A Public Key Infrastructure (PKI) is a security component. It signs certificates for different purposes such as encryption, signature or authentication. Because PKI is a security component, the solution has to respond to three criteria:
- Confidentiality: means that only intended recipients can read the information;
- Authenticity: to ensure that the information really comes from the issuer that it claims to come;
- Integrity: mechanisms to verify that information have not been altered.
In this part we will see how to respond to these criteria with technical mechanisms such as encryption, signature or integrity checking.
Encryption is a mechanism to make the information unreadable to anyone except the wanted recipient. The information can be created, stored and sent encrypted. For example in enterprise, some information has to be encrypted such as trade secrets or salaries. Thanks to encryption, the information can be confidential.
In the modern world, there are two encryption ways: the symmetric cryptography and the asymmetric cryptography. The symmetric cryptography is based on a single key which is shared while asymmetric cryptography is based on a two keys. We will see in details these mechanisms after. But now, have a look on an old encryption algorithm (certainly one of the first): the Caesars code.
Example of encryption: the Caesar code
The Caesar code has been created by Julius Caesar to send military orders to his legions. This algorithm is based on the alphabet in plaintext and a key which is a number. To encrypt the message, the alphabet is right or left shifted with the value of the key. Example with a right shift key of 3:
Figure 1: Code Caesar
- Plaintext alphabet: abcdefghijklmnopqrstuvxyz
- Encrypted Alphabet: defghijklmnopqrstuvxyzabc
- Encrypted message: Pb phvvdjh lv hqfubsxhg
- Plaintext message: My message is encrypted
The main problem of this encryption algorithm is that it is easy to break. For example on the above example you can use a letter that is often used to break the cipher. Moreover it is simple to break the cipher when the word is small. More you use the same key, more it is easiest to break it. It is called the key wear out.
As the Caesars code, modern encryption algorithm uses a key. A key is a very long random number generated by the machine. This is these keys that are used to encrypt. There are two sorts of keys: Private Key and Public Key. When a public key is used (cf. Asymmetric cryptography), it is mathematically related to private key.
Symmetric cryptography is based on the usage of a single private Key shared between two or more entities:
Figure 2: Symmetric cryptography
The key Kpr is shared between entities. In this way, information can be encrypted and unencrypted with this key. But more you share your private key, less it is a private key. This is why asymmetric encryption has been invented. Symmetric cryptography is implemented in AES, 3DES, Blowfish, RC4 etc. Usually the key length is small: a key with 256 bits is a strong key.
The main advantage of symmetric cryptography is that encryption is fast and use few system resources. But because the private key is shared between one or more entities, the security of this solution is lower than asymmetric cryptography.
Asymmetric cryptography is based on a bi-key (Private and Public key). These two keys are mathematically related. With asymmetric cryptography, the private key is not shared between entities. Instead of the public key is shared. To encrypt information, the public key is used and on the other side, the private key is used to unencrypt:
Figure 3: Asymmetric cryptography
The public key (Kpu) is sent to the correspondent. This key is used to encrypt the information. The related Private key (Kpr) is used to unencrypt information. So this last is very critical because it permits to unencrypt information. Asymmetric cryptography is implemented mainly in RSA or DH (Diffie Hellman). Usually the key length is long: a 4096 bits key is the minimum recommended today.
The main advantage of asymmetric cryptography is that it is really robust. However this solution consumes a lot of system resources (mainly CPU) and the encryption is slow.
Each encryption algorithm has advantages and convenient. Symmetric cryptography is fast but is not robust while Asymmetric cryptography is the opposite. So why not associate the two world to have a robust and faster solution?
So modern algorithm uses a session key (temporarily key) to encrypt information with symmetric cryptography. Next the session key is encrypted with the public key of the recipient. To unencrypt information, first the recipient unencrypt the session key with his private key and unencrypt information with the session key.
Figure 4: Modern encryption algorithm
On the sender side, the below action are performed:
- A temporarily key called session key (Ks) is generated;
- The information is encrypted with Ks;
- Next the Ks is encrypted with the public key (Kpu) related to the private key of the recipient. This key is called Kse;
- The Kse is added to the encrypted information file. This file is sent to the recipient.
On the recipient side, the below action are performed:
- The encrypted information and Kse are separated;
- The Kse key is unencrypt with the private key (Kpr) of the recipient and becomes the Ks;
- The document is unencrypted with Ks.
For the rest, I will use this algorithm as a reference in particular to explain the interaction between integrity checking, signing and encryption. So the good understanding of this algorithm is required before to go further.
Why verify integrity?
Integrity checking is the mechanism to verify if the information has not changed. The information can be changed due to encryption malfunctioning, network problem or malicious modification. To validate the integrity, a thumbprint of the information is created. A thumbprint (also called hash or digest) is created by an algorithm that create a shorter bit string from an information. This shorter bit string must be unique.
Sometimes two different information leads to the same thumbprint: it is called a collision. For example MD5 is vulnerable because it is possible to create collision on demand. So it is easy for an attacker to make believe that the information has not changed. The most popular algorithms are SHA-256, SHA-1 or MD5.
Create a thumbprint
To create a thumbprint, the initial information is passed to the input of a hash algorithm. The result is a digest.
Example of thumbprint of “I love Security”:
- MD5: f3f57004371b08ee73327ae2e5353958
- SHA-1: 8c9855b2c81c1e3278a5ce6a771e5c3f74ee09b5
- SHA-256: 1675cd4ee780f6cc04c6d3b54faa2de90fb5b18cdacc974dacf2d99d35307cce
The digital signature enables to ensure the information integrity (using hash algorithm) and the authenticity. Signature is used as in real life. For example, when you subscribe to a service you want:
- A document signed by the company (authenticity);
- Your signature identify you and only you (unfalsifiable);
- Your signature can’t be used for other subscription. If you want to subscribe another service, you have to resign with a new signature (non-reusable);
- Contract doesn’t change over time (unalterable);
- Both side (company and you) can’t deny that they have signed the document (irrevocable).
The digital signature has to be authentic, unfalsifiable, non-reusable, unalterable and irrevocable. When all this property are gathered, the authenticity and the integrity of an information can be verified.
The signature operation is based on asymmetric cryptography. First a digest of the initial information is created and this last is encrypted with the private key. This operation is called the signature.
To validate the signature, the recipient extracts the encrypted digest from the message and use his public key to unencrypt it. Next the recipient creates a digest from the received information and compare it with the previously unencrypted digest. This is the signature checking process.
Figure 5: Signature operation
A good way to remember when the private key is used is to know what information is important in each operation. In signature process, the critical information is the digest so the private key is used to sign. In encryption process, the critical information is encrypted: so the private key is used to unencrypt.
Encryption and signature operation
Now that we are aware about encryption, hash algorithm and signature, let have a look how these elements interact together to make an information confidential, authentic and honest.
Figure 6: Encryption and signature operation
When the signature and encryption are used together, the signing process is done firstly. So this step are performed in this order:
- A digest is created from the initial information;
- This thumbprint is encrypted with the private key (Kprg);
- The thumbprint is added to the initial information (in the same file);
- A temporarily session key is generated (Ks) It will be used to encrypt initial information;
- The session key is encrypted (Kse) with the public key of the rececipient (Kpub);
- Kse is added to encrypted information file. So this file is contains the encrypted information, the Kse and the signature.
When the recipient receives the file from the issuer, it begins by unencrypt file and next to verify the signature:
- The recipient extract the Kse from the received file. This key is unencrypt with the private key (Kprb) to obtain session key (Ks);
- Ks is used to unencrypt information;
- Next recipient extract the encrypted thumbprint;
- The public key (Kpug) is used to unencrypt the thumbprint;
- In the same time, the recipient creates a digest from the previously unencrypted information;
- To finish, the recipient compares the unencrypted thumbprint with the digest generated from unencrypted information. If they match, the signature is verified.