Authenticating via a Trusted Third Party

When you need to authenticate yourself to another person or service, yet you do not have a predetermined password set up to use for authentication, you can use mutually trusted third parties.

We'll look at managing mail resources using Web of Trust systems such as Pretty Good Privacy (PGP) and GNU Privacy Guard (GPG), and show you what you need to know about certificates, CAs, and public key infrastructure (PKI). Both Web of Trust and certificates use some combination of public and private keys.

Using Cryptography

The primary way to prevent transaction attacks is to select secure protocols that use cryptography to protect the messages. Cryptography relies on large keys that are used to encrypt data. The larger the key, the more secure and less likely it can be broken. There are two types of cryptography: symmetric and asymmetric.

In symmetric cryptography, two parties agree on an algorithm to use and on a shared session key based on the specified algorithm. The session key is used to both encrypt and decrypt the message. It is kept private between the two sides and as long as it remains private the two sides can send messages back and forth securely. This method is referred to as symmetric because the same key is used to both encrypt and decrypt messages. Although the symmetric method is fast, it can be less secure than other methods.

Asymmetric cryptography (also known as Public Key Infrastructure or PKI) uses a pair of keys for secure communication. It is asymmetric because is uses two different keys, one to encrypt (public key) and another to decrypt (private key). The public key can be distributed freely, but the private key is always kept secret. Messages that are encrypted with the public key can be decrypted only with the private key. For example, if you wanted to send a message privately, you would encrypt the message with the public key. Only the holder of the private key would be able to read the message. Conversely, if you encrypted the message with the private key, it could be decrypted only with the public key, thus assuring your identity. Asymmetric cryptography is very secure as long as the private key is not compromised. However, this method is slower than symmetric cryptography and has additional overhead. The S/MIME (Secure Multipurpose Internet Mail Extensions) protocol is an example of asymmetric cryptography (www.imc.org/ietf-smime/index.html).

Public and Private Keys

A public key can be available to everyone, and it has a corresponding private key, which should be kept secret. When someone encrypts data or a message with your public key, only your private key can decrypt the message. Keep this in mind through the rest of the lesson.

Web of Trust

A Web of Trust system is decentralized and is mostly useful with email programs. In a Web of Trust, you may not know someone, but if that person is trusted by someone you know, you can trust that person. For example:

• Alice knows and trusts Bob, but does not know Charles.

• Bob knows and trusts Charles.

• Alice can trust Charles because she trusts Bob, who trusts Charles.

There are a few drawbacks to the Web of Trust system. The exchange of trust information should take place in person, and although there are organized events such PGP signing parties, it can be cumbersome to get connected into a sizeable Web of Trust without implementing directory-based solutions, such as provided by PGP. Furthermore, the presence of PGP/GPG in an OS is not guaranteed; it must be manually checked for and, if not present, installed and configured.

More Info

For more information about PKI, including a list of relevant RFCs, see the IETF's PKI working group's site at www.ietf.org/html.charters/pkix-charter.html.