Re: makecert fixed on RSA ?

[Tony McGee]

Hi Tom,

The signature algorithm that you can select from there (md5, sha1, etc) 
is a particular type of algorithm called a cryptographic hash function 
that is used for generating a small hash value from a much larger 
quantity of data. AES is a different type of algorithm (symmetric key) 
used to encrypt bulk quantities of data and so doesn't make sense to use 
it in that context.
The public key algorithm of the certificate (in this instance, RSA) is 
something different again, and is typically used to encrypt a small 
amount of data such as a symmetric key or hash value from the previous 
algorithms.

The Windows CryptoAPI does support using both symmetric key and 
asymmetric (public) key algorithms, but how you would use both at the 
API level depends upon your particular application. The makecert tool 
you're playing with leads into a fairly complex set of topics, so unless 
you have a specific goal in mind it's difficult to provide detailed 
direction through the mailing list.

To get a better handle on the difference between hashing/symmetric 
key/asymmetric key algorithms and what they're used for I would 
recommend picking up a cryptography fundamentals book such as Bruce 
Schneier's /Applied Cryptography/ 
http://www.schneier.com/book-applied.html or a similar tome. From there 
it would make sense to head over to Technet or narrow your study to a 
specific book on how Microsoft has implemented these fundamentals in 
Windows and what's achievable/recommended practices:
http://social.technet.microsoft.com/wiki/contents/articles/windows-pki-documentation-reference-and-library.aspx
http://www.microsoft.com/learning/en/us/book.aspx?ID=9549&locale=en-us 
<http://www.microsoft.com/learning/en/us/book.aspx?ID=9549&locale=en-us>

Cheers,
Tony

On 27/12/2011 7:49 PM, Tom Gao wrote:

Thanks for everyone's response

Many thanks Peter for your detailed response.

I am trying to understanding X509 better and also windows certificate 
store. As I haven't spent much time playing with certificates in the 
past. My initial assumption was after looking at my self generated 
certificate that in my test certificate generated using the command.

makecert -r -pe -n "CN= DevServer TestCert 26/12/2011 " -ss 
MyCertificateStore -sr localmachine

When opening certificate store in mmc, and browsing to the certificate 
location I could clearly see "Signature Algorithm" my initial 
assumption is that you can change this from "sha1RSA" to something 
else. My thoughts were about changing the signature algorithm to 
something else and not necessarily to AES. There didn't appear a way 
to do this via the certificate store. Actually I later realised that 
the only way to do this is at the time of generation for the certificate.

-a <algorithm>    The signature algorithm

<md5|sha1|sha256|sha384|sha512>.  Default to 'sha1'

It would appear that makecert supports the following algorithms. 
However does that mean that the windows server 2008 certificate store 
only supports certificates with the above algorithm? My understanding 
of x509 certificate is that it PKI so then what about other PKI 
algorithms out there?

Also does this mean we can't create certificate for symmetric 
encryption? Does this then mean that windows certificate store do not 
support symmetric encryption?

I'm not trying to achieve anything just trying to understanding 
certificates and the certificate store better. Sorry for loads of 
silly questions. But I really just wanted to confirm my understanding.

Many thanks,

Tom

*From:*ozdotnet-boun...@ozdotnet.com 
[mailto:ozdotnet-boun...@ozdotnet.com] *On Behalf Of *Peter Maddin
*Sent:* Tuesday, 27 December 2011 6:17 PM
*To:* 'ozDotNet'
*Subject:* RE: makecert fixed on RSA ?

For what's it's worth (from work I did ages ago).

RSA is an asymmetric cipher (as is Elliptic Curve(ECC)).

AES is a symmetric cipher as is Rijindael, twofish, OneFish, BlowFish etc.

I think AES is very similar or a variation of  Rijindael (see The 
Differences Between Rijndael and AES, 
http://blogs.msdn.com/b/shawnfa/archive/2006/10/09/the-differences-between-rijndael-and-aes.aspx).

As far as I understand it, as an asymmetric cipher is slow, it is used 
to encrypt exchange keys for a symmetric cipher (exchange keys are 
generally randomly generated) and to encrypt digital hashes (aka 
digital signatures). The DSA used to be the SHA-1 algorithm, but as 
this function has been broken, a better digital hash should be used 
(i.e. SHA-224, SHA-256, SHA-384, and SHA-512).

This forms the basis of PKI and asymmetric keys are mostly distributed 
using X.509 digital certificates. Certificates can be used to 
distribute both pairs of asymmetric keys (private and public) or just 
the public ones. The public keys are made publically available while 
private keys are kept as securely as possible. It does not make sense 
to distribute symmetric keys via X.509 certificates. I am not sure 
that this even possible. I think the Diffie--Hellman key exchange may 
work better 
(http://www.codeproject.com/KB/security/DiffieHellmanExample.aspx) for 
exchanging symmetric cipher keys.

To substantiate non repudiation of encrypted data, a third party 
certificate authority (VeriSign, Thawte) is normally used. If you 
generate your own certificates, the encryption will work but the 
aspect of non repudiation is weakened.

The most common asymmetric cipher used to support PKI is RSA and as 
far as I know the only one supported within the .NET framework.

If you want to outside what the .NET framework supports, I suggest you 
look at what Bouncy Castle provides

http://www.bouncycastle.org/csharp/ as well as other suppliers of 
Cryptography ciphers.

If you want a comparison of cipher vendors, Kellerman software 
compares theirs with some others as well as the .NET framework (may be 
a bit out-dated now).

http://www.kellermansoftware.com/p-17-net-encryption-library.aspx and 
click on the link Download the full list of features. 
<http://www.kellermansoftware.com/download/DotNetTools/EncryptionCompetition.xls>

*Regards Peter Maddin*
*Applications Development Officer*
*Path**West Laboratory Medicine WA*
*Phone : +618 6396 4285 (Monday, Wednesday,Friday)*

*Phone : +618 9346 4372 (Tuesday, Thursday)
Mobile: 0423 540 825*
*E-Mail : petermad...@iinet.net.au <mailto:petermad...@iinet.net.au>; 
peter.mad...@health.wa.gov.au <mailto:peter.mad...@health.wa.gov.au>*
*The contents of this e-mail transmission outside of the WAGHS network 
are intended solely for the named recipient's), may be confidential, 
and may be privileged or otherwise protected from disclosure in the 
public interest. The use, reproduction, disclosure or distribution of 
the contents of this e-mail transmission by any person other than the 
named recipient(s) is prohibited. If you are not a named recipient 
please notify the sender immediately**.*

*From:*ozdotnet-boun...@ozdotnet.com 
<mailto:ozdotnet-boun...@ozdotnet.com> 
[mailto:ozdotnet-boun...@ozdotnet.com] 
<mailto:[mailto:ozdotnet-boun...@ozdotnet.com]> *On Behalf Of *Greg Keogh
*Sent:* Tuesday, 27 December 2011 12:19 PM
*To:* 'ozDotNet'
*Subject:* RE: makecert fixed on RSA ?

I'm doing some research on certificates it seems that when makecert in 
windows server 2008 is used you don't get a choice on the 
certificate's algorithm? It defaults to RSA for key exchange ? looking 
at the extended option in makecert it only has the option of allowing 
to change the signature algorithm as opposed to the encryption 
algorithm? What can I do if I wanted to use AES just as an example.

Dunno if this helps, but RSA is a bit of a performance burden and 
usually used for encrypting small amounts of data such as keys. AES is 
a comparatively efficient block cipher. RSA uses a key-pair and AES 
uses one key, so they are designed for different purposes. DSA is 
usually used for making signatures. I think you're mixing up the 
algorithms.

Greg