You will all have seen the symbol of the padlock in the bottom of your browser window, and may even refuse to buy things over the Internet unless the web site you’re viewing has one. But how do certificates work really?

A digital certificate is an electronic document which includes a digital signature and a public  key which is used to encrypt data transfers so that they cannot be intercepted and read. I will explain these terms in a moment, but before I do, it is necessary for a quick refresher course in mathematics!

Some background

Encryption technologies are used to guarantee privacy (ie that the data cannot be read by an unauthorised party), and also to guarantee authenticity (ie that the information did in fact come from the course from which it claims to have come).

Encryption is by no means a new technology. The term “cryptography” is derived from the Greek kryptós, meaning hidden, and gráphein, meaning to write, and has been used for centuries to encode communications to prevent the information contained within them from falling into the wrong hands.

Cryptography enables two parties (the sender and the receiver) to convert readable information (also referred to as plaintext) into scrambled information by means of applying a cipher to it, resulting in ciphertext, which can only be read by someone who has that same cipher. Ciphertext is said to be encrypted. In modern encryption technology, ciphers are referred to as keys.

It is important to note that no encryption system is infallible: rather that encryption aims to do is make unauthorised access to data so complicated, so time-consuming, that the potential value that might be gained from the data accessed is offset by the cost of decrypting it.

Security

Encryption seeks to provide four main functions:

Confidentiality – assurance that only authorised users can read or use the confidential information being communicated, and that to anyone who does manage to “eavesdrop” the communication, the information will be unreadable.

Authentication – verification of the identities of the parties at each end of the communication.

Integrity – verification that the original contents of the information has not been altered or corrupted, either deliberately or accidentally.

Non-repudiation – assurance that a party involved in the communication cannot falsely deny that a part of the communication actually occurred.

Mathematics to the rescue!

To make information secure, plaintext is converted into ciphertext by applying anencryption algorithm to it.

An algorithm is basically a very difficult mathematical problem to solve, and by difficult, I mean difficult for a modern computer.

An algorithm describes the steps to take to resolve a mathematical problem. A simple algorithm would be addition: take the values a and b, apply the algorithm to give a resulting value (or output) of a+b.

A problem is said to be “difficult” if the fastest algorithm to solve the problem takes a long time relative to the input size. Therefore factoring 15 to give 3x5 is said to be a simple problem. Factoring a much larger number is more difficult, but the algorithm remains the same. Addition and factorisation are example of polynomial algorithms: the time taken to resolve the problem is proportional to the size of the numbers involved.

Modern encryption methods rely on exponential algorithms – as the size of the numbers involved increases, the time taken to resolve the problem increases disproportionately.

To encrypt data, its value is adjusted by a pre-defined amount by applying an algorithm to it. The amount by which the data is adjusted is specified by a key. To decrypt the encrypted data the same key is required.

Encryption methods

There are two main categories into which an encryption mechanism can fall:

·         Symmetric

·         Asymmetric

Symmetric encryption involves using the same key for both encryption and decryption. Symmetric keys are also known as shared secret keys, as the same key is shared by the sender and receiver, but it is kept secret from other parties.

This method of encryption is used by SSL / TLS, the mechanism  used by most e-commerce sites and other secured web sites. This method has drawbacks, however, as the same key is used for both encryption and decryption, if anyone were to obtain the key, they would be able to decode encrypted messages.

Asymmetric, or public-key, encryption uses different keys for the encryption and decryption of data. This requires the use of a public key, which is available to other parties, and a private key, which is known only to the sender. The public key is used to encrypt the data, but only the private key can be used to decrypt it.

To explain this concept, think of a safe with a double-acting lock. The safe can only be locked with one key. Once locked, it cannot then be unlocked with the same key, a second key is required. This second key can only unlock the safe, it cannot then lock it again. Nether can be created from the other.

Imagine now that you take the locking key and copy it 1000 times and distribute it freely. If anyone wants to put anything in the safe they can use their key to lock it, but only you can use your key to unlock it. The only drawback is that, because 1000 people have the locking key, you cannot be sure who put the data in the safe. Therefore a means of “signing” data is required to guarantee the identity of the sender, to prove that the data is authentic.

Digital Signatures

Just as a handwritten signature is used to identify an individual for the purposes of legal or financial proceedings, so are digital signatures used to identify electronic entities – to prove that the source from which the data is coming is really that which it claims to be – to provide authentication.

The most common form of digital signature is to sign a message digest with the sender’s private key.

Message Digests

In order to ensure that the decrypted data received has not been altered en route or become corrupted, message digests are used, also referred to as hash functions. These verify the integrity of the data and are commonly 128 to 160 bits in length.

Digests, or hashes, are mathematical functions that process the data to generate a value. As we saw in my post on TCP/IP (http://blog.devicewire.com/blogs/devicewire/archive/2008/06/21/tcp-ip-an-introduction.aspx), data integrity can be verified by a checksum: the value of the 1s and 0s contained in the binary data is submitted to a mathematical algorithm to give a resulting value. The data is then subjected to the same algorithm at the receiving end, and should the values not match, the data is deemed to be corrupt. The checksum operation performed in this situation is much more complicated than the CRC check performed by TCP when verifying received packets.

The two most common forms of message digest in use today are MD5 and SHA-1.

Secure Key Exchange

In order for symmetric key encryption to work, the secret key must be shared securely to prevent it falling into the wrong hands. The two most commonly-used key-exchange algorithms used today are:

·         Diffie-Hellman Key Agreement

·         RSA Key Exchange Process

Should the data transfer be intercepted in transit, both methods make it difficult for the interceptor to calculate the key required to decrypt the data being transmitted. The Diffie-Hellman Agreement is generally considered to be the more secure of the two.

Diffie-Hellman Key Exchange

This form of key exchange itself actually uses public key encryption technology. To preserve security, the key itself is never transmitted. The client only needs to prove that it has the correct key. The procedure is as follows:

·         The client indicates to the server that it wants to connect.

·         The server then sends a random number to the client. This is also known as the challenge.

·         The client then performs a computation using its key and the random number, and sends the result, the response, back to the server.

·         The server then performs the same computation using the same random number and its copy of the key.

If they keys match, the result of the computation will match, and the client will be authenticated and accepted.

Who do you trust?

By themselves, private and public keys cannot provide proof that they belong to an alleged individual or electronic entity. There has to be a way of verifying the identity of the owner of a key pair. On the Internet as well as on local networks, this is performed by a third party, known as a Certification Authority, or CA. VeriSign is an example of a Certification Authority. CAs sign public and private encryption keys with a digital signature to prove that their identity is genuine: if the CA is trusted, then any key that has been signed by that authority is also trusted.

Digital certificates provide similar functions to identification cards and passports:

·         It contains personal information to help trace the owner

·         It contains the information that is required to identify and contact the issuing authority

·         It is designed to be taper resistant and difficult to counterfeit

·         It is issued by an authority that can revoke the certificate at any time

·         It can be checked for revocation by contacting the certification authority

There are different “levels” of CA: root CAs can be used to verify lower-level CAs who in turn verify end-user certificates. These are known as intermediate CAs.

You can view the certificates and certifying authorities that your web browser has been configured to use. In the case of Internet Explorer, this is done by opening the Tools menu and selecting Internet Options. Click on the Content tab, the following window will be displayed:

Click on the Certificates button, the following window will be displayed:

Certificates are divided into a number of categories:

Personal – certificates in the personal category have been signed using the user’s private key

Other People – certificates in this category are those that are not in the Personal category but are not from a CA

Intermediate Certification Authorities – this category contains all certificates for CAs that are not root CAs.

Trusted Root Certification Authorities–this category contains certificates issued by root CAs. If a root CA’s certificate is listed in this category, then you are trusting content from all sites, people and publishers who have themselves been issued certificates by this CA.

Trusted Publishers – this category contains certificates from publishers who have been explicitly trusted by the user, ie not necessarily CA-verified.

Breaking the code

Symmetric key encryption can be the subject of attacks: the attacker tries each possible key until the right key is found. This approach is also known as a brute force attack.

Generally, you can minimise the possibility of a successful attack by using a longer key length. For example, for a 40-bit key, there are 2 to the power of 40 possible values (2⁴⁰). Using a relatively standard PC that can compute 1 million keys per second, an attacker can try al possible keys in about 13 days. However, a 128-bit key has 2¹²⁸ possible values. Even if you could use a computer that was capable of trying 100 billion keys a second, and you used 10 million of these computers simultaneously, it would still take about 10¹³ years to try every possible value!