Flexible certificate management in public key infrastructures

A public key infrastructure (PKI) secures lots of applications and processes. These are for example the electronic commerce, email communication, access to computers and networks, or digital identities for use in e-Government or the health care sector. The various PKI based applications have different requirements. These depend on the security level, the number of participants, the software or hardware devices, the complexity of the installation, and many other parameters. This work focuses on the certificate management in a PKI and proposes various solutions to meet these requirements in a flexible way. In order to deal with the problems related to certificate management we design the certificate management authority (CMA). This authority is specified as a new trust center component involved in organising the workflow and the tasks that remain after the creation of a PKI product, like a certificate or a revocation list. Its design and implementation is discussed. The certificate management plugins, that the CMA is based on, can be (re)used to provide interoperable PKI solutions. We also give a security analysis of the CMA. The new authority requires to rethink the communication possibilities within a trust center. A new protocol for communication inside a trust center is designed and implemented. It addresses the problems of communication of arbitrary trust center components. It enables human readability of the messages, security mechanisms like digital signatures and encryption, it supports dual control, and expresses typical data in a trust center. One basic task of the CMA is the distribution and dissemination of PKI information. Typical solutions are based on LDAP directories. A best practice guide for these directories regarding PKI purposes is given. We further concentrate on the German Signature Act and see how to meet the directory related requirements in this context. We will use the LDAP directories for other PKI management functions, too. One function is the proof of possession for encryption keys. This scheme realises the indirect method of the CMP messages, but without the need for any confirmation messages. We propose a second scheme for delivering software personal security environments.

[1]  Peter Gutmann,et al.  Internet X.509 Public Key Infrastructure Operational Protocols: Certificate Store Access via HTTP , 2006, RFC.

[2]  Hugo Krawczyk,et al.  UMAC: Fast and Secure Message Authentication , 1999, CRYPTO.

[3]  Ronald L. Rivest,et al.  The MD5 Message-Digest Algorithm , 1992, RFC.

[4]  Steve Kille,et al.  Using Domains in LDAP/X.500 Distinguished Names , 1998, RFC.

[5]  Hugo Krawczyk,et al.  A Security Architecture for the Internet Protocol , 1999, IBM Syst. J..

[6]  Johannes A. Buchmann,et al.  Directory Based Registration in Public Key Infrastructures , 2005, IWAP.

[7]  Blake Ramsdell Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Certificate Handling , 2004, RFC.

[8]  Johannes A. Buchmann,et al.  Towards Secure Electronic Workflows , 2006, EuroPKI.

[9]  Jeff Hodges,et al.  Lightweight Directory Access Protocol (v3): Extension for Transport Layer Security , 2000, RFC.

[10]  Erez Zadok,et al.  Cryptographic File Systems Performance: What You Don’t Know Can Hurt You , 2003, Second IEEE International Security in Storage Workshop.

[11]  Alexander Wiesmaier,et al.  Planning for Directory Services in Public Key Infrastructures , 2004, Sicherheit.

[12]  Sönke Maseberg,et al.  IT-Grundschutz-basierendes Sicherheitskonzept für die Virtuelle Poststelle des Bundes , 2005, Sicherheit.

[13]  Alfred Menezes,et al.  Handbook of Applied Cryptography , 2018 .

[14]  Christoph Ruland,et al.  Qualifizierte Signatur im eletronischeen Messdatenaustausch , 2005, Sicherheit.

[15]  Stephen Farrell,et al.  Internet X.509 Public Key Infrastructure Certificate Management Protocols , 1999, RFC.

[16]  Christopher Allen,et al.  The TLS Protocol Version 1.0 , 1999, RFC.

[17]  Donald E. Eastlake,et al.  Storing Certificates in the Domain Name System (DNS) , 1999, RFC.

[18]  Xiaoyun Wang,et al.  How to Break MD5 and Other Hash Functions , 2005, EUROCRYPT.

[19]  R. Haux,et al.  Electronic signature for medical documents--integration and evaluation of a public key infrastructure in hospitals. , 2002, Methods of information in medicine.

[20]  Alexander Wiesmaier,et al.  The Key Authority - Secure Key Management in Hierarchical Public Key Infrastructures , 2004, Security and Management.

[21]  Vlastimil Klíma Finding MD5 Collisions - a Toy For a Notebook , 2005, IACR Cryptol. ePrint Arch..

[22]  Sang Seok Lim,et al.  Design and Implementation of LDAP Component Matching for Flexible and Secure Certificate Access in PKI , 2005 .

