There are two types of cryptography – symmetric and asymmetric. In one of my previous blog posts, I had written about symmetric cryptography. In this blog post, I’m writing about Public Key Infrastructure (PKI), which uses asymmetric cryptography.
PKI is a security architecture used for secure communication over Internet. PKI enables users to exchange information or perform monetary transactions securely through Internet. PKI ensures the authenticity of the sender, security and accuracy of the information sent to the receiver. It provides assurance that the information sent is accurate and authentic and it can be produced as evidence in court.
The most popular and widely used algorithm used for encryption in asymmetric cryptography is RSA.
Two keys are used in PKI for encrypting and decrypting the information sent – public and private. The information encrypted with a public key can only be decrypted using the corresponding private key and vice versa. The public key is shared whereas the private key is known only to its owner. The private key cannot be derived from the public key. The private key is protected by a password to avoid theft or misuse.
The key management supports renewal, revocation and recovery of keys. Secure backup of private keys is needed to recover them. To support non-repudiation, the backup of private key is not done. Instead two key pairs are used – one pair to encrypt/decrypt the message and another pair for digital signature and its verification.
A third party such as investigation agency can be provided the private keys to ensure law enforcement. This is called as key escrow.
A digital certificate also called as Digital Signature Certificate (DSC) which confirms to ITU-T standard X.509, is used in PKI for electronic identification of sender. Either a software application can be used to generate it or it is issued by a Certificate Authority (CA). The CA issues both public and private keys. The requester (person or organization) of the digital certificate can prefer to generate his own key pair. This ensures that only the requester knows the private key. The private key is issued only to the requester if the requester does not generate his own keys. The public key is included in the digital certificate. The owner of the private key and the encryption algorithm used is included in the digital certificate. Other information which identifies the owner (an individual or an organization) such as name, address, date of birth etc. is also included in the digital certificate. The digital certificate is shared publicly in a repository. The list of revoked certificates is also maintained in the repository.
The digital certificate is digitally signed by the CA to ensure that it is not tampered. A digital signature is a unique hash code generated using the information in the digital certificate and it is encrypted with the private key of root certificate. All digital certificates issued by a CA are present in a tree structure. The root certificate which is a self-signed certificate, forms the top most certificate in the tree. A CA can have many root certificates. The private key of root certificate is used to digitally sign the certificates below it. Thus, the certificates below it inherit its trustworthiness.
To verify the authenticity of the digital certificate, the digital signature is decrypted with the root certificate’s public key and hashing is performed again on the decrypted information. If the hash code matches, the digital certificate is indeed issued by the CA.
When the key pair is updated, the history of previous keys is also maintained. The private keys are stored securely. However, the history of previous digital signatures is not maintained. When the key pair used for digital signature is updated, the old key pair is discarded.
A Registration Authority (RA) works as a verifier for CA. It performs checks on the requester of digital certificate. A digital certificate is issued by CA only after verification of identity of the requester.
In India, Controller of Certifying Authorities (CCA) provides license to the CAs and regulates their work under the Information Technology (IT) Act. Only the licensed CAs can issue a digital certificate.
Licensed CAs in India
- Safe Scrypt
- National Informatics Center
- IDRBT
- Tata Consultancy Services
- MTNL
- (n)Code Solutions Ltd.
- e-Mudhra
VeriSign is not a licensed CA in India. If a digital certificate is issued by CA of a foreign country, its sanctity is determined as per the agreement between that CA and a licensed CA in India. Such an agreement should be approved by CCA. SafeScrypt, a subsidiary of Sify Technologies Ltd. and a VeriSign affiliate, is a licensed CA in India.
All digital certificates issued under the IT Act are available online in a repository called National Repository of Digital Certificates (NRDC). The NRDC also contains the list of revoked certificates also known as Certificate Revocation List (CRL).
The Root Certifying Authority of India (RCAI) has been established by the CCA under the IT Act to digitally sign the public keys of CAs in India. The RCAI provides the root certificates in India.
