Apologies if this sounds like a newbie question!
PKI is often stated as being able to prove a site is legitimate, i.e. Amazon.co.uk is the real Amazon.co.uk
Can someone help explain how PKI/SSL makes this happen?
Thanks!
Asked
Active
Viewed 113 times
1
-
1A good link the second one. It mentions: The CA is supposed to "make sure" in some way that the public key is really owned by the named entity, and then issues (i.e. signs) the certificate; the CA also has its own public/private key pair. Is there a high level explanation of this? – GurdeepS Apr 03 '17 at 21:00
-
Personally, I find the explanation pretty high-level. Is there a particular aspect that you have problems understanding? – Arminius Apr 03 '17 at 21:03
-
I just found this link too, which explains the legitmacy side of things: http://crypto.stackexchange.com/questions/25159/how-does-a-certificate-authority-issue-a-digital-certificate Thanks for the link, it is good! – GurdeepS Apr 03 '17 at 21:06
1 Answers
1
It's easy to open an encrypted SSL/TLS channel with someone using asymmetric cryptography; your browser just grabs the site's public key. The hard part is knowing who you're actually talking to. Someone could be using a man-in-the-middle attack and you wouldn't know you've been given the wrong key, and thus are talking to an imposter.
That's where PKI comes in. The idea is that a mutually trusted third party, known as a Certificate Authority (CA), is has vouched for the fact that the public key you've been handed actually belongs to the owner of the domain you browsed to. For example, if you click on the lock icon next to this site's URL, you'll see that DigiCert has vouched for stackexchange.com's certificate. This means that stack exchange purchased a certificate from DigiCert and had to prove ownership of the domain as part of that purchase. The certificate is just a bunch of identifying info, including domain name, paired with a public key, and then digitally signed by the CA.
You browser comes pre-loaded with certificates from a bunch of CAs. When you browse to a web site, if the site's certificate is signed by a CA on your browser's trusted list, then everything just works. If it's not, your browser will throw an error.
In practice, the system sorta works, but there are several problems. There are way too many CAs, including companies with lousy security and governments who engage in espionage. Also, users may ignore the error their browser throws when the certificate isn't right, because most of the time, the problem is a misconfiguration, not an attack. If you want to get a better understanding of the practical problems and mitigations, check out the research of Moxie Marlinspike and Google "certificate pinning".
user143835
- 61
- 3