[23]  Stephen Farrell,et al.  Internet X.509 Public Key Infrastructure Certificate Management Protocol (CMP) , 2005, RFC.

[24]  Sean W. Smith,et al.  CA-in-a-Box , 2005, EuroPKI.

[25]  Loren M. Kohnfelder,et al.  Towards a practical public-key cryptosystem. , 1978 .

[26]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and CRL Profile , 1999, RFC.

[27]  Tim Howes,et al.  Lightweight Directory Access Protocol , 1995, RFC.

[28]  David Chadwick Smart Cards Aren't Always the Smart Choice , 1999, Computer.

[29]  Paul E. Hoffman,et al.  Internet X.509 Public Key Infrastructure Operational Protocols: FTP and HTTP , 1999, RFC.

[30]  Pkcs 12 V1.0: Personal Information Exchange Syntax Pkcs 12 V1.0: Personal Information Exchange Syntax 2 , 2022 .

[31]  Peter Gutmann A reliable, scalable general-purpose certificate store , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[32]  Nigel P. Smart,et al.  Cryptography: An Introduction , 2004 .

[33]  Carlisle M. Adams,et al.  X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP , 1999, RFC.

[34]  Johannes A. Buchmann,et al.  Life-cycle management of X.509 certificates based on LDAP directories , 2006, J. Comput. Secur..

[35]  David W. Chadwick,et al.  Internet X.509 Public Key Infrastructure LDAP Schema and Syntaxes for PMIs , 2002 .

[36]  Johannes A. Buchmann,et al.  The Workshop - Implementing Well Structured Enterprise Applications , 2005, Software Engineering Research and Practice.

[37]  Michael Baum Gültigkeitsmodell des SigG , 1999, Datenschutz und Datensicherheit.

[38]  Xiaoyun Wang,et al.  Finding Collisions in the Full SHA-1 , 2005, CRYPTO.

[39]  Bruce Greenblatt Building LDAP-Enabled Applications with Microsoft's Active Directory and Novell's NDS , 2001 .

[40]  Blake Ramsdell,et al.  Secure/Multipurpose Internet Mail Extensions (S/MIME) Version 3.1 Message Specification , 2004, RFC.

[41]  D. Chadwick Secure Directories , 2000 .

[42]  Markus Ruppert,et al.  Towards a Flexible Intra-Trustcenter Management Protocol , 2004, ArXiv.

[43]  Mark Wahl A Summary of the X.500(96) User Schema for use with LDAPv3 , 1997, RFC.

[44]  Tim Howes,et al.  Internet X.509 Public Key Infrastructure LDAPv2 Schema , 1999, RFC.

[45]  David W. Chadwick The X.509 Privilege Management Infrastructure , 2003 .

[46]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[47]  Steven Legg,et al.  Lightweight Directory Access Protocol (LDAP) and X.500 Component Matching Rules , 2004, RFC.

[48]  Jeff Hodges,et al.  Lightweight Directory Access Protocol (v3): Technical Specification , 2002, RFC.

[49]  Claudia Eckert,et al.  IT Sicherheit : Konzepte, Verfahren, Protokolle , 2007 .

[50]  Tim Howes,et al.  Ranges : bytes Content-Length : 8113 Connection : close Content-Type : text / plain Network Working Group Tim Howes INTERNET DRAFT , 2010 .

[51]  Tim Howes,et al.  Lightweight Directory Access Protocol (v3) , 1997, RFC.

[52]  Dengguo Feng,et al.  Collisions for Hash Functions MD4, MD5, HAVAL-128 and RIPEMD , 2004, IACR Cryptol. ePrint Arch..

[53]  Yongge Wang,et al.  Using the Elliptic Curve Signature Algorithm (ECDSA) for XML Digital Signatures , 2005, RFC.

[54]  Feng Bao Introducing decryption authority into PKI , 2000, Proceedings 16th Annual Computer Security Applications Conference (ACSAC'00).

[55]  Mark Wahl,et al.  Naming Plan for Internet Directory-Enabled Applications , 1998, RFC.

[56]  Stephen E. Deering,et al.  Internet Protocol, Version 6 (IPv6) Specification , 1995, RFC.

[57]  Mark Smith,et al.  Lightweight Directory Access Protocol (LDAP) Client Update Protocol (LCUP) , 2004, RFC.

