Certificates Authorities

This page is a companion page on private key architecture kerberos using Cryptography.

“Badges? We don't need no stinking badges!” —from "BLAZING SADDLES" movie

Topics this page:

Site Map  
About this site  

The Private Key Infrastructure Data/Work Flow

Download the Visio 2000 file for this flowchart.

PKI (Public Key Infrastructure)

Passwords are stored in digital certificates from Entrust.com, Thawte, or other Certifying Authority (CA). This is like getting a passport, drivers license, or identification card from a governmental entity or some trusted third party (TTP). Like a Notary Public, the CA verifies that you are who you say you are.

PKI automates the process of verifying whether certificates are valid. It provides the capability to easily publish, manage, and use public keys.

from NSA and the SANS Institute.

Hear Microsoft Seminar audio on Fundamental Cryptography and Certificates on the Internet

CIO.org Briefing on PKI

Intro to What Is PKI?

Windows 2000 Public Key Infrastructure Overview

Digital Signatures

An authenticode is a digital signature that verify software origin, authenticity, and integrity for "code signing".

A digital certificate is the container for one or more digital signatures, which are forms of ID such as a birth certificate, drivers license, or passport bound to a public key.

Extensible fields in the certificate delineate group memberships and object permissions.

Private Key Infrastructure Notation

Mathematicians use
• S to represent the plaintext to be protected.
• T to represent the ciphertext coming out of the
• f_k to represent the enciphering function (algorithm)
• f_g to represent the deciphering function (algorithm)
• k to represent the enciphering key and
• k' to represent the deciphering key.

  The terms encipher and encrypt are synonymous, as are the terms decipher and decrypt.

Introduction to Cryptography With Java Applets (Jones & Bartlett Publishers, Inc., 2003) by David Bishop (a professor Grinnell College) offers online Java applets to demonstrate important concepts to help undergrads learn to program cryptography algorithms from the ground up. Topics include large integer computing, linear cyphers, matrix cyphers, primality testing, and establishing keys and message exchange.

Java Cryptography Extensions : Practical Guide for Programmers (Morgan Kaufmann February 27, 2004) by Jason Weiss

Java Cryptography Extensions : Practical Guide for Programmers by Jason Weiss

Certificate Authorities

A CA (Certificate Authority) vouches for the authenticity of their public keys. A digital signature which meets ITU (International Telecommunications Union) Telecommunication Standardization (ITU-T) PKIX X.509 version 3 [RFC 2459] standard is generated based on
• detailed information about the key holder
• an expiration date, after which the certificate is expired
• (with v3), a Compromised Key List (CKL)

Internet browsers issue a warning message even after you install a website's SSL certificate issued by a CA not among Microsoft or Firefox's default list.

Import DoD Root Certificates from dodpki.c3pki.chamb.disa.mil (in either PEM or DER Format)

• Class 3 PKI Root CA Certificate.
• Root CA 2 Certificate.
• External Certification Authority (ECA) Root CA Certificate.

DoD Configuration Firefox3 add-on does all this for you.

Import DoD Certificate Revocation Lists (in binary form) from
ca-10.c3pki.den.disa.mil/ca

But before you do all this, get the CA fingerprints (hash) from your security administrator so that you can make sure you have a legitimate cert when you click "View Cert". Examples in two formats:

SHA1: 135CEC36 F49CB8E9 3B1AB270 CD808846 76CE8F33
MD5:  A61B375E 390D9C36 54EEBD20 31461F6B

SHA1: BC:89:78:19:8C:3D:2B:2D:3B:58:5F:0C:A3:A5:86:3C:5C:E3:AE:18
MD5:  52:A5:D3:C9:19:84:FE:CF:A4:AD:AE:69:33:36:95:6D

Certificate Stores

PKI provides for five standard certificate stores:
• CA,
• MY,
• ROOT which store intermediate CA certs,
• TRUSTS which store CTLs (Certificate Trust Lists) to control which certificates will be accepted; and
• UserDS - a logical view of the certificate respository in the AD.

Only Commercial CAs are known by internet browsers Browsers who encounter an Enterprise CA would require user acceptance.

To create or change a Certificate Trust List:

1. Log on to a Web server with Administrator Privileges.
2. In the Internet Information Services snap-in, open the Web site's Properties sheet.
3. On the Directory Security property sheet, under Secure Communications, click Edit.
4. In the Secure Communications dialog box, select the CTL you want to modify and click Edit. The CTL Wizard will begin and guide you through the process of modifying a CTL.

   Alternately, use MakeCTL (from the Windows Platform SDK CryptoAPI Tools).

