1

Wireless Security 4 – Wireless Public Key Infrastructure

Chapter 15 of Wireless Maximum Security by Peikari, C. and Fogie, S.

2

WPKI

Public key cryptography Digital signatures Certificate authorities Wireless PKI implementation Transaction confirmation Integrity of user identities 3rd Party services WAP PKI

3

Public key cryptography RSA 非對稱密鑰密碼演算法

based on the difficulty 艱難 of factoring 因子分解 larger numbers Used in digital signature 數位簽署 and key

exchange 交換 operations 操作 DSA

Based on the difficulty of calculating discrete 離散 logarithms

Used in digital signature Diffie-Hellman

Based on the difficulty of calculating discrete logarithms in the finite field

Used for key exchange only

4

Digital signatures 數位簽署 To tackle 處理 spoofing 電子欺騙 or

tampering 損害 One-way Hash 散列 Algorithms 演算法

A hash utilizes 1-way (irreversible 不能倒逆的 ) mathematical function (a hash algorithm) to transform 變換 data into a fixed-length unique digest, known as the hash value.

MD5 produces 128-bit hash value SHA-1 produces 160-bit hash value (more

secure)

5

Certificate 証書 authorities 權威 Is any entity 實體 or service that issues 發

料 certificates CAs act as guarantors of the binding 連結

between the public key and the owner’s identity information and is contained in the certificates it issues.

Companies will outsource this service to a commercial CA such as VeriSign.

A certificate is a public key that is digitally signed and packaged 封裝 for use in a PKI.

6

Certificate authorities

X.509 v3 Certificate Standard specifies 設定 the certificate format 格式 for information about the person or entity to which the certificate is issued, information about the certificate, plus optional information about CA issuing the certificate.

Certificate format: version, serial no., signature, issuer, validity 驗證 , subject, subject’s PK information, Issuer unique identifier, extensions 延伸

7

PKI Weakness 弱點

Stop the user to use Certificate Revocation 廢止 , 取消 , 撤回 List

50 ways to defeat PKI – by Fred Cohen Basic social engineering, DOS,

cryptographic weakness exploitation 開發

8

Wireless PKI Implementation

http://www.entrust.com The Entrust Secure Web Portal solution

uses both wired and wireless techniques for authentication Basic security with username/password Enhanced security with digital signature plan Enhanced security with two factor authentication

9

3rd Party Services

Introduce additional security challenges 挑戰

Entrust 信託 uses digital IDs, tamper-resistant logs, time stamping 戳記 , various toolkits to ensure data integrity and confidentiality

10

WAP PKI

Leaders in WAP PKI – SmartTrust (http://www.smartrust.com)

Focus on infrastructure software for managing securing mobile e-services

WAP PKI model CA PK Certificates used for WTLS Class 2 Client PK Certificates used for WTLS Class 3 Client PK Certificates used with WMLScript

SignText

11

Server and client certificates in WAP PKI

Server certificate Needs to be downloaded into the WAP

client for server (gateway) authentication purposes.

Limited processing capabilities in handling parsing 語法分析 which is required to interpret a standard X.509 certificate

12

Server and client certificates in WAP PKI

Client certificate To be capable of handling client authentication

for WTLS sessions (WTLS Class 3) To support WMLScript SignText, which involves

digital signatures. Client certificate information (a certificate URL

rather than the complete certificate) is defined to be stored in a WIM (WAP identity Module) but not the complete certificate

13

WTLS Class 2 and Class 3

WTLS Class 2 Provide the capability for

the client to authenticate the identity of the gateway with which it is communicating.

Identical to SSL Optimized for low-

bandwidth bearer networks with relatively long latency

WTLS Class 3 Add client authentication

through having the client respond to a challenge during the initial session negotiation

WTLS Class 3 requires access to a private key to sign the challenge message sent from the gateway server.

The private key is stored within a tamperproof device (WIM) stored in the SIM card.

14

WMLScript SignText

An electronic transaction requires signature as well.

WAP SignText() method provides for standardized digital signature on visible text-based content.

The Crypto.signText function specifics a signed content format to be used to convey signed data both to and from WAP devices.

WAP client browser identifies certain tags in the WMLScript and activates the Crypto.signText function

15

WAP Certificate Management Issues

Certificates need an issuer, commonly the CA.

The CA needs to provide a policy behind certificates that the users understand the trust.

All entities need to find and install the CA certificate in a trusted way.

More information can be found in the reference book.

16

Limitations

The server is not compliant with X.509. PKI is considered fairly immature. Does not include status checking of

server certificates Short lived (48 hours) certificates

17

WAP Security Token – p321

Provide for both tamperproof storage of private keys and execution of the algorithm resulting in a digital signature.

A device hosting a WIM exist in 4 different ways A combined SIM/WIM chip In a separate SIM and WIM chips As a dual slot device for an easily-removable

WIM A hardware component WIM effectively built into

the device

18

WAP Certificate Enrollment

WAP-217-WPKI-20010424-a Proof-of-possession involves having

the subject requesting a certificate utilize the private key in the request creating digitally signed data

Problem: wireless devices have limited display and computing processing power

19

Certificate Request

A PKCS #10 request contains an ASN.1-encoded structure of binary data not very suitable for the human eye (or mind).

Adjust to human point of view PKI portal restructures the information and

create a suitable request to a CA. PKI portal takes the role of a registration

authority (RA).

20

Certificate Delivery – 2 ways

WIM will not contain any details about the certificate other than the public key identity.

To deliver a full X.509 corticated, or a pointer location to the actual location of the issued certificate.

This requires the WIM to be capable of receiving an over-the-air update with the relevant data.

21

Device Certificate

The device manufacturer’s quality guarantee regarding the key, the device storing the key, and related procedures.

Security of the key pair needs to be guaranteed by the manufacturer or issuer) of the device.