PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.

Slides:

Advertisements

Similar presentations

Smart Certificates: Extending X.509 for Secure Attribute Service on the Web October 1999 Joon S. Park, Ph.D. Center for Computer High Assurance Systems.

Advertisements

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.

© Copyrights 1998 Algorithmic Research Ltd. All rights Reserved D a t a S e c u r i t y A c r o s s t h e E n t e r p r i s e Algorithmic Research a company.

Smart Card Security Xufen Gao CS 265 Spring, 2004 San Jose State University.

Smart Cards Our Inevitable Future Mark Shippy. What are smart cards? Credit card sized plastic card with an embedded chip. Credit card sized plastic card.

Match On Card Technology and its use for PKI Mgr. Miroslav Valeš Sales Manager Eastern Europe May 9, 2001 CATE 2001 Security and Protection.

A Profile Of PKCS #11 V2.11 For Mobile Devices Magnus Nyström PKCS Workshop 2002.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Public Key Infrastructure A Quick Look Inside PKI Technology Investigation Center 3/27/2002.

The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006.

CT-KIP Magnus Nyström, RSA Security 23 May Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

PKCS #9 v2.0 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.

A l a d d i n. c o m eToken NG-OTP Combined PKI - OTP Authentication Solution November, 2008.

Building web applications on top of encrypted data using Mylar Presented by Tenglu Liang Tai Liu.

Cryptography and Network Security

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.

FIPS 201 Personal Identity Verification For Federal Employees and Contractors National Institute of Standards and Technology Information Technology Laboratory.

Next Steps toward More Trustworthy Interfaces Burt Kaliski, RSA Laboratories 1 st Workshop on Trustworthy Interfaces for Passwords and Personal Information.

DESIGNING A PUBLIC KEY INFRASTRUCTURE

Kerberos and PKI Cooperation Daniel Kouřil, Luděk Matyska, Michal Procházka Masaryk University AFS & Kerberos Best Practices Workshop 2006.

Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.

Principles of Information Security, 2nd edition1 Cryptography.

Proposal of MISTY1 as a Block Cipher of Cipher Suites in TLS Hirosato Tsuji Toshio Tokita Mitsubishi Electric Corporation.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

Core Web Service Security Patterns

Cryptography and Network Security Chapter 17

FIT3105 Smart card based authentication and identity management Lecture 4.

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

About PKI Key Stores Dartmouth College PKI Lab. Key Store Defined Protected “vault” to hold user’s private key with their copy of their x.509 certificate.

Securing Data Storage Protecting Data at Rest Advanced Systems Group Dell Computer Asia Ltd.

Secure Element Access from a Web browser W3C Workshop on Authentication, Hardware Tokens and Beyond 11 September Oberthur Technologies – Identity.

Chapter 8 Web Security.

Certificate and Key Storage Tokens and Software

Public Key Infrastructure from the Most Trusted Name in e-Security.

S/MIME and CMS Presentation for CSE712 By Yi Wen Instructor: Dr. Aidong Zhang.

70-294: MCSE Guide to Microsoft Windows Server 2003 Active Directory Chapter 9: Active Directory Authentication and Security.

Secure Electronic Transaction (SET)

E-Commerce Security Technologies : Theft of credit card numbers Denial of service attacks (System not availability ) Consumer privacy (Confidentiality.

Key Management with the Voltage Data Protection Server Luther Martin IEEE P May 7, 2007.

Network Security Lecture 26 Presented by: Dr. Munam Ali Shah.

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Smart Card Technology & Features

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

Some Perspectives on Smart Card Cryptography

Ken Asnes RSA Laboratories July 2001

Web Services Security Patterns Alex Mackman CM Group Ltd

SACRED REQUIREMENTS DOCUMENT Stephen Farrell, Baltimore Alfred Arsenault, Diversinet.

Keyprov PSKC spec Philip Hoyer 71-st IETF, Philadelphia.

Portable Symmetric Key Container (PSKC) Mingliang Pei Philip Hoyer Dec. 3, th IETF, Vancouver.

VPN. CONFIDENTIAL Agenda Introduction Types of VPN What are VPN Tokens Types of VPN Tokens RSA How tokens Work How does a user login to VPN using VPN.

11/18/2003 Smart Card Authentication Mechanism Tim W. Baldridge, CISSP Marshall Space Flight Center Office of the Chief Information Officer.

Chapter 4 Access Control. Access Control Principles RFC 4949 defines computer security as: “Measures that implement and assure security services in a.

