PKI enrollment is the process of adding a PKI user (such as a person, a device, or an application) to the PKI. The enrollment is done in the following way:
An enrolling user obtains the CA certificate (self-signed) in which the public key of the CA is embedded. This public key will be used to verify the digital signature on certificates of the other entities.
The enrolling user sends its identity information and public key to the CA.
The CA verifies (authenticates) the user, signs the submitted information, and returns the signed data in the form of a certificate.
The user verifies the returned certificate using the public key of the CA from the previously obtained CA certificate.
The enrollment procedure is the initial step of establishing trust between a user and the CA. If the process is executed over an untrusted network, it would be vulnerable to man-in-the-middle attacks. Therefore, it has to be secured in such cases.
Man-in-the-Middle PKI Enrollment Attack
Without any additional protection for the enrollment process, a man-in-the-middle attack can be used to spoof identities. The attacker could replace the submitted public key of the user with the public key of the attacker, causing the CA to possibly issue a certificate to the attacker instead of to the legitimate user. The attacker could replace the real CA certificate with the false CA certificate of the attacker when the end user requests the certificate of the CA. The end user would then trust the CA of the attacker instead of the real CA.
The attacker would replace only the public key of the user, not the identity (name) of the user. When the CA issues the certificate, the attacker can pretend to be the user by presenting the certificate with the name of the user but the public key of the attacker.
Secure PKI Enrollment
To mitigate the risk of interception and key substitution during enrollment, the enrollment procedure needs to incorporate two out-of-band authentication procedures:
This can be done by out-of-band exchange of fingerprints of the messages (certificates). If the out-of-band received fingerprint matches the fingerprint of the received message, the message is authentic. However, if the enrollment is completed over a secure network, where interception is not possible, those security procedures might be relaxed or omitted completely.
To verify that the correct CA certificate has been received, a local hash (fingerprint) of the received information is calculated, as shown in Figure 25-6. This fingerprint is compared to the true CA certificate fingerprint, obtained over the telephone or another secure channel. If they match, the true CA certificate has been received.
Figure 25-6. Manually Securing PKI Enrollment
When the user submits identity and public key information, a local hash (fingerprint) of the submitted information is calculated again. The CA also performs a hashing procedure of the received information. The CA then compares its hash of the received information to the hash of the user of the submitted information over the telephone or any other secure channel. If the two hashes match, the CA has received an unmodified enrollment request.
Part I: Cisco CallManager Fundamentals
Introduction to Cisco Unified Communications and Cisco Unified CallManager
Cisco Unified CallManager Clustering and Deployment Options
Cisco Unified CallManager Installation and Upgrades
Part II: IPT Devices and Users
Cisco IP Phones and Other User Devices
Configuring Cisco Unified CallManager to Support IP Phones
Cisco IP Telephony Users
Cisco Bulk Administration Tool
Part III: IPT Network Integration and Route Plan
Cisco Catalyst Switches
Configuring Cisco Gateways and Trunks
Cisco Unified CallManager Route Plan Basics
Cisco Unified CallManager Advanced Route Plans
Configuring Hunt Groups and Call Coverage
Implementing Telephony Call Restrictions and Control
Implementing Multiple-Site Deployments
Part IV: VoIP Features
Configuring User Features, Part 1
Configuring User Features, Part 2
Configuring Cisco Unified CallManager Attendant Console
Configuring Cisco IP Manager Assistant
Part V: IPT Security
Securing the Windows Operating System
Securing Cisco Unified CallManager Administration
Preventing Toll Fraud
Hardening the IP Phone
Understanding Cryptographic Fundamentals
Understanding the Public Key Infrastructure
Understanding Cisco IP Telephony Authentication and Encryption Fundamentals
Configuring Cisco IP Telephony Authentication and Encryption
Part VI: IP Video
Introducing IP Video Telephony
Configuring Cisco VT Advantage
Part VII: IPT Management
Introducing Database Tools and Cisco Unified CallManager Serviceability
Configuring Alarms and Traces
Using Additional Management and Monitoring Tools
Part VIII: Appendix
Appendix A. Answers to Review Questions