Hierarchy of Certificates on Microsoft Certificate Service CAAuth

Subbordinate CAs are under (certified by) root CAs or another subordinate CA.

• Self-signed Enterprise root CAAuth (at the top) issues certs for smart cards. Enterprise root CAs use (require) Active Directory services because they request identification from requestors and then publish their certificates (and CRLs) in the Active Directory.
• Enterprise Subbordinate Intermediate CAAuth (in the middle of the hierarchy do not issue certs to users)
• Enterprise Subbordinate Issuing CAAuth
• Stand-alone CAAuth issue certs to other organizations (perhaps over the Internet). They don't require Active Directory because stand-alone CAs publish their certificates and CRLs to folder
  %systemroot%\System32\CertSrv\Certenroll
  By default, Administrators have to approve all requests.

Request Certificate from Microsoft IIS

My annotations on generating a PKCS #10 compliant Certificate Request File Using the Certificate Wizard in IIS 5.0:

1. Select the Internet Information Services console from within the Administrative Tools menu.
2. Expand the list and right mouse-click to select Properties for the computer and web site (host) to be secured (such as "Default Web Site").
3. Click the Directory Security tab.
4. Click the "Server Certificate..." button in the "Secure Communications" section.
5. Click Next to "Welcome to the Web Server Certificate Wizard".
6. Select "Create a new certificate", then click Next.
7. Click Next to select "Prepare the request now, but send it later"
8. At the "Name and Security Settings" screen, change the default [friendly] name field for the new certificate. When selecting bit length, 1024 is recommended. Click Next. Do not use commas or these characters: < > ~ ! @ # $ % ^ * / \ ( ) ? &.
9. At "Your Site's Common Name", replace the default NETBIOS machine name with a fully qualified domain name. For example, "www.amazon.com"
10. In the "State/province" field, avoid using abbreviations (such as AZ for Arizona) because some CAs don't recognize them.
11. Enter your Administrator contact information.
12. Change the default output file path and name from "c:\certreq.txt" holding the CSR. This file (the CSR) essentially public key and the distinguished name (DN) of your Web server.
13. At the "Request File Summary" screen, remember that you can't make changes, only resubmit (and pay for another cert).
14. At the "Completing the Web Server" screen, select Finish. The "Click here" sends you to Microsoft's Security home page maze which you're left on your own to navigate to Microsoft "Secure Network Connectivity" pages. To use Microsoft's ActiveX Xenroll.dll on Microsoft browsers to automate certificate generation and digital certificate status validation in real time, you need to first download and run the August 28, 2002 (Q323172) patch for the "Microsoft Certificate Enrollment CAB"

15. If you are applying as a company, have your company's Dun & Bradstreet identification number, which is used to trace the identity of actual corporations. Most CAs also request a copy of the company's Articles of Incorporation submitted with a letter on company letterhead.

Installing a New Certificate with Certificate Wizard for Use in SSL/TLS

MS article

Certificate Administration on Microsoft

By default, certificates provided by CAAuths are stored in folder
%systemroot%\system32\certlog\

To view all CA names in the Windows 2000 Active Directory:

cerutil.exe -v -ds

To enable revocation-checking through web browsers executing .Asp tasks, go to a CLI command prompt on the CA and use this:

certutil -SetReg Policy\RevocationType +AspEnable

CA's enrollment uses transport-independent message formats that support PKCS (Public Key Cryptographic Standards):

1. CA accepts PCKS #10 request package
2. CA issues an X.509v3 certificate in a PKCS #7 digital envelope
3. An exported certificate and key pair is encrypted as a PKCS #12 blob in a .pfx file

Legal information about certificates from a CA is described in that CA's Issuer Policy statement, which Windows 2000 stores in a CAPolicy.inf file.

In Windows 2000, Kerberos is the default SSP and SNEGO (IETF's Security Negotiation Mechanism) for GSS-API [RFC 2478] extend SSP interoperability. SSPI uses the Negotiate SSP to match security levels within a security provider exchange.

Windows 2000 uses Active Directory to map information about users to digital certificates, which is based on X.500.

Clients can trust a CA only if a copy of the CA root certificate is in the trusted root certificate store.

Windows 2000 uses xenroll.dll for certificate enrollment.

Microsoft [Q292569] on Importing and exporting certificates on Windows 2000.

You can import a trusted root certificate from several types of files:

• PKCS #12 file (.pfx, .p12),
• PKCS #7 file (.spc, .p7b),
• certificate file (.cer, .crt), or
• a Microsoft Serialized Certificate Store file (.sst).

