You Can Be a Web Certification Authority

The Web has opened great opportunities for doing business on the Internet. Whatever type of business you conduct over the Web­merchandising, information publishing, or customer service­you must ensure the security and privacy of sensitive information transferred between Web servers and browsers.

Digital certificates play a critical role in Web security. Digital certificates are electronic documents that computer systems use to identify and authenticate individuals participating in an application, such as Web browsing, email, and file transfer. Traditional user logons and firewalls can't protect sensitive information when systems transfer it between Web servers and browsers. However, combined with other security technologies­encryption, digital signatures, and the Secure Sockets Layer (SSL) protocol­digital certificates can prevent data eavesdropping, tampering, and repudiation (denial of involvement) over the Web.

A Certification Authority (CA) is a trusted entity responsible for issuing digital certificates to individuals or systems based on verification of applicants' identities. You can request certificates from a public CA, such as VeriSign. However, as companies demand more certificates for their Web servers and browsers from a third party, they are becoming more concerned about confidentiality, cost of ownership, quality of service, and other issues. To obtain third-party certificates, you must release confidential business information about employees, customers, suppliers, and partners. You must pay subscription fees of tens to hundreds of dollars per certificate per year; at $50 per certificate, a 1000-employee company spends $50,000 a year on certificates. If you use a third-party CA, you do not control the certificate process, such as generation, retrieval, and revocation of certificates. And the process can take months.

To address companies' concerns about the disadvantages of working with third-party CAs, Entrust Technologies (formerly Nortel Secure Networks) recently released Entrust/WebCA for Windows NT. With this software, you can be the Web CA and issue certificates for both Microsoft and Netscape Web servers and browsers for your company and customers. To be a Web CA, you must understand some underlying concepts: cryptographic keys, digital signatures, certificates, and Web certificates. I will use Entrust/WebCA 1.01 (WebCA) as an example to introduce these concepts, explain how to issue and manage Web certificates, and address some unresolved issues such as interoperability and integration. (For product details, see "A Look at Entrust/WebCA.")

Keys and Signatures
The computer industry uses cryptography to keep communications secure and protect sensitive data from attack. In a cryptographic system, you use a key to encrypt a sending message and a corresponding key to decrypt the received message. A key is a numeric value, which can be a few bits or thousands of bits. The two kinds of keys are symmetric keys and public keys.

In symmetric cryptography, the sender and the receiver use the same key to encrypt and decrypt a message. In public key cryptography, everyone has two keys, a public key and a private key. Senders use the receiver's public key to encrypt messages, and receivers use their private keys to decrypt messages. Public key cryptography is more secure than symmetric cryptography, because discovering a private key kept by one person is more difficult than discovering a shared secret key. Public key cryptography, however, is more complicated and slower than symmetric cryptography.

To improve the process, developers have combined symmetric key and public key cryptography. The rationale for combining the two types of keys is that you can use a symmetric key once to encrypt and decrypt messages in a session. The sender randomly generates a symmetric key, encrypts the key with the receiver's public key, and sends the encrypted key to the receiver. The receiver decrypts the encrypted key with a private key. The sender uses the original symmetric key to encrypt the message, and the receiver uses the recovered symmetric key to decrypt the message. The sender and receiver use this symmetric key only once and discard it when they finish the session.

Although public key cryptography works well for data encryption, developers use digital signatures to authenticate data transmitted from a sender to a receiver. With digital signatures, the sender signs a message before sending it. The receiver verifies the signature enclosed in the message to confirm that the message is from the expected sender and that no one has tampered with it during transmission. Let's see how digital signatures and public key cryptography work together.

When John wants to send a message to Beatrice, he creates the message and passes it through a hashing algorithm. The output is the message hash, or message digest. John uses his private key to encrypt the message hash. The result is a digital signature, or fingerprint, which looks something like A5:81:3D:49:57:E5:16:FF:33:18. John appends the signature to the message. He then generates a one-time symmetric key and uses Beatrice's public key to encrypt it. Finally, John sends the encrypted one-time symmetric key and the message bundled with the digital signature to Beatrice.

When Beatrice receives the encrypted message, she uses her private key to decrypt the symmetric key and then uses the symmetric key to decrypt the message. Beatrice uses John's public key to decrypt the signature into the original message hash. She passes the decrypted message through the same hashing algorithm that John used and obtains a new message hash. She compares the new message hash with the original message hash, and if they differ, she knows tampering or a transmission error has altered the message during transmission.

You can use digital signatures independently of data encryption. For instance, John can sign the message but not use public key cryptography to encrypt the message when he transmits it. John also can have different public and private key pairs for signing and encryption.