Implementing Public Key Infrastrucure

# Implement Certificates and Certificate Authorities [[Principles of Security]] ## Public and Private Key Usage - Public key crypto - to have others to send me confidential messages, I give people my public key, and decrypt with my private key - To authenticate myself to others, I create a signature and sign it by encrypting the signature with my private key - How does someone trust the public key? - PKI validates the identity of the owner of a public key - Public key is wrapped in a digital certificate signed by a certificate authority (CA) - Sender and recipient must both trust the CA ## Certificate Authorities - Private CA vs 3rd party CA - Ensure validity of certificates and users - establish trust worthy working procedures - Manage servers and keys ## PKI Trust Models and Certificate Chaining - Single CA (private internal webpages perhaps) - Hierarchical/chain of trust (websites) - Root CA - Intermediate CAs - Leaf Certificates - Online vs offline ## Registration and CSRs - to purchase a certificate - generate a keypair (public/private) - fill out a CSR with the public key - request to buy a certificate - **Certificate Signing Request** - CSR does identity checks - CSR signs and issues certificate - Registration Authority (RA) - May handles the identity checks for the CSR ## Digital Certificates - Contains subject's public key - Information identifying the subject plus usage and validity - Digital Certificate standards - **X.509 Public Key Infrastructure (PKIX)** - PKCS (Public Key Cryptography Standards) ## Certificate Attributes ![[Pasted image 20230629093830.png]] ## Subject Name Attributes - Common Name (CN) - Legacy method of recording FQDN - Deprecated by standards - BUT still used in many implementations - Subject Alternative Name (SAN) - Structured identifiers - List multiple hosts/subdomains - Use wildcard subdomain - `DNS Name=*.comptia.org` - `DNS Name=comptia.org` - comptia.org has a trusted certificate, however if they didnt have a SAN and i went to learn.comptia.org i would get security errors ## Types of Certificate - Certificate policies and templates - Key usage - Extended key usage/enhanced key usage - Critical or non-critical - Kerberos - Email - encrypted file systems ## Web Server Certificate Types - Domain Validation (DV) - Moy rigorous identity checks - proving the ownership of a particular domain - can be highly vulnerable to compromise - Extended Validation (EV) - Even more rigorous identity checks then a DV - standards maintained by CA/Browser forum - Cannot be issued to a wildcard domain ## Other Certificate Types - Machine/computer - Servers and network appliances - Identity by FQDN - Email/user certificate - Can be various types (email, encryption, smart card logon, and so on) - Identify by email address - Code Signing - Validate a publisher name - Root certificate - Self-signed certificate for the CA - Self-signed certificate - Must be manually trusted # Implement PKI Management ## Certificate and Key Management - Key Life Cycle: - Key generation - Certificate Generation - Storage - Revocation - Expiration and Renewal - Vulnerabilities from improper management: - Changing keys every time it expires can protect against previous keys being compromised - private key needs to be very secure - ## Key Recovery and Escrow - **M-of-N** control for critical keys -> private key (root servers) - N = total number that can perform task, M - Min# can perform task. - 2 of 5 control etc - there is not one person cannot who can go commit fraud they would need someone else, think like to launch a nuclear weapon, you need atleast 2 keys to turn - Keys can be backed up to protect against data loss - Anyone with access to backup keys could impersonate the true key holder - Key recovery process can be protected by M of N control - Escrow backup - Placing archived keys with a trusted third party ## Certificate Expiration - Certificate duration - Certificate renewal - use existing key pair - Re-key with newly generated key pair - Expiration - Public key will no longer be accepted - archiving vs destroying key material - Secure erasing methods ## Certificate Revocation Lists - Revocation vs suspension - Reason codes - **Certificate Revocation List (CRL)** - List of revoked and suspended certificates - Browser CRL checking ## Online Certificate Status Protocol Responders - OCSP - OCSP responder - Provide real-time status information (though some rely on CRLs) - Client queries single certificate per transaction - OCSP stapling - Clients might need to make lots of certificate queries for a chain of trust - Queries can be used to track clients - Stapling proxies the OCSP response ![[Pasted image 20230629095715.png]] ## Certificate Formats - Distinguished Encoding Rules (DER) - Binary format - **Privacy-enhanced Electronic Mail (PEM)** - Represent binary as ASCII using Base64 encoding - **.cer and .crt** file formats can be either binary or ASCII ## OpenSSL ![[Pasted image 20230629095837.png]] ## Certificate Issues - Troubleshoot rejection of certificates by servers and clients - Existing certificate -> check expiry and status - New certificate - Check key usage settings and requirements - Check subject name - Check chain of trust/root certificates - Verify time and date settings - Audit certificate and PKI infrastructure