes digital signature and key establishment schemes based on the following problems: The integer factorization (IF) problem (e.g. RSA). The discrete logarithm (DL) problem (e.g. Diffie-Hellman, DSA). The elliptic curve discrete logarithm (EC) problem (e.g. MQV). Elliptical curve cryptography (ECC) is a public key encryption technique based on elliptic curve theory that can be used to create faster, smaller, and more efficient cryptographic keys. ECC generates keys through the properties of the elliptic curve equation instead of the traditional method of generation as the product of very large prime numbers. The technology can be used in conjunction with most public key encryption methods, such as RSA, and Diffie-Hellman. According to some researchers, ECC can yield a level of security with a 164-bit key that other systems require a 1,024-bit key to achieve. Because ECC helps to establish equivalent security with lower computing power and battery resource usage, it is becoming widely used for mobile applications. ECC was developed by Certicom, a mobile e-business security provider, and was recently licensed by Hifn, a manufacturer of integrated circuitry (IC) and network security products. RSA has been developing its own version of ECC. Many manufacturers, including 3COM, Cylink, Motorola, Pitney Bowes, Siemens, TRW, and VeriFone have included support for ECC in their products. The properties and functions of elliptic curves have been studied in mathematics for 150 years. Their use within cryptography was first proposed in 1985, (separately) by Neal Koblitz from the University of Washington, and Victor Miller at IBM. An elliptic curve is not an ellipse (oval shape), but is represented as a looping line intersecting two axes (lines on a graph used to indicate the position of a point). ECC is based on properties of a particular type of equation created from the mathematical group (a set of values for which operations can be performed on any two members of the group to produce a third member) derived from points where the line intersects the axes. Multiplying a point on the curve by a number will produce another point on the curve, but it is very difficult to find what number was used, even if you know the original point and the result. Equations based on elliptic curves have a characteristic that is very valuable for cryptography purposes: they are relatively easy to perform, and extremely difficult to reverse. The industry still has some reservations about the use of elliptic curves. Nigel Smart, a Hewlett Packard researcher, discovered a flaw in which certain curves are extremely vulnerable. However, Philip Deck of Certicom says that, while there are curves that are vulnerable, those implementing ECC would have to know which curves could not be used. He believes that ECC offers a unique potential as a technology that could be implemented worldwide and across all devices. According to Deck (quoted in Wired), "the only way you can achieve that is with elliptic curve."

34 Firmas Digitales

35 Firma digital Código digital que se adjunta a un mensaje transmitido electronicamente para identificar al origen. Se genera usando una función hash. Se utiliza ampliamente en comercio electrónico. Funciones: Integridad de datos. No-repudiación de origen. digital signature A digital code that can be attached to an electronically transmitted message that uniquely identifies the sender. Like a written signature, the purpose of a digital signature is to guarantee that the individual sending the message really is who he or she claims to be. Digital signatures are especially important for electronic commerce and are a key component of most authentication schemes. To be effective, digital signatures must be unforgeable. There are a number of different encryption techniques to guarantee this level of security.

36 Firma Digital Función Hash
Se aplica a un bloque de datos de cualquier longitud. Produce un resultado de longitud fija. Del resultado no se puede deducir el mensaje original. Es muy improbable que otro bloque produzca el mismo resultado. Algorimos: MD5, MD4, SHA. hashing Producing hash values for accessing data or for security. A hash value (or simply hash) is a number generated from a string of text. The hash is substantially smaller than the text itself, and is generated by a formula in such a way that it is extremely unlikely that some other text will produce the same hash value. Hashes play a role in security systems where they're used to ensure that transmitted messages have not been tampered with. The sender generates a hash of the message, encrypts it, and sends it with the message itself. The recipient then decrypts both the message and the hash, produces another hash from the received message, and compares the two hashes. If they're the same, there is a very high probability that the message was transmitted intact. Hashing is also a common method of accessing data records. Consider, for example, a list of names: John Smith Sarah Jones Roger Adams To create an index, called a hash table, for these records, you would apply a formula to each name to produce a unique numeric value. So you might get something like: John smith Sarah Jones Roger Adams Then to search for the record containing Sarah Jones, you just need to reapply the formula, which directly yields the index key to the record. This is much more efficient than searching through all the records till the matching record is found.

37 Firma Digital MD5 Algorimo creado por R.Rivest en 1991.
Usado para crear firmas digitales. Utiliza resumen de 128bits. Más seguro y menos rápido que MD4. Referencias: The MD5 Message-Digest Algorithm An algorithm created in 1991 by Professor Ronald Rivest that is used to create digital signatures. It is intended for use with 32 bit machines and is safer than the MD4 algorithm, which has been broken. MD5 is a one-way hash function, meaning that it takes a message and converts it into a fixed string of digits, also called a message digest. When using a one-way hash function, one can compare a calculated message digest against the message digest that is decrypted with a public key to verify that the message hasn't been tampered with. This comparison is called a "hashcheck."

38 Infraestructura de llaves públicas

39 Infraestructura de llaves públicas (PKI)
PKI: Public Key Infrastructure. Sistema de certificados digitales y autoridades certificadores. Verifica y autentica la validez de una transacción en Internet. Arquitectura jerárquica. Short for public key infrastructure, a system of digital certificates, Certificate Authorities, and other registration authorities that verify and authenticate the validity of each party involved in an Internet transaction. PKIs are currently evolving and there is no single PKI nor even a single agreed-upon standard for setting up a PKI. However, nearly everyone agrees that reliable PKIs are necessary before electronic commerce can become widespread. A PKI is also called a trust hierarchy. A PKI (public key infrastructure) enables users of a basically unsecure public network such as the Internet to securely and privately exchange data and money through the use of a public and a private cryptographic key pair that is obtained and shared through a trusted authority. The public key infrastructure provides for a digital certificate that can identify an individual or an organization and directory services that can store and, when necessary, revoke the certificates. Although the components of a PKI are generally understood, a number of different vendor approaches and services are emerging. Meanwhile, an Internet standard for PKI is being worked on. The public key infrastructure assumes the use of public key cryptography, which is the most common method on the Internet for authenticating a message sender or encrypting a message. Traditional cryptography has usually involved the creation and sharing of a secret key for the encryption and decryption of messages. This secret or private key system has the significant flaw that if the key is discovered or intercepted by someone else, messages can easily be decrypted. For this reason, public key cryptography and the public key infrastructure is the preferred approach on the Internet. (The private key system is sometimes known as symmetric cryptography and the public key system as asymmetric cryptography.) A public key infrastructure consists of: A certificate authority (CA) that issues and verifies digital certificate. A certificate includes the public key or information about the public key A registration authority (RA) that acts as the verifier for the certificate authority before a digital certificate is issued to a requestor One or more directories where the certificates (with their public keys) are held A certificate management system How Public and Private Key Cryptography Works In public key cryptography, a public and private key are created simultaneously using the same algorithm (a popular one is known as RSA) by a certificate authority (CA). The private key is given only to the requesting party and the public key is made publicly available (as part of a digital certificate) in a directory that all parties can access. The private key is never shared with anyone or sent across the Internet. You use the private key to decrypt text that has been encrypted with your public key by someone else (who can find out what your public key is from a public directory). Thus, if I send you a message, I can find out your public key (but not your private key) from a central administrator and encrypt a message to you using your public key. When you receive it, you decrypt it with your private key. In addition to encrypting messages (which ensures privacy), you can authenticate yourself to me (so I know that it is really you who sent the message) by using your private key to encrypt a digital certificate. When I receive it, I can use your public key to decrypt it.

40 PKI Aplicaciones Correo electrónico seguro.
Acceso seguro a aplicaciones. Sign-on reducido. Cifrado de archivos de estaciones. Trasacciones SSL. VPNs IPSEC.

41 PKI Componentes Autoridad certificadora (CA).
Emite y verifica los certificados digitales. El certificado incluye información de la llave pública. Autoridad registradora (RA). Verificador de la autoridad certificadora antes de emitir un certificado digital. Directorios de almacenamiento de certificados (y llaves públicas). Sistema de administración de certificados. A public key infrastructure consists of: A certificate authority (CA) that issues and verifies digital certificate. A certificate includes the public key or information about the public key A registration authority (RA) that acts as the verifier for the certificate authority before a digital certificate is issued to a requestor One or more directories where the certificates (with their public keys) are held A certificate management system

42 Certificado digital Contiene:
Llave pública. Identifica al dueño de la llave privada. Son emitidos por una autoridad certificadora (CA:certificate authority). Garantizan la vinculación entre la identidad de algo o alguien y su clave pública. Usan estándar X.509. digital certificate An attachment to an electronic message used for security purposes. The most common use of a digital certificate is to verify that a user sending a message is who he or she claims to be, and to provide the receiver with the means to encode a reply. An individual wishing to send an encrypted message applies for a digital certificate from a Certificate Authority (CA). The CA issues an encrypted digital certificate containing the applicant's public key and a variety of other identification information. The CA makes its own public key readily available through print publicity or perhaps on the Internet. The recipient of an encrypted message uses the CA's public key to decode the digital certificate attached to the message, verifies it as issued by the CA and then obtains the sender's public key and identification information held within the certificate. With this information, the recipient can send an encrypted reply. The most widely used standard for digital certificates is X.509.

43 X.509. UIT: Uniòn Internacional de Telecomunicaciones: Estándar más utilizado para definir certificados digitales. CERTIFICADO UTILIZADO POR LO NAVEGADORES: Netscape y Microsoft utilizan X.509 para implementar SSL en sus servidores web y browsers. USA MD5 y clave privada RCA Referencias: X.509 The most widely used standard for defining digital certificates. X.509 is actually an ITU Recommendation, which means that has not yet been officially defined or approved. As a result, companies have implemented the standard in different ways. For example, both Netscape and Microsoft use X.509 certificates to implement SSL in their Web servers and browsers. But an X.509 Certificate generated by Netscape may not be readable by Microsoft products, and vice versa.

44 Autoridad certificadora
Garantiza que las partes de una transacción electrónica sean quienes dicen ser. Funciones: Generar certificados digitales. Revocar certificados digitales. A trusted third-party organization or company that issues digital certificates used to create digital signatures and public-private key pairs. The role of the CA in this process is to guarantee that the individual granted the unique certificate is, in fact, who he or she claims to be. Usually, this means that the CA has an arrangement with a financial institution, such as a credit card company, which provides it with information to confirm an individual's claimed identity. CAs are a critical component in data security and electronic commerce because they guarantee that the two parties exchanging information are really who they claim to be.

45 Autoridad Certificadora Esquema de Funcionamiento
1. El cliente solicita Certificado Digital por intermedio de la Autoridad de Registro (RA) 2. La RA realiza la identificacion y autenticación (I&A) en todos los requerimientos de certificado Sitio de Registro del Certificado del certificado Sistema de Registro 5. El certificado digital es entregado al cliente final Usuario propietario 3. RA solicita la emisión de un certificado desde la infraestructura CA OBTENCIÓN DE CERTIFICADO DIGITAL 4. CA genera un certificado digital en favor del cliente CA3 Autoridad Certificadora CA2 CA1

46 Autoridad Certificadora Ejemplos
Baltimore Technologies, Certicom, Computer Associates eTrustPKI, Entrust, GeoTrust, Identrus DST, MS Windows 2000, Novell Certificate Server, RSA Security Keon, VeriSign,

47 IV. Aplicaciones en TI

48 Kerberos

49 Kerberos Mecanismo criptográfico
Servidor de Autenticación (AS) Servidor de Tickets (TGS) 1 2 3 4 5 6 Servidor Destino (S) Cliente (C)

50 Kerberos Intercambios de información
C  C,S  AS C  KC(KS(t), KTGS(A,KS))  AS C  KTGS(C, KS), S, KS(t)  TGS C  KS(S, KC-S), KS(A, Kc-s)  TGS C  KS(A, Kc-s) , K c-s (mensaje)  S C  K c-s (respuesta)  S

51 RSA

52 RSA Teoría Paso 1: Seleccionar p y q. Paso 2: Calcular n y z.
2 números primos grandes: (mayores que 10100). Paso 2: Calcular n y z. n = p x q. z = (p-1) x (q-1). Paso 3: Seleccionar d. d = número primo con respecto a z. Paso 4: Encontrar e. e x d = 1 mod z.

53 RSA Funcionamiento Paso 5: Dividir los datos en P bloques de k bits.
Donde: 2k < n. Paso 6: Para cifrar C=Pe (mod n). Clave pública (e,n). Paso 7: Para descifrar P=Cd (mod n). Clave privada (d,n).

54 RSA Ejemplo Simple Paso 1: Elegimos p=3, q=11.
Paso 2: Calculamos n=33, z=20. n = p x q, z = (p-1) x (q-1). Paso 3: Seleccionamos d=7. 7 es primo con 20. Paso 4: Encontramos e=3. ex7=1(mod 20).

55 RSA Ejemplo Simple Sea el texto “SUZA.”
En forma numérica: Paso 6: Para cifrar C=P3 (mod 33). P3 = C= Paso 7: Para descifrar P=C7 (mod 33). C7 = P = “SUZA”.