Classes of Digital Certificates issued by CAs in India
- Class 0 certificate – This certificate is issued only for demonstration or testing purposes.
- Class 1 certificate – This is issued to individual or private subscribers. Only the subscriber’s name and e-mail address are maintained by the CA.
- Class 2 certificate – This certificate is be used for business or personal use. The subscriber needs to provide additional information to obtain it and it confirms that the information does not contradict in well recognized consumer databases.
- Class 3 certificate – This certificate is primarily intended for e-commerce applications. It is issued to individuals and organizations by the CA only after verification.
Apart from the above four types of classes of certificates, the CA may issue more types. The purpose of these classes and verification methods used to issue them should be clearly stated by the CA.
Cross-border interoperability with digital certificates
Multiple CAs issue digital certificates. The interoperability between two national CAs or a national CA and a foreign CA is called as Cross Certification. The licensed CAs within India have to apply to CCA before performing cross certification between them. All disputes related to this are submitted to the CCA for resolution. All cross certification arrangements between a national CA and foreign CA should be applied to CCA. The licensed CAs in India cannot perform cross certification without written or digital signature approval from CCA.
How does it work?
When an electronic message is sent to the receiver, it is encrypted with the public key of receiver. The sender can retrieve receiver’s public key from the repository or obtain it from the receiver and encrypt the message using it. The receiver decrypts the message using the corresponding private key. If the receiver is able to decrypt the information, it is certain that it is the intended recipient. However in this case, the accuracy of information or authenticity of sender is not established.
Since asymmetric cryptography algorithms are slower compared to symmetric cryptography algorithms, the message is usually encrypted with a symmetric key. The symmetric key is encrypted with the public key. The encrypted message along with the encrypted symmetric key is sent to the receiver. This reduces the time required to encrypt/decrypt the message.
To ensure that the message is sent by an authentic sender and it has not been tampered en-route, a digital signature is also sent along with the encrypted message. The digital signature is a unique hash code generated from the content of the message which is encrypted using the sender’s private key. The receiver uses the public key of the sender to decrypt the digital signature. Once the hash code in the digital signature is obtained, the receiver performs hashing on the decrypted message and if the hash values match then the message can be retained. Otherwise, the message is either sent by someone under the false identity of the sender or it has been altered and is then discarded.
The digital signature provides non-repudiation i.e. a sender cannot deny sending of information since it is encrypted with the sender’s private signature key.
The digital certificate sent along with the message is verified from the CA that issued it, to ensure its genuineness. The CRL is also checked to ensure that the digital certificate has not been revoked.
The client-side software applications which support PKI should validate the CA’s digital signature on certificates and ensure that they are valid. The interaction between PKI-enabled client applications and the key recovery and backup system should be secure. The client software should update the keys transparently. It should be able to securely recover user’s key history.
Pretty Good Privacy (PGP)
Pretty Good Privacy (PGP) is a program which uses PKI for securing e-mails. It is also used to encrypt the files stored on hard disks.
PKI in cloud
PKI is also used in cloud environments to ensure secure communication.
SSL Certificate
The SSL certificate is a digital certificate used to identify web servers. Secure Socket Layer (SSL) is a protocol created by Netscape for secure communication between web servers and web browsers. When a browser requests a secure page (using https protocol), the web server sends its SSL certificate. The web browser first verifies that the SSL certificate is issued by a trusted CA and whether it is valid. The web browser then encrypts the URL and request data using a symmetric key. The symmetric key is then encrypted by the web browser using the public key of SSL certificate. The web browser sends the encrypted symmetric key, URL and the data to the server. The web server decrypts the symmetric key with the corresponding private key and uses it to decrypt the URL and data. The web server then sends the response encrypted with symmetric key. The web browser decrypts the response data using the symmetric key.
Code Signing Certificate
This is a digital certificate used to identify code publisher. The information about the code publisher is included in the digital certificate. This certificate is digital signed by the code publisher. The users downloading the software application from Internet can validate the digital certificate and thus ensure that it is indeed provided by a legitimate code publisher.