课程: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

Trust models

课程: ISC2 Certified Information Systems Security Professional (CISSP) (2024) Cert Prep

开始一个月试用 购买团队方案

Trust models

- [Instructor] Any cryptographic system depends upon some degree of trust. Earlier in this course, I discussed how strong cryptography depends upon a secure key exchange process. The two people communicating must be confident that they are really communicating with each other and not an impersonator, and that nobody is able to eavesdrop on the communication where they exchange encryption keys. The Diffie-Hellman key exchange protocol helps us with preventing eavesdropping, but we still need some way to ensure that we're not communicating with an imposter. In asymmetric cryptography, every user possesses a personal secret key that they don't share with anyone else. They can share their public keys freely so there's no risk of eavesdropping. These two factors combine to eliminate the need for eavesdropping protection during key exchange. However, we still need to worry about imposters. How do we know that the person sending us their public key really is who they claim to be? Well, there are three basic ways that we can obtain this assurance. In-person key exchange, which as we discussed earlier, is cumbersome and difficult. We can also use a concept known as the web of trust, or more commonly rely upon the public key infrastructure, or PKI. The web of trust was first introduced by Phil Zimmermann with the introduction of the PGP encryption software. The web of trust recognizes that it simply isn't possible for you to personally meet everyone that you want to exchange messages with. Just imagine what that would be like for your email account today. The web of trust depends upon indirect relationships such as those you find on LinkedIn. While you might not know the person you wish to communicate with personally, you might know somebody who knows that person or perhaps you have a third level connection where you know somebody who knows somebody who knows that person. The web of trust takes advantage of this by using digital signatures to vouch for the public keys of individuals. Every participant signs the public keys of everyone they know when they verify that the public key belongs to that person, and then everyone builds a list of the people they trust to vouch for others. If the web of trust becomes large enough, there's a reasonable expectation that indirect trust relationships will allow most people to communicate with most other people. There are problems with the web of trust, however. They include that the web of trust uses a decentralized approach that makes it difficult to manage. There's a high barrier to entry for new people, and the web of trust requires a good deal of technical knowledge on behalf of the user. For these reasons, the web of trust never really took off outside of the technical community. The public key infrastructure, or PKI, builds upon the web of trust concept, but introduces centralized authorities who make the process easier. We'll talk about that in the next video.

内容