PKI Concepts

  • Reference URL: https://pki-tutorial.readthedocs.io/en/latest/

  • Certification is the fundamental function of all PKIs. Certificates provide a secure way to publishing public keys so that their validity can be trusted. The certificate is used to identify an entity.

  • The goal of PKI is to enable secure communication among parties who have never met before. This relies on trusted third parties called certification authorities to issue certificates that we trust.

  • A PKI binds the entity’s (server’s) public keys to the entity’s identity by means of a Certificate Authority (CA)

  • A CA is a centralised trusted third party whose public key is already known

  • The RSA key pair contains a private key (not to be shared) and a public key (that can be shared).

  • The private key also contains the public key.

  • X.509 is a specification upon which Secure Multipurpose Internet Mail Extensions (S/MIME) and Transport Layer Security (TLS) are based. The is the format that most web certificates use.

Digital Certificates

  • a server’s digital certificate holds

    • the name of the subscriber, which can be a person, a client computer or a web server

    • the subscriber or server’s public key

    • the digital signature

  • its primary purpose is to present the user agent (like a browser) with a public key that should then be used to encrypt a symmetric key which is subsequently used to protect the remainder of the connection traffic.

  • a certificate is required to prevent a man-in-the-middle attack

  • SSL requires a trusted intermediary (a CA) to sign the server’s public key using the CA’s private key. The client must verify this certificate by using the CA’s public key to authenticate this certificate. Web browsers have a list of trusted CA public keys just for this purpose.

  • To foil a man-in-the-middle (MITM) attack, a properly formatted server certificate needs to have not only the public key of the server, but also its domain name - all signed by the CA / trusted intermediary.

  • Thus, at a minimum, the client needs to have

    • the trusted CA’s public key

    • the server’s certificate which includes the server’s public key and domain name

    • a validity period for the certificate

    • a Serial ID, a unique number within the CA assigned to each certificate. This prevents a MITM attacker from using an old CA with an old Serial ID.

X.509 v3 certificate structure

  • Certificate

    • Version: Indicates the X.509 version, which should be 3 (0x2)

    • Serial Number: Positive integer issued by the CA that is unique within the CA list of certificates. It prevents a MITM attacker from using an old CA within its validity period which comes with an old Serial ID.

    • Algorithm ID: Same value as the Certificate Signature Algorithm field.

    • Issuer:

      • CN: Common Name. This contains the domain name for a HTTPS server, e.g. CN=*.example.com to show that the server also allow for any subdomains. Additional domains can be specified in the extension Subject Alternative Names.

      • L: Locality Name

      • ST: State or Province

      • O: Organisation Name

      • OU: Organisation Unit name

      • C: Country

    • Validity: The period for which the certificate is valid.

      • Not Before:

      • Not After:

    • Subject:

    • Subject public key info: This depends on the algorithm and its specific parameter, e.g.:

      • algorithm: rsa encryption:

      • key size: 2048

      • exponent: 0x100001

      • modules: 00:ec:82:3f:…..

    • Issuer Unique Identifier (optional):

    • Subject Unique Identifier (optional):

    • Extensions (option):

      • ….:

  • Certificate Signature Algorithm:

  • Certificate Signature: