Presentation is loading. Please wait.

Presentation is loading. Please wait.

` Key Management The Connection Between Policy and Encryption Terence Spies CTO Voltage Security.

Published byBerenice Bagwell Modified over 10 years ago

Similar presentations

Presentation on theme: "` Key Management The Connection Between Policy and Encryption Terence Spies CTO Voltage Security."— Presentation transcript:

1 ` Key Management The Connection Between Policy and Encryption Terence Spies CTO Voltage Security

2 *** Confidential and Proprietary *** Agenda Encryption as a security mechanism The emergence of key management Key management technologies Key management and encryption is no longer confined to silos (messaging, storage, networking) Key management requires understanding overall access control and business policies Business and technical leadership must cooperate

3 *** Confidential and Proprietary *** Encryption is Inevitable Classic access control protects edges Outsourcing, partnering, customer data access All create new, complex edges Cant control all of them anymore Encryption protects without edges

4 *** Confidential and Proprietary *** The use of encryption has changed Encryption Yesterday Driver: Secrecy Sensitive communications Machine to machine protocols Connection encryption Static, machine keys SSL/VPN Data encryption Small user set Pre-enrolled users S/MIME, etc. Encryption Today Driver: Compliance, Privacy HIPAA, PCI, SB1386, SOX User and group protocols Document encryption Dynamic group & user keys App, email, database enc Data encryption Large user set External, ad hoc users New apps and protocols

5 *** Confidential and Proprietary *** Policy drives this evolution Old Model Encrypt this data to a trusted machine Plaintext on the trusted machine Defending against untrusted wires 10s - 100s of keys Machine authentication New Model Encrypt this document to a trusted group No stored plaintext anywhere Defending against untrsuted storage 1000s - 1000000s of keys User, group, role auth

6 *** Confidential and Proprietary *** Key Management Key Management is the bridge between old and new Encryption is just a tool Key Management connects business policy to security enforcement What is Key Management How can Key Management be done? Key Management as a technology category

7 *** Confidential and Proprietary *** Data Encryption is Easy! Well, its at least understood….but not really But we can ignore the core crypto for now Do this 10 times:

8 *** Confidential and Proprietary *** Encryption is easy, Key Management is hard Encryption Key Decryption Key How do we make sure both sides have the right keys?

9 *** Confidential and Proprietary *** What is hard about managing keys? Enrollment Key creation, duplicate keys Distribution Lookup, Storage and Access Finding the encryption key of a system Recovery of decryption keys Content scanning, filtering, audit Archiving for compliance, supervision Synchronizing distributed key stores Key life cycle Revoking keys, expiring keys Backup of keys, disaster recovery

10 *** Confidential and Proprietary *** New Model Key Management SSL/VPN model One certificate per domain Costly enrollment process (~$150/cert) 10-100 keys Policy based encryption model One key per user or group Cant pay $150/directory entry! 1000-1MM keys Makes a difficult problem a nearly impossible one

11 *** Confidential and Proprietary *** How is key management done? Central server Symmetric key, ie. Kerberos Certificates Public key, ie. Classic PKI Identities Identity-based Encryption

12 *** Confidential and Proprietary *** The Basic Key Management Operations Actors The Authority Trusted, can authenticate all participants Originator Wants to encrypt something to someone Might be a group or an individual Receiver Authorized receiver

13 *** Confidential and Proprietary *** The Basic Key Management Operations Operations Authority, Originator, Receiver: Initialize Originator: Get Encryption Key Receiver: Get Decryption Key We can compare scalability, efficiency, flexibility on these operations

14 *** Confidential and Proprietary *** Symmetric Key Management Basic principle: use the same encryption algorithm to manage keys Initialize: Receiver, Originator: share a key with the authority Get Encryption Key Authority sends K encrypted with originators key Or, Receiver sends K encrypted with rec key Get Decryption Key Originator decrypts K Or, originator requests K encrypted with org key

15 *** Confidential and Proprietary *** Key Management for Symmetric Keys Example: 8 devices Key Store 28 keys 4325671123456712345678.. 88 How many keys total for 8 people? Key Server

16 *** Confidential and Proprietary *** Certificate Based Key Management Basic principle: use a public key algorithm Public key in a nutshell: Encrypt(M, K1) -> C Decrypt(C, K2) -> M Symmetric: K1 == K2 Public key: K1 != K2 Allows separation of who can encrypt and decrypt

17 *** Confidential and Proprietary *** Certificate Based Key Management Initialize: Authority: Generate a signing key Receiver: Generate a key pair, E and D. Send E to Authority, who signs Receiver + E together (this signed object is a certificate) Originator: Get verification key from authority Get Encryption Key Originator: Get certificate (somehow…..), verify signature, extract key Get Decryption Key Receiver: Decrypt

18 *** Confidential and Proprietary *** Seems simple…. Except that its never just A to B How do you Recover a key if a receiver disappears? Distribute the database of certificates? Make a certificate for a group?

19 *** Confidential and Proprietary *** Identity-Based Encryption (IBE) – Breakthrough in Cryptography IBE - proposed 20 years ago as next generation encryption In 1984 Adi Shamir, co-inventor of the RSA Algorithm, challenged cryptographers to invent IBE IBE solution is created 2 decades later in 2001 Research funded by DARPA (DoD research) Boneh-Franklin Algorithm published at Crypto 2001 An award-winning breakthrough in security and usability Users no longer need to handle multitudes of passwords, keys, certificates or complex tools Industry acceptance Over 600 scientific publications on IBE/Pairings Dan Boneh awarded 2005 RSA Conference Award for Mathematics Standardization Efforts IBE being standardized by IEEE 1363.3 Invited by IETF to form new extension to S/MIME

20 *** Confidential and Proprietary *** Identity-Based Encryption Basic Idea: Public-key Encryption where Identities are Public Keys IBE Public Key: alice@corp.com RSA Public Key: Public exponent=0x10001 Modulus=13506641086599522334960321627880596993888147 560566702752448514385152651060485953383394028715 057190944179820728216447155137368041970396419174 304649658927425623934102086438320211037295872576 235850964311056407350150818751067659462920556368 552947521350085287941637732853390610975054433499 9811150056977236890927563

21 *** Confidential and Proprietary *** IBE does not need certificates Certificates bind Public Keys to Identities e.g. bob@b.com has key 0x87F6… Signed by a Certification Authority In IBE, Identity and Public Key is the same No certificate needed No certificate revocation No certificate servers No pre-enrollment X

22 *** Confidential and Proprietary *** How IBE Works in Practice: Alice Sends a File to Bob Key Server master secret public params bob@corp.com alice@corp.com public params bob@corp.com key request + authenticate

23 *** Confidential and Proprietary *** How IBE Works in Practice: Alice Sends a File to Bob Key Server master secret public params bob@corp.com alice@corp.com public params bob@corp.com Fully off-line - no connection to server required

24 *** Confidential and Proprietary *** Private Key Generation Master Secret is used to generate keys Each organization has a different secret Thus different security domains Server does not need to keep state No storage associated with server Easy load balancing, disaster recovery, high availability Key Server Master Secret s = Request Private Key 1872361923616378 bob@corp.com

25 *** Confidential and Proprietary *** IBE can support any method of authentication Clean separation between encryption and authentication Authentication is not tied to message Can be changed over time External auth integration Leverage existing passwords, directories, portals, etc. Out of the box support for ad-hoc, self-provisioning auth Authentication Key Server Auth Service

26 *** Confidential and Proprietary *** Key Revocation, Expiration and Policy What happens if I lose my private key? Key validity enables revocation – key freshness Every week public key changes, so every week a new private key is issued revocation can be done on weekly basis To revoke someone, simply remove him from the authentication mechanism (e.g. corporate directory) bob@b.com e-mail address key validity || week = 252

27 *** Confidential and Proprietary *** Federation The Voltage IBE System has built-in federation Bob bob@bravo.com Key Server Alice Key Server Directory Intranet of alpha.comIntranet of bravo.comInternet alphas secret bravos secret PP-Bravo Send to: bob@bravo.com bravo.com Fetch bravos PPs from https://voltage-pp. Host public params at https://voltage-pp.bravo.com

28 *** Confidential and Proprietary *** Extending IBE: Groups and Policies IBE is not restricted to using identities as keys Encrypt to a group: hr@corp.com To retrieve the key, the user/application must authenticate as a member of the HR group Leverage existing directory structures (AD, LDAP) As group membership in directory changes, key access rights change dynamically as well Encrypt to a policy name/classification: PCI@corp.com To retrieve the key, the user/application must meet the policy defined at the server Example: Asking for PCI key might query back-end ERP system and execute business logic Effectively impossible to do with PKI Group certificates create major revocation and distribution problems

29 *** Confidential and Proprietary *** Policy & IBE Key Server master secret public params bob@yahoo.com alice@corp.com public params key request + authenticate Portal PCI corp.com AAA System Is Bob allowed to access PCI data?

30 *** Confidential and Proprietary *** Policy-Based Encryption: Define canonical privacy policies e.g. HIPAA, PCI, Confidential, Classified, … Define elements of policy on server e.g. HIPAA requires delegated access, auditing, etc. Encrypting agents specify privacy policy as part of key Do not need to understand individual policy elements Privacy policy enforced by server Policy can be modified over time key = bob@b.com || HIPAA key = HIPAA

31 *** Confidential and Proprietary *** Policy Definition HIPAA Notify HIPAA Officer Machine Must Be HIPAA- Approved Delegate Access for HIPAA Admins External Auth via Strong Pass Internal Auth via Directory Log HIPAA event

32 *** Confidential and Proprietary *** Policy Based Key Management HIPAA = - US access only - Auth via SecurID - Log HIPAA event Define HIPAA enforcement policy on management server Identify & classify: Determine document contains HIPAA data Apply HIPAA privacy policy Enforce HIPAA privacy policy

33 *** Confidential and Proprietary *** Policy History bob@b.com HIPAA July 1, 2004 HIPAA v3.5 HIPAA v3 HIPAA v2 HIPAA v1.5 HIPAA v1 May 19, 2005 Februrary 11, 2005 October 20, 2004 April 6, 2004 January 15, 2004 HIPAA

34 *** Confidential and Proprietary *** Federated Policy Enforcement + HIPAA Privacy Policy HIPAA applied at company A Content transferred via existing channel Policy enforced per rules of company B

35 *** Confidential and Proprietary *** Policy & IBE: Another View PCI = - US access only - Audit access to PCI admins - Log PCI event Define PCI policy on management server Determine data is PCI-relevant Apply PCI policy (encrypt) Enforce PCI policy

36 *** Confidential and Proprietary *** Key Management - Public Key Infrastructure Certificate Server binds Identity to Public Key bob@b.comalice@a.com Send Public Key, Authenticate Receive Certificate CA Signing Key Certification Authority CA Public Key Certificate Server Store Certificate Look up Bobs Certificate, Check revocation CA Public Key Bobs Private Key Bobs Public Key Recovery Server Store Bobs Private Key

37 *** Confidential and Proprietary *** Key Management - IBE Binding is done by mathematics bob@b.com IBE Key Server alice@a.com Master Secret Send Identity, Authenticate Receive Private Key Public Parameters Bobs Private Key Certificate Server Store Certificate Look up Bobs Certificate, Check revocation X Recovery Server Store Bobs Private Key X

38 *** Confidential and Proprietary *** Where do IBE & PKI fit together? Key management encompasses three areas: Authentication PKI very applicable in certain scenarios IBE-based auth architecture makes it easy to leverage certs, SecurID, etc. Signatures PKI works well for signatures In fact, IBE architecture effectively uses PKI for signatures Encryption Where PKI has never really worked

39 *** Confidential and Proprietary *** Key Management Futures Practically, where is all this going? IEEE 1619.3 Standardization of key management for storage Oasis TC for key management IETF Keyprov working group

40 *** Confidential and Proprietary *** Key Management Futures You are going to be exposed to a new category of product, a central key manager The underlying crypto mathematics will determine performance and costs

Download ppt "` Key Management The Connection Between Policy and Encryption Terence Spies CTO Voltage Security."

Similar presentations

April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.

April 19-22, 2005SecureIT-2005 How to Start a PKI A Practical Guide Dr. Javier Torner Information Security Officer Professor of Physics.
Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
PAR for P1363.3 Title: Standard for Pairing based Cryptographic Techniques June 4, 2005 PAR for IEEE P1363.3.

PAR for P Title: Standard for Pairing based Cryptographic Techniques June 4, 2005 PAR for IEEE P
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.

1 ABCs of PKI TAG Presentation 18 th May 2004 Paul Butler.
Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.
Introduction to z/OS Security Lesson 4: There’s more to it than RACF

Introduction to z/OS Security Lesson 4: There’s more to it than RACF
Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.

Securing Critical Unattended Systems with Identity Based Cryptography A Case Study Johannes Blömer, Peter Günther University of Paderborn Volker Krummel.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.

Authentication Cristian Solano. Cryptography is the science of using mathematics to encrypt and decrypt data. Public Key Cryptography –Problems with key.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.

Public Key Infrastructure (PKI) Providing secure communications and authentication over an open network.
DESIGNING A PUBLIC KEY INFRASTRUCTURE

DESIGNING A PUBLIC KEY INFRASTRUCTURE
David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.

David L. Wasley Information Resources & Communications Office of the President University of California Directories and PKI Basic Components of Middleware.
PKI and Identity-Based Encryption Secure IT Conference 2007 Guido Appenzeller Voltage Security.

PKI and Identity-Based Encryption Secure IT Conference 2007 Guido Appenzeller Voltage Security.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Similar presentations

Ads by Google