Trust Models for Secure Network Connections
Explore the concept of trust in cryptography.
Join the DZone community and get the full member experience.
Join For Free
The Concept of Trust in Cybersecurity
Everyone is talking about the strength of cryptography and its susceptibility to new generations of computing programs. For example, there’s a wealth of discussion about preferable algorithms that should be used for authentication and encryption. Much of this debate is framed within the context of fears and assumptions about a future in which quantum computing holds sway.
Quantum computing may make it possible to execute certain algorithms in a matter of seconds instead of days. The ramifications, should this eventuality come to pass, are huge, not just for cryptocurrencies but for the entire Internet. A quantum breakthrough raises the risk of breaking most of our existing encrypted security protocols — think online banking, VPNs, database storage, digital signatures, blockchains, and disk encryption. Although it looks like functional quantum computers are still a few years off, no one can be entirely sure quite how well they will work against cryptography until they are readily available.
As it stands, systems trust two elements in existing protocols: a level of cryptography that is hard to break and a trusted third party that signs certificates or your public key. If the first parameter is waiting for quantum computing power to invalidate it, the second one is subject to concerns as to its reliability. There are problems related to Certificate Authority (CA) hierarchy vulnerabilities that cast a shadow over TLS certificates and challenges related to the scalability of alternatives, but let’s look closer.
TLS Certificate and Types of Public/Private Key Encryption
A TLS/SSL certificate is a fairly reliable container that stores unique identifying information about its owner or what they must represent, such as a digital passport on the network. Digital certificates constitute the main protection against cyber attacks on the internet. With their help, sites, email correspondence, data exchange between applications and servers, user authentication, and much more are protected. The security of these certificates is based on the standard Transport Layer Security (the latest and the securest version is 1.3, but the most used is still TLS 1.2) that is the work of the open standard organization Internet Engineering Task Force (IETF).
TLS provides secure communication between web browsers and servers. The connection itself is secure because symmetric cryptography is used to encrypt the data transmitted. The keys are uniquely generated for each connection and are based on a shared secret negotiated at the beginning of the session, also known as a TLS handshake.
In order to provide the necessary level of security, cryptographic algorithms are the basis of TLS certificates. Best practices recommend that you navigate when configuring your certificate on the AEAD suites that provide strong authentication and key exchange, forward secrecy, and encryption of at least 128 bits. There are two popular ciphersuites for secure network protocols like HTTPS, FTPS, WebDAVS, AS2, POP3, IMAP, and SMTP:
- ECDHE-ECDSA
- ECDHE-RSA
Here is a short explainer of these cryptographic algorithms:
- ECDHE stands for Elliptic Curve Diffie-Hellman Ephemeral. We recall that the purpose of Diffie-Hellman is to exchange a secret over an insecure channel. Both sides build their own secret key from a value they received from the other participant – this is the key exchange. It's the asymmetrical formula that establishes the symmetrical connection; keys into a shared key, becoming an encrypted stream. ECDHE does not sign or verify the keys, ECDSA or RSA does that.
- RSA (Rivest–Shamir–Adleman) is an asymmetric system, which means that a key pair will be generated (we will see how soon), a public key and a private key. Obviously, you keep your private key secure and pass around the public one.
- ECDSA is public key-based, such as RSA, but it is sort of represented in an algebraic structure. ECC offers the same security as RSA but with a smaller footprint. Also, it’s less CPU intensive so it’s ideal for mobile devices and faster-acting networks.
Chain of Trust
The Public Key Infrastructure (PKI) is a framework for digital certificate management that provides authentication, encryption and data integrity. Its primary elements are public/private key pairs, certificate, certificate authority, and chain of trust.
When a web browser validates a certificate, it compares the certificate issuer with its list of trusted CAs. If the certificate was not issued by a trusted CA, the connecting application will then check to see if the certificate of the issuing CA was issued by a trusted CA, and so on until either a trusted CA is found or no trusted CA can be found and the device will usually display an error. The list of TLS/SSL certificates, from the root certificate to the end-user certificate, represents the chain of trust.
Web of Trust
Web of trust is a term used in cryptography to describe decentralized security models in which participants authenticate the identities of other users. An example of this can be found in PGP, GnuPG, and other OpenPGP-compatible systems. A web of trust is an essentially a bunch of people vouching for the identities of their fellow users and is called a key signing party. Its aim is to grow one’s network of verified keys beyond their local circle, through parties where people meet and sign each other’s attributes whilst give them an opportunity to talk about cryptography and socialize. In the web of trust, each user has a ring with a group of people's public keys.
Here it is the process of getting a certificate in the web of trust:
- Create a cryptographically secure keypair (RSA or ECDSA algorithms).
Generate a revocation certificate. It is an important step for having an emergency plan if you need to revoke the certificate that was stolen or lost.
- Make your public key public. For that, you can use Debian keyserver or any other.
- Print your key (key owner’s first & last name, email used with the key, the encryption method and the ID of the key – the fingerprint itself).
Hand out your key's fingerprint (actual verification process based on the government-issued ID of the person that often is at the key signing party).
- Get your key digitally signed.
- Send your signed key to the server.
- Sometime after having participated in a key signing, you will receive a signed key as an email attachment.
Since this procedure is rather limited for scalability and widespread use, it is mostly used to encrypt and ensure a high level of security for email correspondence. Web of trust represents an interesting way to get trusted certificates and avoid the vulnerabilities and limits of broadly used centralized PKI-compliant systems.
Network of Trust
PKI (d) represents a couple of nodes interconnected into a small blockchain network and some client applications. If one node fails, the system switches to another node. Each node has the same data, the same logic, and the same API. These nodes also replicate all the data, all the transaction history, and all the certificates’ statuses.
By utilizing such a design, PKI (d) provides an approach that on the one hand has similar security to that provided by a web of trust, and on the other hand, has the potential for scalability thanks to distributed and smartly designed cryptographic logic contained in blockchain solutions, like the open source REMME protocol.
It uses self-signed certificates that are signed by the same key it contains (not just by the same person or entity). From the point of view of centralized systems, this has no value, but PKI (d) provides security behind such certificates, providing decentralized distributed storage that has a reliable consensus algorithm that protects the network from being compromised. Node owners are limited by network settings and stimulated by economic incentives, so trust is incorporated into the blockchain architecture as a basic feature.
Each of the presented models has its own advantages and disadvantages. Web of trust is a better option for the small number of connections where secure data exchange plays a vital role. Chain of trust is an existing technology for large corporations and domain validation field. The network of trust that backs PKI (d) is an innovative approach that provides more value for existing users and in the same time opens the technology for those who couldn’t afford it before because of its complexity. It also provides a way to reduce the dependence of tech giants, making the technology itself more resilient to cyber attacks that can make sense for existing PKI clients.
Opinions expressed by DZone contributors are their own.
Comments