Presentation on theme: "Key Protection, CSI Eric Norman University of Wisconsin-Madison."— Presentation transcript:
Key Protection, CSI Eric Norman University of Wisconsin-Madison
CSI ? Cheap, Simple, Impregnable.
The Two Principles Complete accountability of the private key Separation of duty
Complete Accountability of the Private Key At all times during the life cycle of the private key, we know: how many copies exist, where each copy is located.
Separation of Duty No single person has the capability to use (any copy of) the private key.
Main Protection Rule Never, never, never, never, never, never,
Main Protection Rule Never expose the private key to the Internet!
The Machine I/O limited to: – CD ROMs – Floppies – Keyboard and display – USB thingies Swapping is disabled Never leave private key on disk
Lifecycle of Keys DeployVerify IdleSign Public Private Create Use Destroy
Key Generation Randomness (create) How do we get randomness when the machine is rebooted immediately before use?
The Unknown Floppies Pic of floppies
Key Storage (idle) All confidential material (media with private keys, physical keys for padlocks, passwords, etc.) is stored in separate tamper evident bags.
Certificate Fingerprints (deploy, verify) Weekly campus newspaper Answering machine Business cards Compare with your neighbor
Key Usage (sign) Locked door.
Key Usage (sign)
Another locked door.
Key Usage (sign) Pic cabinet 2 locks
Key Usage (sign) Pic media box 2 locks
Key Usage (sign) Boot machine. Read input (private key, to be signed, etc.). Supply two passwords to unlock key. Sign stuff. Write output (certificates, logs). Erase memory and disk. Shut down machine.
Off Site Backup (idle, sign, destroy) Separate safety deposit boxes for: private key media, password half, other password half. Each in its own tamper evident bag. (Should only be necessary for audit or destruction.) It's also possible to just generate new key.
Key Compromise Stop signing with key. Restore trustworthy service. Revoke old key.
Key Destruction (destroy) Simple. Round up all copies and destroy them. Protecting a private key by destroying it is a strategy that might be applicable more often than you think.