[58]  A. Wiesmaier,et al.  An Evaluated Certification Services System for the German National Root CA - Legally binding and trustworthy Transactions in E-Business and E-Government , 2005, CSREA EEE.

[59]  Markus Ruppert,et al.  Intrinsically Legal-For-Trade Objects by Digital Signatures , 2006, Sicherheit.

[60]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[61]  Changsheng Xie,et al.  Research and Implement of an Encrypted File System Used to NAS , 2003, IEEE Security in Storage Workshop.

[62]  Donald E. Eastlake,et al.  US Secure Hash Algorithm 1 (SHA1) , 2001, RFC.

[63]  Robert Stahl,et al.  Deploying and Using Public Key Technology: Lessons Learned in Real Life , 2004, IEEE Secur. Priv..

[64]  David M'Raïhi,et al.  Cryptographic smart cards , 1996, IEEE Micro.

[65]  David Cooper,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2008, RFC.

[66]  Ralph Johnson,et al.  design patterns elements of reusable object oriented software , 2019 .

[67]  Jim Schaad,et al.  Internet X.509 Public Key Infrastructure Certificate Request Message Format (CRMF) , 2005, RFC.

[68]  Gordon Good,et al.  The LDAP Data Interchange Format (LDIF) - Technical Specification , 2000, RFC.

[69]  Mark Smith Definition of the inetOrgPerson LDAP Object Class , 2000, RFC.

[70]  David Chadwick,et al.  Returning Matched Values with the Lightweight Directory Access Protocol version 3 (LDAPv3) , 2004, RFC.

[71]  Alfred Menezes,et al.  The Elliptic Curve Digital Signature Algorithm (ECDSA) , 2001, International Journal of Information Security.

[72]  Russ Housley,et al.  Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile , 2002, RFC.

[73]  M.I. Aziz,et al.  Introduction to Cryptography , 2002, 2005 International Conference on Microelectronics.

[74]  Alexander Wiesmaier,et al.  Using LDAP Directories for Management of PKI Processes , 2004, EuroPKI.

[75]  Tim Howes,et al.  Lightweight Directory Access Protocol (v3): Attribute Syntax Definitions , 1997, RFC.

[76]  Peter W. Shor,et al.  Algorithms for quantum computation: discrete logarithms and factoring , 1994, Proceedings 35th Annual Symposium on Foundations of Computer Science.

[77]  Whitfield Diffie,et al.  New Directions in Cryptography , 1976, IEEE Trans. Inf. Theory.

[78]  Hugo Krawczyk,et al.  HMAC: Keyed-Hashing for Message Authentication , 1997, RFC.

[79]  Ross Anderson,et al.  The Classification of Hash Functions , 1993 .

[80]  R. Housley Cryptographic Message Syntax , 1999, RFC.

[81]  Jeff Hodges,et al.  Authentication Methods for LDAP , 2000, RFC.

[82]  Alexey Melnikov,et al.  Simple Authentication and Security Layer (SASL) , 2006, RFC.

[83]  Jim Schaad,et al.  Certificate Management Messages over CMS , 2000, RFC.

[84]  Eric Rescorla,et al.  SSL and TLS: Designing and Building Secure Systems , 2000 .

[85]  Peter Gutmann,et al.  Plug-and-Play PKI: A PKI Your Mother Can Use , 2003, USENIX Security Symposium.

[86]  Bart Preneel,et al.  RIPEMD-160: A Strengthened Version of RIPEMD , 1996, FSE.

[87]  David Chaum,et al.  Blind Signatures for Untraceable Payments , 1982, CRYPTO.

[88]  John G. Myers Simple Authentication and Security Layer (SASL) , 1997, RFC.

[89]  Kemal Bicakci,et al.  A New Design of Privilege Management Infrastructure with Binding Signature Semantics , 2004, EuroPKI.

[90]  Adi Shamir,et al.  How to share a secret , 1979, CACM.

[91]  Patrick D. McDaniel,et al.  A Response to ''Can We Eliminate Certificate Revocation Lists?'' , 2000, Financial Cryptography.

[92]  Steven John Metsker The Design Patterns Java Workbook , 2002 .

[93]  Carl M. Ellison Improvements on Conventional PKI Wisdom , 2002 .

[94]  Vlastimil Klíma,et al.  Finding MD5 Collisions on a Notebook PC Using Multi-message Modifications , 2005, IACR Cryptol. ePrint Arch..

[95]  Bart Preneel,et al.  Introduction to the Belgian EID Card: BELPIC , 2004, EuroPKI.