Project EdelKey A centralized approach for user keys

1
Project EdelKeyA centralized approach for user
keys

• Peter SYLVESTER
• EdelWeb France
• Peter.sylvester_at_edelweb.fr
• June 2nd 2005

2
Presentation Outline

• Problem definition and background
• Approach for a solution
• Proof of concept implementation
• Outline and Discussion

3
A large user perspective

• French ministry of education nationale
• One of the largest employers worldwide 1.2
  million
• 20 years of server based application
• Using the French Minitel
• Not extremely security sensitive
• The number of minitels small, no network sniffing
• Switch of application to web based techno
• Access via Internet
• Heterogeneous hardware park totally
  uncontrollable
• Access control based on X.509 certiifcates
• Easy for applications
• VERY difficult for clients
• Study and experiment with alternative solution
• alternative to smart cards, not to X.509.

4
Difficulties for certificate users

• Hardware card solutions are expensive
• Deployment of PKI costly and not justified for
  the current application context
• Hotline costs
• Software certificates cheap but difficult to use
  in environments with non dedicated machines or
  mobile users

5
A standard simple SSCD
Owner and Client software
Keys PINs
Procdures
Local authenticattion
Usage functions
6
Requirements for an SSCD

• User and device must authenticated each other
• User OWNS THE CARD
• And types the PIN over a secure channel
• User controls and authorizes functions
• How often?
• What is controlled?
• Device traces functions
• Trace all signature activities for non
  repudiation
• Not so easy with cards, but done sometimes.

7
PKCS 11 Overview

• API called crypoki to isolate application and
  crypto module, 68 functions
• Invented by RSA,
• Adopted by Mozilla (open source)
• and card vendors

8
EdelKey PKCS 11 overview

• PKCS11 towards application
• Central server performs all crypto function
• Communicates via a secure protocol

9
What we have and what we need

• Have
• Mobility of users, no keys on local machines
• Logging of all operations simple
• Usage of highly protected hardware
• Need
• Mutual authentication of server and user
• Protocol with confidentiality
• Still some trust on the local machine, no virus

10
The Implementation steps

• test tool to intercept PKCS11
• TEE tool and online graphical display
• Permits to understand the PKCS11 API
• Initial version to work with local files
• PKCS12 files with key pairs and certs
• Choice of raw RSA functions
• Permits to validate API parts towards application
• Implementation of the EdelKey protocol
• On top of HTTPS with SRP protection
• Optimisation of access.
• Allows to communication with central files.

11
Secure Remote Password

• One example of strong password protocols
• Developped by Stanford University
• http//srp.stanford.edu
• Allows mutual authentication based on passwords
  only
• No trust base necessary by the user
• Implementation available by various sources
• One done by EdelWeb with OpenSSL, curl, mod_ssl
  and Apache.
• http//edelkey.edelweb.fr
• Proposed to be included into TLS/SSL.
• IETF is very slow
• Rumours about patents.

12
SRP in TLS

• Standard TLS TLS with SRP

13
EdelKey protocol layers

• No exotic protocols, we want to be able to
  implement
• Open source tools available
• ASN1 because we know how to do it in OpenSSL.
• Optimized protocol, not PKCS11 RPC
• Two simple operations, LIST, EXECUTE

14
The central site

• Implemented as a CGI on top of Apache
• Have a mod_ssl with SRP support
• openssl with SRP
• Simple data structure
• Collection of PKCS12 files embedded in a MACed
  files
• Main interested is not here
• HSM vendors may be interested
• Secure telecommand
• Just the same PIN, no feedback channel

15
The EdelKey Store

• EdelKeyStore SEQUENCE
• version INTEGER,
• keyinfo OCTET STRING containing EdelKeyInfo,
• mac PKCS12_MAC_DATA ,
• dummy OCTET STRING OPTIONAL
• EdelKeyCertificate CHOICE
• X509_cert Certificate
• EdelKeyCredentialOrTrust SEQUENCE
• name UTF8String,
• cert EdelKeyCertificate,
• trustinfo X509_CERT_AUX
• EdelKeyCredentialsAndTrusts SEQUENCE OF
  EdelKeyCredentialOrTrust
• EdelKeyInfo SEQUENCE
• name UTF8String,
• date GENERALIZEDTIME,

16
Local authentication and telecommand

• Biometrical device
• Not yet in use and questionable
• 2nd channel Feedback
• MagicAxess via SMS
• First Virtual via mail
• PIN codes
• Not better than software certs
• Other smart cards for simple authentication
• Requirements are different

17
Two keys
Key store and service
User
Key usage for Document signing
Tracable Authentication Non unified PKI
Local authentication via recognized methods
Usage of centrally Stored keys Towards
apllications
18
Outline and Discussion

• Learning through implementation
• We can better estimate costs
• Some more work ongoing
• CMS Signed for PKCS V2.20
• Some non standard approach is feasible
• Not everything are smart cards
• HSM devices are useful
• Some standard activity exists
• UPU electronic post mark
• OASIS digital signature service
• But this is only one of the PKI problems
• Chaining of SAML assertions and gatewaying
• Instead of federation of PKIs