Public key infrastructure PKI technology and application development
1 Overview
2, Trust service and significance of PKI technology
3, PKI standard and architecture
4, PKI application and development
------------------------------------
I. Overview
PKI is an abbreviation for "public key infrastructure" means "public key infrastructure". Simply put, PKI technology is an infrastructure that provides information security services using public key theory and technology. The public key system is currently the most widely used encryption system. In this system, the encryption key is different from the decryption key, and the person who sends information uses the recipient's public key to transmit encrypted information. The recipient will use itself. The proprietary private key is decrypted. This method guarantees the confidentiality of the information and guarantees that the information is unrecognizable. At present, the public key system is widely used in the fields of CA certification, digital signature and key exchange.
PKI seems to solve the vast majority of network security issues, and initially form a complete set of solutions, which is a security system based on public key theory and technology, and is a universal security basis for providing information security services. facility. The system provides online identity authentication on the basis of a unified security certification standard and specification, which is a collection of CA certification, digital certificates, digital signatures, and related secure application component modules. As a technical system, PKI can be used as a technical foundation that supports authentication, integrity, confidentiality, and undenny. From technology to solve security issues such as online identity authentication, information integrity and resistance, providing reliable security for web applications. Safe. However, PKI is not only involved in the technical level, but also involves multi-level issues such as e-government, e-commerce, and national informationization strategy. As the infrastructure of national informatization, PKI is the sum of related technologies, applications, organizations, norms, and laws and regulations. It is a macro system that reflects powerful national strength. The core of PKI is to resolve the trust in information network space, identify the only identity, authenticity and legality of various economic, military and management behavior (including organizational and individual) identity in the information network space, protecting information network space The security benefits of various subjects.
Public key infrastructure (PKI) is an important part of the information security infrastructure, which is a universally applicable network security infrastructure. PKI is a concept that the American scholar has been introduced by American scholars in the 1980s, in fact, authorized to manage infrastructure, trusted timestamp service systems, security management systems, unified security e-government platforms, etc. stand by. Digital Certificate Certification Center CA, Audit Registration Center RA (Registration Authority), Key Manager KM (Key Manager) is a key component that makes up PKI. As a public infrastructure that provides information security services, PKI is the best system currently recognized to ensure network social security. In my country, PKI construction has begun to start a few years ago. As of now, financial, government, telecommunications and other departments have established more than 30 CA certification centers. How to promote the PKI application, strengthen the interoperability between the PKI system between the system, the department, the country, has become an important issue in which the PKI construction needs to be resolved.
Second, the trust service and significance of PKI technology
A) Trust service of PKI technology
The public key infrastructure PKI is a comprehensive facility of hardware, authorization, encryption, such as authentication, integrity, and unrecognized security purposes based on the public key technology.
The PKI security platform provides intelligent trust and effective authorization services. Among them, the trust service is mainly to solve how to confirm "You are you, I am me, he is his", and PKI is the most effective technique that establishes the trust system on the network. The authorization service is mainly to solve the problem of "what can do every entity" in the network. In the virtual network, you must go up to the real simulation, you must establish a valid licensing system for the network environment, and establish an authorized management infrastructure through PKI is the best choice for establishing a valid authorization on the network.
So far, the PKI system that is perfect and correctly implemented is the best way to complete all network transactions and communication security issues. According to the description of the National Standard Technology Bureau, in network communication and online transactions, especially in e-government and e-commerce business, the most needless security guarantee includes four aspects: identity identification and certification, confidential or privacy, data integrity And undisurable. PKI can fully provide the above four guarantees, the services provided mainly include the following three aspects: 1, certification
In real life, the approach to certification is usually negotiated before the two people, identify a secret, then, in accordance with this secret. With the expansion of the network and the increase in users, the secrets in advance will become very complicated, especially in e-government, often have new hiring and retirement. In addition, in a large-scale network, two or two negotiations are almost impossible. There is also a great difficulty through a key management center, and when the network is large, the key management center may even become a bottleneck for network communication.
PKI is certified by a certificate, and the other party knows that you are you, but you can't know why you are you. Here, the certificate is a trusted third party prove, through it, communication between communication can be safely certified, without worrying about the other party is counterfeiting.
2, support key management
By encrypting certificates, communication between communications can negotiate a secret, and this secret can be used as a key to communicate. A key can be negotiated on the basis of authentication when communicating. In a large-scale network, especially in e-government, key recovery is also an important aspect of key management, and the government will never want to be used by criminals. When the government's individual staff betrayed or using the encryption system for anti-government activities, the government can decrypt their communication content through statutory procedures to protect the legitimate rights and interests of the government. PKI can provide trusted, manageable key recovery mechanisms through good key recovery capabilities. PKI's popularization applications ensure comprehensive key recovery and management capabilities in the whole society to ensure the health and orderly development of online activities.
3, integrity and undeniable
Integrity and undeniable are the most basic services provided by PKI. In general, integrity can also be solved by both parties to negotiate, but when one party is interested, this integrity cannot accept third-party arbitration. The integrity provided by PKI can pass third party arbitration, and this integrity that can be arbitrated by third parties is undeniable. For example, Xiao Zhang sends a contract to the old Li, Lao Li can ask Xiao Zhang to perform digital signatures, the signature contract not only Lao Li can verify its integrity, others can also verify that the contract is really small. And all people, including Lao Li, did not imitate Xiao Zhang's ability to sign this contract. "It is undeniable" is to provide services through such a PKI digital signature mechanism. When the law is licensed, the "undisceptive" can be used as a legal basis (some countries such as the United States have issued a digital signature method). When used in use, the security of PKI should be higher than the current paper stamp system.
The perfect PKI system basically solves most of the security issues in the network society through asymmetric algorithms and safe applications (except available). The PKI system has this ability:
It can transform an in-government network society into a society with a government, managed and can hold responsibility, eliminating hackers' unscrupulous attacks on the Internet. This transformation has a better effect in a limited local area network. At present, many websites, e-commerce, security E-mail systems have used PKI technology.
2) The meaning of PKI technology
1. Construction of a canable, controlled, secure Internet network via PKI
As we all know, the traditional Internet is a network that has no central, uncontrolled, no QoS guarantee, "best-effect" network. However, since the Internet has a unified network layer and transport layer protocol, it is suitable for global interconnection, and the line utilization is high, the cost is low, and the installation is convenient. From the day of its birth, it shows powerful vitality, Soon all over the world. In the traditional Internet, in order to solve the problem of security access, people have adopted measures such as "password", but it is easy to guess, it is difficult to fight against organized group attacks. In recent years, with the rapid development of broadband Internet technology and large-scale integrated circuit technology, the public key cryptography has its use of martial arts, encryption, and decryption, is no longer an obstacle to its application. Therefore, the International Telecommunication Union (ITU), International Standardization Organization (ISO), the International Electrotechnical Commission (IEC), the Internet Task Working Group (IETF), etc., has established a series of technical standards related to PKI, establishing a certification mechanism The certificate service system, binds the public key of each network entity through the certificate, making each entity of the network identifies, effectively solving "who you are" on the network, change the broadband Internet in a certain security domain It became a controlled, capable, safe network.
2, can build a complete license service system in the Internet through PKI
By expanding the digital certificate, PKI issued a property certificate to a specific network entity based on the digital certificate, to characterize the power of the role and attributes, which solves "what you can do" in large-scale network applications. "Authorization problem. This feature is very advantageous to implement e-government. Because e-government is in a certain sense, it is to achieve real estate analog to online. In the traditional local area network, although access rights can be set according to different levels, the highest permission is often the main leadership of this department, but the network system administrator, he can see, what can be changed, this and The realistic reality is the left, and it is also one of the reasons why some leaders do not dare to use the office automation system. The authorized service system can be easily constructed using PKI. When you need to keep secret, you can use the private key to ensure that people with privileges can do something. Others include network system administrators to do unauthorized Things; when you need everyone know, the relevant people can verify that a certain instruction is indeed from a leader in a certain leader, so that it is true and reliable.
3. Construction of a unified platform with high uniform and high security through PKI
PKI follows a complete set of international technical standards that can be systematically designed for systematic, network layers, and application layers to build a unified security domain. At the same time, it uses an element-level fine-grained safety mechanism based on extended XML standard. In other words, it is possible to implement signatures and encryption functions in element levels, not like traditional "door guard" security systems, as long as they entered the door, they can A list of unborn. Moreover, the underlying safety middleware ensures that the safety mechanism is guaranteed to provide some specific implementation details in the security mechanism while providing the upper user, and therefore, it is very advantageous to prevent malicious attacks from preventing illegal users. In addition, the PKI provides the application system code that provides a cross-platform transplant through Java technology, providing business data that can be exchanged and transplanted through XML technology. On such a PKI platform, it is convenient to establish a single service software. The intermediate platform is very conducive to the integration of a variety of application systems, which greatly increases the generality, safety and portability of the platform.
Third. The standard and architecture of PKI
A) Standard of PKI
From the course of establishing and development of the entire PKI system, the standard related to PKI mainly includes the following:
1, X.209 (1988) ASN.1 Specification for basic coding rules ASN.1 is a standard method describing information format on the network. It has two parts: the first part (ISO 8824 / ITU X.208) describes the data, data types, and sequence formats within the information, which is the syntax of the data; the second part (ISO 8825 / ITU X.209) describes how Composition each part of the data is a message, that is, the basic coding rules of the data.
ASN.1 is originally developed as part of X.409, and later become a standard. These two protocols are widely used in other areas of communications and computers in addition to being applied in the PKI system.
2, X.500 (1993) Open Systems of Information Technology Interconnection: Concept, Model and Service
The X.500 is a directory service system standard that has been accepted by the International Standardization Organization (ISO), which defines how a mechanism shares its name and related objects in the global scale. The X.500 is hierarchical, where administrative domains (organizations, branches, departments, and working groups) can provide users and resource information within these domains. In the PKI system, the X.500 is used to identify an entity that can be a mechanism, organization, individual or a server. The X.500 is considered to be the best way to achieve directory services, but the implementation of X.500 requires a large investment, and is slower than other modes; and its advantage has information model, multi-function and openness.
3, X.509 (1993) Information Technology Open System Interconnection: Identification Frame
X.509 is a digital certificate standard developed by the International Telecommunications Union (ITU-T). Based on the X.500 to ensure that the user name is unique, the X.509 provides the authentication mechanism for the communication entity for the X.500 user name, and provides a widely applied certificate syntax and data interface in the entity authentication process.
The initial version of X.509 was announced in 1988. The X.509 certificate consists of a user public key and a user identifier. It also includes information such as version number, certificate sequence number, CA identifier, signature algorithm identifier, issuer name, certificate validity period. The latest version of this standard is X.509 V3, which defines a digital certificate containing extended information. This version of the digital certificate provides an extended information field to provide more flexibility and the information transferred under special applications.
4, PKCS series standard
The PKCS series criteria made by the RSA laboratory are a set of addendal density, signature, key exchange, distribution formats, and behavioral standards for the PKI system. This standard has now become an indispensable part of the PKI system.
5, OCSP online certificate status protocol
OCSP (Online Certificate Status Protocol) is a standard that IETF is promulgated for checking whether the digital certificate is still valid at a certain transaction time. This standard is provided to the PKI user's convenient and quick digital certificate status query channel, making the PKI system more efficient and safer in all fields.
6, LDAP Lightweight Directory Access Protocol
The LDAP specification (RFC1487) simplifies the cumbersome X.500 directory access protocol, and has been modified in terms of functionality, data representation, encoding, and transmission. In 1997, LDAP 3 became an Internet standard. Currently, LDAP V3 has been widely used in the PKI system to publish, CRL information release, CA policy, and all aspects related to information release.
In addition to the above agreements, there are also some application agreements that are built on the PKI system, which are representatives of the PKI system in applications and universalization, including the SET protocol and SSL protocol. There are many standards and standard protocols in the PKI system. Due to the continuous advancement and improvement of PKI technology, there will be more standards and agreements in the future.
2) The architecture of PKI
A standard PKI domain must have the following main content:
1. The certification body CA (CERTIFICATE AUTHORITY) CA is the core actuator of PKI. It is the main component of PKI. The industry is usually called it as a certification center. In general, the certification center should also include a certificate application registration authority RA (Registration Authority), which is a digital certificate application registration, certificate issuance and management agency.
The main responsibilities of CA include:
Verify and identify the identity of the certificate applicant. The credit applicants' credit, the purpose of the application certificate, the true reliability of identity, etc., to ensure the correctness of the certificate and identity binding.
Make sure the quality and security of the CA for the asymmetric key of the signing certificate. In order to prevent being deciphered, the private key length of the CA is used for signature must be long enough and the private key must be generated by the hardware card, the private key is not in the card.
Manage certificate information. The management certificate number and the CA identifier ensure the uniqueness of the certificate main identification to prevent the replication of the certificate main body name. Determine and check the validity period of the certificate in the credential use, ensure that the expired or invalidated certificate is not used to ensure the security of online transactions. Publishing and maintaining a list of certificates (CRLs), because the certificate must be invalidated, it must be released as a "blacklist" in the certificate to be used in the trading, to prevent trading risks. Monitor tracking for the use of the issuance of issued certificates, perform full logging, providing a fair basis, participating in arbitration.
It can be seen that CA is a third-party institution that guarantees the authority, trussed and impartiality of e-commerce, e-government, online banking, online securities and other transactions.
2, certificate and certificate library
The certificate is a digital certificate or the evolution of the electronic certificate. It meets the X.509 standard and is a proof of online entity identity. The certificate is issued by a third-party agency with authoritative, trussed and fairness, so it is an authoritative electronic document.
The certificate library is a centralized storage of CA issued certificates and revoke certificates. Like online "White Pages", it is an online public information base for public open queries. In general, the purpose of the query has two: one is to get the public key of the communication entity; the second is whether the certificate to verify the other party has entered the "blacklist". The certificate library supports distributed storage, that is, database mirroring technology can be used to store CA-issued certificates and certificates to the Organization to the local to improve the query efficiency of the certificate and reduce the bottleneck to the total directory query.
3, key backup and recovery
Key backup and recovery are the main content of key management, and users lose the key of the decryption data for some reason, so that the ciphertes that have been encrypted cannot be unlearable. In order to avoid this, the PKI provides a key backup and key recovery mechanism: When the user certificate is generated, the encryption key is backed up by CA; when it is necessary to recover, the user only needs to apply to CA, CA Will recover automatically for the user.
4, update for the key and certificate
The validity period of a certificate is limited, and this provision is theoretically based on the critical translational analysis of the current asymmetric algorithm and key length; in practical applications, due to long-term use of the same key has been deciphered, therefore, In order to ensure safety, the certificate and key must have a certain replacement frequency. To this end, PKI must have a replacement measure for the failed certificate, which is called "key update or certificate update".
Certificate updates are generally completed by the PKI system without user intervention. That is, in the process of the user uses the certificate, the PKI will automatically check the validity period of the certificate in the directory server. When the validity period ends, PKI / CA will automatically start the update, generate a new certificate instead of the old certificate.
5. Certificate history file
From the above key update, we are not difficult to see that after a period of time, each user will form multiple old certificates and at least one current new certificate. This series of old certificates and corresponding private keys constitute a historical file for user keys and certificates. Recording the entire key history is very important. For example, the data encrypted with its own public key a few years ago or other people encrypted with their own public key unable to decrypt the current private key, then the user must find it from his key history file. A few years ago to decrypt data. 6, client software
To facilitate customer operation, solve PKI application problems, with client software to implement digital signatures, encrypted transmission data. In addition, client software is also responsible for querying the certificate and related certificates of the certificate and the certificate path processing, providing a timestamp request for a particular document.
7, cross-certification
Cross-certification is interoperable between multiple PKI domains. There are a variety of methods for cross-certification implementation: one method is to bridge CA, that is, with a third party CA as a bridge, connect multiple CAs to become a trusted unity; another method is the root of multiple CAs The CA (RCA) is assigned to each other, so that when the end users in different PKI domains are verified to the root along different authentication chains, they can achieve the purpose of mutual trust.
Fourth, PKI application and development
A) PKI application
1, virtual private network (VPN)
Typically, companies use firewalls and access control technologies when architecture VPNs to improve the security of VPN, which solves few partial problems, and the security required for modern VPNs, such as authentication, confidentiality, complete, and undeniable Easy to use, etc., it needs to adopt better safety technology. In terms of technology, in addition to the firewall-based VPN, there can be other structural methods, such as a black box-based VPN, a router-based VPN, a remote access VPN or a software-based VPN. The VPN constructed in reality is often not limited to a single structure, but tends to adopt a mixed structure to achieve the most suitable environment, the ideal effect. In implementation, the basic idea of VPN is to adopt a secret communication channel, which is implemented with an encrypted approach. Specific agreements generally have three: PPTP, L2TP and IPsec.
Among them, PPTP (Point-to-Point Tunneling Protocol is a point-to-point protocol, dial-based PPP protocol uses encryption algorithms such as PAP or CHAP, or uses Microsoft point-to-point addending algorithm. L2TP (Layer 2 Tunneling Protocol) is a combination of L2FP (Layer 2 Forwarding Protocol) and PPTP. Relying on the PPP protocol to establish a dial-up connection, the encryption method is similar to PPTP, but this is a two-layer protocol that supports non-IP protocols. The transfer of packets, such as ATM or X.25, can also be said that L2TP is the promotion of PPTP in the actual application environment.
Whether it is PPTP, or L2TP, their support for modern security needs is not perfect, and the application range is not wide enough. In fact, the digital certificate supported by PKI technology is lacking in the most important security features. Simply put, the digital certificate can be considered a user's passport, making him (she) have the right to use the VPN, and the certificate also provides an audit mechanism for the user's activities. The VPN lacking the digital certificate is much different for support for authentication, integrity, and undenny.
PKI technology-based IPsec protocol has now become the foundation of architecture VPN, which can provide encryption and authentication between routers, firewalls or routers and firewalls. Although its implementation is complex, its security is much better than other agreements. Since IPsec is an agreement on the IP layer, it is easy to form a specification around the world, which has very good versatility, and IPsec itself supports future protocols - IPv6. In short, IPSec is still a development agreement. As mature public key cryptography is increasing in IPSec, it is believed that in the next few years, the agreement will play an increasingly important role in the VPN world. 2, secure email
As the most effective application on the Internet, email has become a standard information exchange tool in modern business with its easy, low cost and efficient. With the continuous growth of the Internet, commercial organizations or government agencies have begun to exchange some secrets or business values, which leads to some security issues, including:
● Messages and attachments can be read, tampered or cut off without the communication between the communication;
● There is no way to determine if an email is really from someone, that is, the identity of the sender may be forged.
The previous problem is safe, the latter problem is trust, is due to the lack of security and trust makes the company, institutions generally do not need e-mail exchange critical business information, although the email itself has such an advantage.
In fact, the security needs of emails are also confidential, complete, certified, and undeniable, and these can be obtained using PKI technology. Specifically, use the digital certificate and private key, the user can digitally sign the mail he sent so that authentication, integrity, and undisporant can be obtained, if the certificate is issued by its own company or a trusted third party If you receive the mail, you can trust the source of the email, whether he is a person who knows an email; on the other hand, in the case of policy and law, use encryption methods to ensure confidentiality of information.
The current development of fast-moving security email protocols is S / MUME (The Secure MultiPurpose InternetMail Extension), which is a protocol that allows encryption and signature mail. The implementation of the protocol needs to rely on PKI technology.
3. Web security
Browsing the web page may be the way people who are most commonly used access Internet. General browsing may not make people feel unstoppable, but when you fill in the form data, you have aware of your personal sensitive information may be intercepted by some people who have been tuned, and if you or your company wants to pass Web make some commercial transactions, how do you guarantee the security of the transaction?
Generally speaking, the security issues that may bring on the Web have:
● Fraud - Create a website is a very easy to spend a lot of money, some people even copy someone else's page. Therefore, it is very simple to disguise a business agency, then it allows visitors to fill in a detailed registration information, and also pretend to ensure personal privacy, and actually to obtain visitors' privacy. The survey shows that the leakage of the email address and credit card number is so this.
● Leakage ---- When the transaction is transmitted on the Internet "naked" spread, the eavesdropper can easily intercept and extract sensitive information.
● Tamper --- people who intercepted the information can also do some "Gao Ming" work, he can replace the values of some domains, such as name, credit card number, and even the amount to achieve its own purpose.
● Attack ---- mainly attacks on the web server, such as the famous DDOS (Distributed Denial Service Attack). The initiator of the attack can be a bad person, or it can be a competitor of peers.
To transparently solve the security problem of the web, the most suitable start-up is a browser. Now, both Internet Explorer or Netscape Navigator supports the SSL protocol (The Secure Sockets Layer). This is a secure communication layer between the transport layer and the application layer, before the two entities are communicating, first establish an SSL connection to implement security communication transparent to the application layer. With PKI technology, the SSL protocol allows encryption communication between the browser and the server. In addition, digital certificates can be utilized to ensure communication security, the server-side and browser ends are issued by trusted third parties, so that both sides can confirm the other party by digital certificates. It should be noted that the SSL protocol itself does not provide support for undisurable, and this part of this must be completed by a digital certificate. Combined with SSL protocols and digital certificates, PKI technology guarantees the security needs of web trading to make the transactions on the web as safe as facing deals.
4. Application of e-commerce
PKI technology is the key to solving e-commerce security issues, and the various applications of PKI can build a trusted and secure network. Here, we have a credible certification center, typical such as banks, governments or other third parties. In communication, using digital certificates can eliminate the risk of anonymity, using encryption technology to eliminate the risk of open networks, so that business transactions can be safe and reliably.
Online business behavior is only a hot application of PKI technology. It must be seen that PKI is still in development. For example, in addition to the needs of identity authentication, it is now proposed to propose certification needs for trading timestamps. PKI's application prospects are not limited to online business behavior. In fact, all aspects of online life have PKI's application world, not only in wired networks, even in wireless communications, PKI technology has been widely used.
2) The development of PKI
With the continuous in-depth of PKI technology applications, PKI technology itself is constantly developing and changing. In recent years, there is an important change:
1, attribute certificate
X.509 V4 adds the concept of attribute certificates. Laboring the Properties Certificate does not file an authorized management infrastructure (PMI, Privilege Management Infrastructure). The core idea of PMI authorization technology is based on resource management as the core, and will manage the access control of resources to the authorization authority, namely the owner of the resource for access control management.
In PKI trust technology, the authorization certificate is ideal for fine-grained, role-based access control fields. The original meaning of the X.509 public key certificate is very simple, that is, providing an invisible evidence for a person's identity. However, people will soon discover that in many applications, such as e-government, e-commerce applications, the information needed is far more than identity information, especially when the transaction has nothing to do with each other. In this case, the permissions or attribute information about a person is much more important than its identity information. In order to save additional information in the certificate, the public key certificate extension is introduced in X.509 V4, which can save any type of additional data. Subsequently, each certificate system has introduced its own proprietary certificate extension to meet the needs of their respective applications.
2, roaming certificate
The popularity of certificates naturally produces portability needs, and now, only two actual solutions that can provide certificates and their mobile key mobility: The first is smart card technology. In this technique, the public key / private key is stored on the card, but this method has defects, such as easy to lose and damage, and rely on the card reader (although the smart key with USB interface does not rely on the card reader, but cost Too high; the second choice is to copy the certificate and private key to a floppy disk, but the floppy disk is not only easy to lose and damage, but also the security is also poor. A new solution is to use roaming certificates, which are provided through third-party software, just to be properly configured in any system, the software (or plugin) can allow users to access their public key / private key pairs. Its basic principle is simple, and the user's certificate and private key are placed on a secure central server. When the user logs in to a local system, the public key / private key pair is safely retrieved from the server, and put it in After the memory of the local system is used, the software automatically deletes the user certificate and private key stored in the local system after the user has completed the work and log out of the local system.
3, wireless PKI (WPKI)
With the widespread application of wireless communication technology, security issues in wireless communications have also caused extensive attention. Problems directly apply PKI technology in the field of wireless communication: One is limited to wireless terminals (computing power, storage capacity, power supply, etc.); the second is different in communication mode. In order to adapt to these needs, the WPKi draft has been published, and its contents relate to WPKI mode of operation, how WPKI is combined with the current PKI service.
Three different communication security modes are defined in WPKI. In terms of certificate coding, WPKI certificate formats want to minimize the amount of storage required for regular certificates. There are two types of mechanisms: one is to redefine a certificate format to reduce the X.509 certificate size; its second is to use the ECC algorithm to reduce the size of the certificate because the length of the ECC key is more than other algorithms. Key It's much short. WPKI also limits the size of a data area in the IETF PKIX certificate. Since the WPKI certificate is a branch of the PKIX certificate, it is also necessary to consider interoperability between standard PKIs.
In summary, research and application of WPKi technology is in exploration, it represents an important trend in the development of PKI technology.