RSA Laboratories’ PKCS Series - a Tutorial

e-Health Platform End 2 End encryption

RSA Laboratories’ PKCS Series - a Tutorial

ELECTRONIC MAIL SECURITY

Public Key Infrastructure from the Most Trusted Name in e-Security

ELECTRONIC MAIL SECURITY

The Secure Sockets Layer (SSL) Protocol

PLANNING A SECURE BASELINE INSTALLATION

Presentation transcript:

PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999

Agenda Background - PKCS #15 Reason for the proposal Overview of the proposal Discussion

Background There is a need for standardization of the format of cryptographic credentials stored on cryptographic tokens, if one wants portability

(sigh) Too many buzzwords...

All right, let’s define them... “Cryptographic credentials”: –Keys and Certificates “Cryptographic token”: –A portable device capable of storing cryptographic credentials identifying its owner. Example: Smart Cards

Definitions, continued “Token format”: –A detailed description of how certain higher-level abstractions such as keys and certificates are represented on a token in terms of e.g. data structures file contents directory structures

Background, continued. Why standardize a token format? –Without a standardized token format there will be no interoperability Are not APIs enough (e.g. PKCS #11, OpenCard…)? –Standardized APIs are neither necessary nor sufficient for token portability, but they help 3rd party vendors

What is he talking about???

The problem... (from S.Guthery) Application is tied to particular cards so …. Cardholder is tied to particular applications. Reader Card Token (Card)-aware application Standard API

…and a solution! IC Card Application A IC Card Application C Standard API IC Card Application B Standard API PC/SC PKCS #15 E.g. PKCS #11

PKCS #15’s Goal To enable portability of personal credentials stored on cryptographic tokens across computer applications

Now for the bad news...

Some deficiencies in PKCS #15 No support for tokens not capable of protecting private objects –No support for software tokens –No support for simple stored-memory tokens These types REQUIRE other kinds of protection of private objects (i.e. integrity- and confidentiality-protection)

Deficiencies, continued Many organizations cannot afford an infrastructure with cards and readers or would prefer to start with software-only tokens Memory cards are very popular in some countries No reason why PKCS #15 should not include support for these tokens

But wait - don’t give up yet!

Overview of the forthcoming proposal Added support for integrity- and confidentiality- protection of tokens Whole objects may be protected, or just some attributes (I.e. the value of the object) Added possibility to store thumbprint of all external objects, not just certificates

The PKCS15Token Type tokenInfo KeyMgmtInfo Objects Components of token info Key mgmt info table Pointers to objects The tokenInfo field consists of all components from the current TokenInfo type Objects are the same as in the current object directory file (ODF) This type may itself be integrity protected

Key Management Info One or several pairs of: A recipient info is the same as in PKCS #7, but a passwordRecipientInfo has been added keyId keyInfo Integer identifier RecipientInfo

Password Based Recipient Info The nesting allows several objects to be protected with the same password (with different content-encryption keys) Version Hints PBEAlgorithm keyID v1 E.g. “My Bank password” E.g. from PKCS #5 Nested KeyID pointing back to a RecipientInfo

Integrity Protected Data Version KeyID Algorithm content MAC v1 Pointer to Key mgmt E.g. hMAC What’s protected MAC value

Confidentiality Protected Data Version KeyID Algorithm content v1 Pointer to Key mgmt E.g. DES-EDE What’s protected

Protection of of Object Values A sequence of objects, or an object value itself may now be –directly stored (I.e. “inline”) –indirectly stored (pointed to) –direct-protected (confidentiality protected, directly stored) –indirect-protected (confidentiality protected, and pointed to)

Software Tokens Top-level structure will be PKCS15Token –May or may not be integrity protected –Will contain all other objects, or pointers (urls) to them –Private objects will be encrypted –All keys will be in a key management table (except perhaps for the outermost integrity protection key)

Memory cards and other simple H/W tokens The EF(ODF) may or may not be integrity protected. Files containing private objects will, most likely, be encrypted As an alternative, a complete PKCS15Token may be stored on the card/H-W token as one file

Summary The proposal extends the capacity of PKCS #15, it does not make any existing applications incompatible The proposal allows tokens not capable of protecting private objects themselves to store such objects in a secure manner It is still just a proposal

Other possible enhancements Command mappings (in an attempt to get rid of specific card layers)? ACL mappings (for easier knowledge of rights)? Support for biometric authentication methods? Support for external/internal AUTH commands/methods/protocols?

Other possible enhancements, continued Should it be possible to find PKCS #15 applications on an IC Card without using the PKCS #15 AID? If so, how?

Time plan 1st draft of PKCS #15 v1.1 will be submitted late October/early November A 2nd draft is expected early in January v1.1 expected in February 2000

How can I help?

Contact Us! As usual, send comments and suggestions to or