Modern cryptography is key to modern on line communications. This area of IT looks very complex and daunting to many, so it’s always a good start to get the basics right. I not gonna use much words for explaining, others have done that much better.
- Communicate secretly requires encryption so others cannot read it.
- Encryption uses some secret or key.
- Both sides need to have this key.
So far, nothing new here. Has been done like that for thousands of years.
But wait, what is missing here… Right, knowing who is who or trust. Without trust, I might send a secret message to the wrong one, or worse, I might give the key to the wrong one. Therefor I need to verify all this before sending secrets. But when I pass keys in person, I can just as well pass the message in person, why encrypt it?
When the enigma was ‘cracked’ by the brittish, it was important that the nazis kept on trusting all the enigmas. Otherwise they would have changed the machines and keys, rendering the ‘cracked one’ useless.
Fast forward to the 21th century (well actually late 20th). Instead of one key, we (well, Alice and Bob et least) started using two. A key pair with special properties to solve one problem: key distribution. A message encrypted with key 1, can only be decrypted with key 2, not the other way round. I can distribute key 1 (the public key) in the clear and still only the owner of the 2nd key (the private one) can decrypt. But how about trust? How do I know that the public key belongs to the person I want to send a secret message to?
The current certificate based system of public key management is based on a chain structure, using the X.509 protocol (one of those telco protocols, a derivate of X.500 which was originally invented for electronic phone books). Each certificate is signed by a higher-up more trusted party (the CA), avoiding self-signed certificates at all cost. Well, that won’t work, right? Who signs the top-level certificate then? Yup, the top-level certificate is self-signed, so self-signed is not that bad, as long as you trust the signing party. So we trust Let’s Encrypt, Verisign etc. Until they get hacked and compromised which happened with Diginotar, a dutch CA providing signing services for the dutch government. That was certainly the most famous CA hack of all times.
With this chain of trust architecture, all CAs are trusted by your browser, it does not matter which website it’s used for. A gmail.com server certificate signed by Diginotar is trusted by your browser, even if Google would never use Diginotar for signing services. And exactly that happened, and it was bad, very bad…
That flaw was fixed (initiated by Google) after the Diginotar hack using a feature called Certificate Transparency. Why that was not part of the original PKI architecture, I don’t know. Maybe it was assumed at that time that CAs could be trusted at all times…