Read the certificate in cryptography
In the previous article, we talked about digital signature, the role of digital signature is to prevent tampering and camouflage, and to prevent denial. But in order to use digital signature technology correctly, there is a very big premise, that is, the public key used to verify the signature must really belong to the sender.
If the public key you get is forged, no matter how perfect your signature algorithm is, you will get the wrong result.
So how can we get the sender’s public key safely? Here you need to use the certificate. The so-called certificate is obtained by signing the sender’s public key through the trusted institution of the third party.
There are two concepts: public key certificate (PKC) and certification authority (CA). Friends familiar with blockchain should often hear the term Ca, which is the certification authority here.
Examples of certificates
Let’s look at an example that we may encounter in practice
If a wants to send a message to B, and the message wants to be encrypted with B’s public key, but a cannot know what B’s public key is in advance, then the following certificate scheme can be used:
- In the first step, B needs to generate its own key pair, and then register the public key into the ca. Here CA is a reliable organization of the third party.
- After obtaining the public key of B, CA signs the public key of B with its own private key to get the certificate.
- A obtains the certificate and the public key of Ca from Ca (CA is a trusted organization, which can be obtained from public sites), and uses the public key of CA to verify the validity of the certificate signature.
- A obtains B’s public key and encrypts the message with B’s public key.
- B decrypts the message with its private key to get plaintext.
Well, this is the simplest example of certificate usage.
Standard and generation of certificate
Because the certificate is issued by the certification authority, users need to verify it, so they need a standard certificate format to facilitate the use of users. The most widely used certificate standard format is X.509, which is developed by ITU (International Telecommunication Union) and ISO (International Organization for Standardization).
x. 509 has many extended formats, including der, CRT, CER, PEM, etc. They have different uses in different environments.
So how to generate a certificate? It can be generated with the help of third-party tools or command-line commands such as OpenSSL. The specific generation command is not detailed here.
With the certificate format, can we actually use the certificate?
In fact, this is not enough. We also need to define who should issue the certificate, how to issue it, and if the certificate is invalid. PKI (public key infrastructure) is a series of specifications and protocols for the effective use of certificates.
PKI consists of three parts
Users are people who use PKI, that is, people who need to use CA to publish their own public key and obtain others’ public key.
- Certification body
Certification authority is Ca, it is the person who manages the certificate. In addition to generating certificates, CA also has a very important job to void certificates.
Because the user may lose the key or discard some certificates for special reasons. Then a void request can be made to the ca. The invalid certificate will be saved in CRL. CRL is an external certificate discard list. When using a certificate, users must first check whether the certificate is in the CRL list. If the certificate is in, it cannot be used.
The warehouse is a database for storing certificates. The certificates generated after user registration are stored in the warehouse for other users to obtain and use.
Hierarchical structure of Ca
We learned about the concept of root Ca in fabric. What does that mean?
We can see from the above introduction that CA can not only be performed by institutions, but anyone who can sign the public key can build a ca.
If a large organization wants to build a Ca, for example, a head office wants to build a Ca, it can first build a root Ca, and then build sub CAS under the root Ca, which are responsible for issuing certificates to specific users at the bottom.
Attacks on certificates
Because certificate is based on digital signature technology, all attacks based on digital signature technology are applicable to certificate.
This paper mainly introduces the attack of PKI system
- Replace public key before public key registration.
If user B wants to generate a certificate, it needs to register with Ca and submit its public key to ca. The public key may be replaced maliciously before it is submitted.
- Stealing the private key of certification authority
All users’ public keys are signed by the private key of ca. if the private key of Ca is stolen, all certificates are not secure.
CA is actually a centralized organization, which often has such problems. Break one, break all.
- Disguised as a certification body
The attacker can disguise as an authentication authority and let the user be deceived. So users must be careful when they register.
- CRL time difference attack
If B’s key is lost, he will submit an abandonment application to ca. however, there is a time lag between the submission of the application and the effective application and the CRL generation. During this period, the abandoned key can still be used legally.
For more information, please visit http://www.flydean.com/certificate/