CoSign Digital Signatures

1
Scalability and Control realized with
aCentralized Key Management Approach NIST Key
Management WorkshopJune 9, 2009 AM
session Gaithersburg, MD
John Marchioni ARX, Inc. San Francisco, CA Email
johnmarc_at_arx.com http//www.arx.com
Scalability
with Control
2
ARX, Inc.

• Core focus cost-efficient, scalable, and secure
  PKI applications for industry.
• First to market with a network-attached,
  multi-user HSM (PrivateServer)
• First to market with a centralized key-management
  solution for end-user digital signatures
  (CoSign)
• ARX implements solutions for both public and
  private sectors
• ARX solutions are gaining in adoption precisely
  because of their scalability, security, ease of
  deployment and ease of use.

3
Agenda

• Obstacles with Key Distribution
• Distributing Managing Key Media
• Revocation breaks down when key is out of reach
• Auditing Key Actions and Key Usage
• Overall, control and scalability are crude
• Alternative Centralized Key Management
• Lower Administrative Burden
• Lower Processing Overhead
• Flattened Learning Curve for End Users
• Result is refined control with scalability
• QA

4
Observations
Traditional PKI systems are based on
distributing keys to the end users, which, aside
from security concerns Marchesini, creates a
high burden in logistics, cost, help desk support
and user acceptance Whitten and also introduces
training obstacles Nielsen.
Ref S. Turner and R. Housley, Implementing
Email Security and Tokens Current Standards,
Tools, and Practices pp.159, Wiley Publishing,
2008.
5
Key Management Background

• Key management supports these 3 basic
  applications
• Digital Signatures
• Access Control
• Confidentiality
• Key distribution may work well enough for things
  like session confidentiality, and devices that
  require access control, but the model does not
  scale well and tends to break down when end-users
  also require key services.

6
The Control Issue, e.g., A Runaway Stage
7
Similar Issue with Key Distribution
Systems Admin, or Security Officer
I cant remember where I left mine.
I have work to do but left my key at home.
8
Key Distribution Issues
Nature of Key Distribution
Issue
9
Key Distribution Issues (contd)
Nature of Key Distribution
Issue

• Certificate revocation alone does not turn the
  user off a distinct disadvantage for
  maintaining proper controls
• Extra operational overhead, must physically
  retrieve the key (i.e., the HW token or PC)
  for key revocation.
• Delayed production, with administrative
  overhead
• End-user learning curve (for the non-PKI
  literate, and most users are not PKI
  literate)
• - user is not familiar with key generation
  process
• - user-to-RA/CA interaction is confusing.

10
Key Distribution Issues (contd)
11
Centralized Key Management
Nature of
Advantages
Centralized Key Management
Key Media HW token secure, centralized
appliance, I.e., FIPS 140-2 level 3
evaluated, network- attached, multi-user HSM
12
Centralized Key Management (contd)
Nature of
Advantages
Centralized Key Management
13
Summary

• Centralized key management offers obvious control
  and audit advantages over key distribution.
• Centralized key management alleviates many
  administrative and cost burdens.
• Scalability requires the end-user low touch,
  proper controls, and minimization of cost and
  administrative overhead as offered by the
  centralized approach.
• Organizations of all sizes (very largest to the
  small) can benefit from the control and
  scalability, offered by centralized key
  management strategies, and will find such
  strategies are both more affordable and durable.

14
References

• C. Ellison, Improvements on Conventional PKI
  Wisdom, Proceedings of the 1st Annual PKI
  Research Workshop, pp. 165-176, August 2002.
• FIPS140 National Institute of Standards and
  Technology (NIST), FIPS Publication 140-2
  Security Requirements for Cryptographic Modules,
  May 2001.
• S. Gupta, Security Characteristics of
  Cryptographic Mobility Solutions, Proceedings of
  the 1st Annual PKI Research Workshop, pp.
  117-126, August 2002.
• M. Lorch, J. Basney and D. Kafura, A
  Hardware-secured Credential Repository for Grid
  PKIs, 4th IEEE/ACM International Symposium on
  Cluster Computing and the Grid, pp. 640-647,
  April 2004.
• J. Marchesini, S.W. Smith, M. Zhao, Keyjacking
  Risks of the Current Client-side Infrastructure,
  Proceedings of the 2nd Annual PKI Research
  Workshop, pp. 128-144, April 2003.
• NAMU and Directory-Driven HSM Appliance S.
  Turner and R. Housley, Implementing Email
  Security and Tokens Current Standards, Tools,
  and Practices pp.159-160, Wiley Publishing,
  2008.
• R. Nielsen, Observations from the Deployment of
  a Large Scale PKI, Proceedings of the 4th Annual
  PKI Research Workshop, pp. 159-165, August 2005.
• A. Whitten and J.D. Tygar, Why Johnny Cant
  Encrypt A Usability Evaluation of PGP 5.0,
  Proceedings of the 8th USENIX Security Symposium,
  pp. 169-184, August 1999.

15
For those viewing via webcast, please submit
questions for this presentation to
kmwquestions_at_nist.gov
What do you think?
Scalability
http//www.arx.com
with Control