  Windows 2000 Exchange Server and X.509 Key Mangement Server Interoperability March 14, 2000

  dsstore.exe
  Directory Services Store CLI [from the Resource Kit] is used to -display enterprise key roots or to add certificate revocation list (.crl) file, a Certificate Authority name (with the -addcrl or -addroot parameters).

  All this is a more complicated encryption approach to the “Secret Decoder Ring” that swaps individual characters. Use this Funcatize webpage to translate text back and forth!

  To verify a digital signature, download the chktrust.exe tool from WMSoftware.com

  v3 of X.509 added additional data:

• internet email address
• internet domain name
• web url
• IP address
• X.400 emal address
• X.500 directory name
• Registered Identifier
• other name

  X.509 v3 also added mechanism to include standard and special extensions in the certificate which specify certificate policies from CAs and key usage constraints on the certificate to limit CA liability. A critical constraint is mandatory. A non-critical constraint is an advisory that is optionally followed.

  On Microsoft .NET servers, use the MakeCert.exe Certificate Creation Tool from .NET Framework Tools to create X.50 public and private digital signature key pairs for certificate testing.

  FreeSSL

  Microsoft How To: Set Up SSL on a Web Server

  A description of the SSL_RSA_WITH_RC4_128_MD5 cipher suite to encrypt web apps use with SSL version 3, or with TLS (RFC2246) with a server digital certificate private key of at least 1024 bits.

  Tumbleweed Desktop Validator enables CA-specific digital certificate validation to client or server applications enabled with MS-CAPI (Microsoft Windows Cryptographic API). It uses native CAPI calls after accessing its proprietary VA server with multiple sources of revocation information.

Step 1: Make Decisions and Setup

Certification Methods

• PGP, a referral method,
• SKIP, a collaborative method.
• IETF's PKIX, based on X.509 [RFC 2459], a directory method involving Certification Authorities.


Certificate Authorities

I was faced with some stark realities when I first landed on a certificate page at Thawte, a CA in South Africa, now a division of VeriSign. Each CA presents its own Certification Practice Statement (CPS). Make sure you reference the correct version and update:
• Verisign Practices Updates and Notices
• Baltimore Technologies

Exchange of Bodily Information

The first step in Thawte's process was to create an ID number containing a country code and the national identifcation code (the US Social Security Number).

I hesitated about giving out my social security number to yet another organization. I thought about what I was trusting:

• I trust that, enroute to Thawte, HTTPS is protecting my data.

• I trust that Thawte isn't a front for the Russian mafia. Thawte won't distribute the list or let it fall in enemy hands (like our FBI and CIA manage to do).

  It turns out Thawte is owned by VeriSign, the “big daddy” of Certificate Authories. Thawte is one of only two global Certificate Authorities trusted by all leading S/MIME X.509 secure messaging software, such as Microsoft Outlook Express and Netscape Communicator. (Talk about monopolies!)

• I trust that someone can't somehow derive the number from the digital signature (a hash of my private key) or the public key.

So I opted to give them my drivers license instead of my social security number. That's actually a state identity number, not a national number. But that didn't occur to me until after I pressed the send button.

I'll use a real number the next time.

Email Identity & Client

What ever identity number I gave Thawte, that number is associated with the email account in the certificate.

This can't be a web-based mail account such as hotmail or Yahoo mail. The email I use must be a POP3 mail account such as Earthlink. (I don't know about AOL)

The bottom line is that I must use a mail client which does S/MIME processing, such as Outlook or Eudora Pro. I don't like Outlook 2000 because it's too slow and (by default) makes me go down 3 levels of pull down menus to select the action I use 99% of the time.

Choice of Password

Example of passphrases in movies: In “Aladdin“, to get into the castle, say "open sesame". In “Tron”, to get into the MCP, say “raindeer flotilla”.

I think that one of the weakest aspect of consumer password security is that people habitually use the same passwords everywhere.

As a creatures of habit, many get used to simply incrementing numbers or letters when they are required to change their password.

If someone ever gets my password, ALL of my accounts would be compromised. (This, by the way, is the problem with Microsoft's Passport authentication service)

I keep a list of where I've signed up, and encrypt it with a password I haven't used on anything else.

So I've gone to using programs to generate password generation passwords and passphrases.

Copy of Certificate In a Safe Place

I printed out a screen image, wrote down the password, and filed the paper in the portable box where I keep unused credit cards, my passport, birth certificate, diplomas, Prometric score reports, and other valuables.

BTW, I should keep originals in a bank safe deposit box in case my home burns down, and only keep copies in the house.

Server Gated Cryptography Protocol

To enable any browser to (without local configuration) use 128-bit encryption, use the SGC protocol, which is an extension of SSL. So, to enable SGC on a web server, the Schannel.dll file on IIS5 needs to be updated.

SGC certificates are obtained only from a commercial CA (such as Verisign), not from an Enterprise CA or stand-alone CA.

After the SGC certificate has been installed, select the IIS 5.0 SSL “Secure Communications” dialog box.

Limitations and Extensions

To request a certificate using a command line utility:

CERTREQ.EXE

Certificate Traceability

A certificate is only as good as the Certificate Authority behind it. A certificate could be issued by a rogue Certificate Authority (e.g., citibank.biz).

Certificate Expiration and Revocation

The life expectancy of the certificate issued to a Windows 2000 machine is stored in its registry key
HKEY_LOCAL_MACHINE\ SYSTEM\ CurrentControlSet\ Services\ CertSvc\ Configuration\ MAIN

Recipients of signed documents should check if the certificate has been revoked by its CA after issuance. This could occur if a certificate was found to have been issued to an imposter. This has occured even with certificates issued to Microsoft.

To revoke a certificate use the Certification Authority console GUI or a command line utility specify the serial number:

certutil -revoke 06E472BA000000000023

To prevent the CA certificate from expiring, you must manually renew the certificate. Stop the Certificate Services service. Enter the Certification Authority console and select the Renew CA Certificate option.

Additional Decryption Keys (ADKs)

Pressure from government bodies led to the creation of Additional Decryption Keys (ADKs), which are added to the public key certificate and allow a third party to also decrypt emails that were encrypted by the public key. If a user agrees to an ADK being added to his public key, it is placed within the secure area of the certificate.

SSL Coprocessors

A server accelerator card is also known as an SSL card because it is used to generate encryption keys for secure transactions on e-commerce Web sites.

Microsoft TechNet article: Helping to Secure Communication: Client to Front-End Server

When a secure transaction is initiated, the Web site's server sends its certificate, which has been provided by a certifying authority, to the client machine to verify the Web site's authenticity. After this exchange, a secret key is used to encrypt all data transferred between sender and receiver so that all personal and credit card information is protected. This process can severely overload a server resulting in fewer transactions processed per second, which means fewer sales. The server accelerator card takes over this process, thus reducing the load on the server. Server accelerator cards support a number of security protocols including Secure Sockets Layer (SSL) and Secure Electronic Transaction (set).

The server accelerator card is installed into a (PCI) slot of a server. A software driver is loaded, and the server is ready to receive orders. This is much easier and more cost-effective than buying additional servers. Additional cards can be installed as the server's secure transactions increase.

VeriSign charges for a Licensed Certificate Option when a certificate is shared.

SSL acceleration appliances are external units that have server accelerator cards installed inside them. The unit is then plugged into the server. When a secure transaction is detected, the transaction is routed to the SSL acceleration unit for processing. SSL accelerator appliances can be added together as needed by clustering them together.

On Sun Solaris 8 machines, Sun offers its Crypto Accelerator 500 Daughterboard, the Crypto Crypto Accelerator 1000 PCI board, and Crypto Accelerator 4000 Board.

The F5 Networks offers its Big-IP FIPS SSL Accelerator.

Check Point's VPN-1 Accelerator Card III delivers over 400 Mbps 3DES VPN throughput.

The QuickSafe SSL Accelerator from Cryptographic Appliances outscales any dedicated SSL accelerator on the market with (1024 bit) SSL operations a second. Their appliance is situated behind web servers (and thus less open to attacks). This allows the maintainance of a session cache (for "true" load balancing) and only a single certificate rather than distributing certificate keys on multiple encryption devices.

The HP/Atalla AXL600L SSL Accelerator Card is only for HP's Proliant servers run by Windows or Linux. This 33-MHz 32-bit device incorporates a dual voltage signal bus.

The nCipher's nFast accelerater card

The CacheFlow card caches what flows through it — a speed-enhancing feature other products do not offer.

The Alteon Switch Alteon iSD-SSL Accelerator.

AEP Systems

SonicWALL SSL Accelerator PCI Card

Key Stores

The keystore is created one time using a command such as:

keytool -genkey -keystore keystorename -storepass keystorepassword

To display the complete contents of the keystore, use the command:
keytool -list -keystore keystorename

Private certificates are imported into the keystore using this command:

keytool -alias aliasforprivatekey
-import -file privatekeyfile.pem -keypass privatekeypassword
-keystore keystorename -storepass keystorepassword

CA Certificates are imported into the keystore using this command:
keytool -alias aliasfortrustedca -trustcacerts
-import -file privatekeyfile.pem -keypass privatekeypassword
-keystore keystorename -storepass keystorepassword

Related Topics: