1 / 12

Virtual Smart Card

Virtual Smart Card. Andrew Hanushevsky Robert Cowles Stanford Linear Accelerator Center. Enmeshed Private Keys. Premise: Private keys and users don’t mix Inherently insecure model No guarantee of good or any password choice No guarantee of secure private key location

scottkjohnson
Download Presentation

Virtual Smart Card

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Virtual Smart Card Andrew Hanushevsky Robert Cowles Stanford Linear Accelerator Center

  2. Enmeshed Private Keys • Premise: Private keys and users don’t mix • Inherently insecure model • No guarantee of good or any password choice • No guarantee of secure private key location • E.g., users store keys in network based file systems • No guarantee how private key was handled • E.g., users copy/e-mail keys to remote machines & leave them • User managed keys cannot be trusted 2: Virtual Smart Card

  3. Solitary Private Keys • Premise: Never give a user their private key • Can’t mishandle something you don’t have • Can provide a stronger security guarantee • Signed cert as secure as institution’s accounts • Must provide agent-based key handling • E.g., smart cards 3: Virtual Smart Card

  4. Virtual Smart Card (vsc) • Premise: Physical smart cards (psc) in software • vsc’s have a 1-to-1 concept correspondence to psc’s 4: Virtual Smart Card

  5. VSC Conceptualization • A vsc is implemented using a secure, access restricted server • One server holds many user’s private keys • Hence, one server instantiates many vsc’s • Can be well secured • Restricted physical access • Cages, keyed room, etc. • Restricted logical access • Only three access protocols needed: dns, ntp, and vsc • Keys can be encrypted via user-supplied passwords 5: Virtual Smart Card

  6. CA 3.E-mail cert url 4.Download CA signed public cert* 2.Generate keys and send cert request 1.Ask for a cert vsc *When available on 1st request or automatic poll. VSC Procurement User never sees the private key! 6: Virtual Smart Card

  7. 1.Get public cert 3.Sign proxy cert vsc VSC Operation (vsc-proxy) Externally authenticated(e.g., Kerberos) 2.Generate proxy public/private key Private key never sees the network! 7: Virtual Smart Card

  8. 2.Send encrypted key-string vsc VSC Theft Protection Externally authenticated(e.g., Kerberos) 1.Generate key-string from a strong user password 3.Encrypt user’s x509 private key and discard key-string User must now supply key-string for vsc to use private key 8: Virtual Smart Card

  9. VSC Advantages I • Simple and effective • Models well-known physical object -- smart card • Initial certificate request is trivial • Private keys never exposed • Can be further encrypted by user • Can get proxy cert anywhere in the world • No need to copy public/private keys 9: Virtual Smart Card

  10. VSC Advantages II • Can provide special extensions • EDG VOM extensions (natural fit) • Can provide special always-on services • Perhaps proxy cert revalidation • Can provide stronger security guarantee • Signed cert as secure as institution’s accounts 10: Virtual Smart Card

  11. VSC Disadvantages • Private keys are concentrated • Can be user-encrypted • Similar problem in Kerberos • May violate current CA CP/CPS • Political vs. practical reality • No more secure than external authentication • Need good authentication (e.g., K5) 11: Virtual Smart Card

  12. Conclusion • Virtual Smart Cards effective • Simple, relatively transparent, secure • Provides a path to more stringent security • Physical smart cards • Simplify user’s lives • Ease of use reduces security lapses • Promotes a congenial grid security environment! 12: Virtual Smart Card

More Related