Cryptography enables users of unsecured networks to exchange information in a secure manner. Most modern cryptography techniques employ algorithms that are based on one or more keys to allow a sender to encrypt information to be transmitted over a network and a receiver to decrypt the encrypted information that was received over the network. Cryptography techniques generally fall into either a secret key cryptography or public key cryptography. In secret key cryptography, the same secret key that is used by the sender to encrypt information is used by the receiver to decrypt the encrypted information provided by the sender. As such, the secret key for private cryptography must be shared and used by both the sender and receiver. If the secret key is discovered or intercepted by a third party, encrypted messages provided by the sender can be readily decrypted by the third party. Since the secret key must be shared, the risk of the secret key being compromised are relatively high and the effort required to keep the secret key confidential is generally overly burdensome. For these reasons, public key cryptography is favored.
Public key cryptography allows users to exchange information over an unsecure network through the use of a public and private key pair, which includes a public key and a private key. Generally, the public and private keys are created simultaneously with a key generation algorithm, such as the well known Rivest, Shamir, and Adleman (RSA) algorithm. Information encrypted using the private key must be decrypted using the corresponding public key, and information encrypted using the public key must be decrypted using the private key. Assume the public and private key pair is allocated to a first party. The private key is not shared and is maintained in confidence by the first party. The public key may be shared with a second party or made publicly available, if so desired. There is a need for the first party to keep the private key confidential, but there is no need for the second party or anyone else to keep the public key confidential.
In operation, the first party will use the private key to encrypt information to send to the second party. Upon receipt of the encrypted information from the first party, the second party will use the public key to decrypt the encrypted information. Further, the second party may use the public key of the first party to encrypt information to send to the first party. Upon receipt of the encrypted information from the second party, the first party will use their private key to the decrypt the encrypted information provided by the second party.
The security of public key cryptography often depends on ensuring that a first party's public key is authentic and that the first party is who they say they are. A digital certificate may include the public key of the first party and information about the first party. When included in a message from the first party, a second party may use the digital certificate to obtain the first party's public key, verify that the public key belongs to the first party, and verify that the first party is who they say they are. Digital certificates are generally created by a trusted certificate authority and provided to the first party by the certificate authority, such that the first party may include the digital certificate with certain messages to other parties. In addition to identity-related information of the first party and the first party's public key, the digital certificate information also may include information about the certificate authority, encryption algorithms, or the digital certificate itself, such as a validity period, expiration date, serial number, and the like. A common digital certificate format is provided in the International Telecommunication Union (ITU) recommendation ITU-T X.509, which is incorporated herein by reference in its entirety.
The integrity of the digital certificate is maintained in part by incorporating a digital signature of the certificate authority. Notably, the certificate authority will have its own public and private key pair, which is different from any public and private key pair of any parties being served by the certificate authority. Typically, the certificate authority's digital signature is created by hashing all or a portion of the digital certificate information to provide a hash result and then encrypting the hash result with the private key of the certificate authority. The hashing process includes processing the digital certificate information by a mathematical function to create a relatively small value, or hash result, that is representative of the digital certificate information. The digital signature is associated with the digital certificate information to provide the digital certificate, which is passed to the first party. The first party may pass the digital certificate to other parties to share their public key and verify who they are.
A second party receiving the first party's digital certificate can use the certificate authority's public key, which is publicly available to the second party, to verify the authenticity of the digital certificate information provided with the digital certificate. The verification process includes three main steps. First, all or a portion of the digital certificate information is hashed to create a hash result. Notably, the same hashing process that was used in generating the digital signature is used during the verification process. Second, the digital signature is decrypted with the certificate authority's public key to obtain a decryption result, and finally, the hash result and the decryption result are compared. The hash result and the decryption result will correspond to each other when the digital certificate information is authentic. The second party may take further steps to ensure the digital certificate was issued from the certificate authority.
Digital certificates have traditionally been associated with and used to authenticate parties, interfaces, and programs; however, they have not been used to authenticate devices, such as network devices that form the core of a communication network. Traditionally, the network devices that make up a communication network are shipped from their manufacturers and manually connected and configured to operate within the communication network. Once the network device is installed, other network devices within the communication network automatically assume the network device is what it declares itself to be and will begin communicating with it in a trusted fashion. If communications are supported, the other network devices do not care if the network device is an authorized device, operating in an intended portion of the communication network, operating in the intended manner, manufactured by the appropriate vendor, running legitimate software, or the like. Accordingly, the installation of network devices in a communication network is manually intensive and subject to mistake, misuse, or a combination thereof. Appropriate network devices may be installed in the wrong manner or in the wrong place and unauthorized network devices may be installed instead of authorized network devices.
Be it mistake or misuse, there is a need for a technique to readily authenticate network devices that are being connected to and subsequently form part of a communication network. There is a further need to allow network devices to automatically connect to the communication network and authenticate themselves prior to being allowed to function in normal fashion. There is yet a further need to reduce the manual labor associated with installing and connecting a network device to the communication network. The present invention fulfills these needs by employing the use of digital certificates in a unique and effective manner.