56 V. Demo: Transacciones Web

57 Transacción Web

58 Mecanismos de protección
SSL (Secure Sockets Layer) HTTPS (HTTP over SSL) SET (Secure Electronic Transaction)

59 SSL Secure Sockets Layer
Protocolo muy usado para manejar la seguridad de la transmisión de un mensaje por Internet. Trabaja entre las capas HTTP y TCP. Es incluído como parte de los navegadores Microsoft y Netscape y la mayoría de productos de servidores web.                     The Secure Sockets Layer (SSL) is a commonly-used protocol for managing the security of a message transmission on the Internet. SSL has recently been succeeded by Transport Layer Security (TLS), which is based on SSL. SSL uses a program layer located between the Internet's Hypertext Transfer Protocol (HTTP) and Transport Control Protocol (TCP) layers. SSL is included as part of both the Microsoft and Netscape browsers and most Web server products. Developed by Netscape, SSL also gained the support of Microsoft and other Internet client/server developers as well and became the de facto standard until evolving into Transport Layer Security. The "sockets" part of the term refers to the sockets method of passing data back and forth between a client and a server program in a network or between program layers in the same computer. SSL uses the public-and-private key encryption system from RSA, which also includes the use of a digital certificate. TLS and SSL are an integral part of most Web browsers (clients) and Web servers. If a Web site is on a server that supports SSL, SSL can be enabled and specific Web pages can be identified as requiring SSL access. Any Web server can be enabled by using Netscape's SSLRef program library which can be downloaded for noncommercial use or licensed for commercial use. TLS and SSL are not interoperable. However, a message sent with TLS can be handled by a client that handles SSL but not TLS.

60 SSL Desarrollado por Netscape.
El término "sockets" se refiere al método de pasar datos entre programas cliente y servidor o entre diferentes capas de programa de un mismo computador.

61 SSL Utiliza sistema de cifrado de llaves públicas y privadas de RSA.
Incluye uso de certificado digital. Su sucesor es TLS (Transport Layer Security) RFC2246. TLS y SSL están integrados en la mayoría de navegadores y servidores web, y no son interoperables.

62 SSL

63 HTTPS HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, o HTTP over SSL) Protocolo web desarrollado por Netscape. Cifra y decifra los requerimientos de página de un usuario y las páginas del servidor Web. Es el uso de SSL como una subcapa de la aplicación HTTP. Utiliza puerto 443 (En lugar de 80). HTTPS (Hypertext Transfer Protocol over Secure Socket Layer, or HTTP over SSL) is a Web protocol developed by Netscape and built into its browser that encrypts and decrypts user page requests as well as the pages that are returned by the Web server. HTTPS is really just the use of Netscape's Secure Socket Layer (SSL) as a sublayer under its regular HTTP application layering. (HTTPS uses port 443 instead of HTTP port 80 in its interactions with the lower layer, TCP/IP.) SSL uses a 40-bit key size for the RC4 stream encryption algorithm, which is considered an adequate degree of encryption for commercial exchange. Suppose you use a Netscape browser to visit a Web site to view their online catalog. When you're ready to order, you will be given a Web page order form with a Uniform Resource Locator (URL) that starts with When you click "Send," to send the page back to the catalog retailer, your browser's HTTPS layer will encrypt it. The acknowledgement you receive from the server will also travel in encrypted form, arrive with an URL, and be decrypted for you by your browser's HTTPS sublayer. HTTPS and SSL support the use of X.509 digital certificates from the server so that, if necessary, a user can authenticate the sender. SSL is an open, nonproprietary protocol that Netscape has proposed as a standard to the World Wide Consortium (W3C). HTTPS is not to be confused with S-HTTP, a security-enhanced version of HTTP developed and proposed as a standard by EIT.

64 HTTPS HTTPS y SSL soportan el uso de certificados digitales X.509 en el servidor. El usuario puede autenticar el origen. No confundir con S-HTTP. Versión mejorada en seguridad de HTTP desarrollada y propuesta como estándar por EIT.

65 HTTPS Acceso a páginas seguras.

66 HTTPS Identificador de página segura Netscape Internet Explorer

67 HTTPS Certificado digital

68

69 Configurando un servidor web
Configuración de IIS 6.0. Visualización de la Key. Envío a una entidad certificadora.

70 Procesos de la entidad certificadora
Recepción de la solicitud. Investigación del solicitante Autorización. Enviando su clave pública.

71 Utilizando https Configuración de la petición. Utilización de https.

72 rserna@utp.edu.pe Gracias.
VI. Preguntas Gracias.