360 likes | 464 Views
Technology Overview for FPKI TWG May 2, 2002. Agenda . Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary. About NOVOMODO. Software product company focused on validation security and privilege management
E N D
Agenda • Company Introduction • NOVOMODO Basics • Advanced Features • Application Examples • Summary NOVOMODO Inc.
About NOVOMODO • Software product company focused on validation security and privilege management • Founded by Dr. Silvio Micali in 2001 to bring about a “new way” of approaching business problems associated with validation & privileges • Validation technology in production use at MIT – 160,000 certs issued over 18 months • “Alpha” product release available for evaluation NOVOMODO Inc.
NOVOMODO Executive Team • Silvio Micali – Founder and Chief Scientist • Professor of Computer Science at MIT • Peter Hussey – CEO • Former President of CyberTrust and Baltimore Americas • Robert Dulude – SVP and Chief Security Officer • Former VP at CyberTrust and Baltimore • William Ang – VP Engineering • Partner at TechSquare, Inc. • TBA – CFO • Co-founder of two successful financial services firms, COO and EVP of several firms • TBA - VP Sales and Marketing • VP sales positions at Lotus and others NOVOMODO Inc.
NOVOMODO Advisors Allan Borodin, University of Toronto Manuel Blum, Carnegie Mellon University Mihir Bellare, University of California - San Diego David Campbell,Director, Innovation Advisors Steve Cohn, COO Nevo Technologies Shafi Goldwasser, MIT Mike Kaplan,CTO SafeNet Charles Rackoff,University of Toronto Ronald Rivest,MIT Phil Rogaway,University of California – Davis Jeff Schiller,MIT& IETF NOVOMODO Inc.
NOVOMODO Mission become the global leader in Certificate Validation and Dynamic Privilege Management NOVOMODO Inc.
Some Definitions • Authentication is proving your claimed identity • The picture on your driver’s license • Authorization is granting privileges (user/process) • Privilege to drive • Validation is verifying your privileges and attributes • Your privilege to drive has not been revoked • Your address on your license is current NOVOMODO Inc.
eSecurity Solution NOVOMODO technology provides: • Validation that is simple, secure, cost effective and truly scales • Scalable = no degradation in performance or cost effectiveness as move to 10s millions • Two-party validation for off-line situations • Dynamic privilege management • Multiple privileges using a single certificate NOVOMODO Inc.
Sally Student Expires7/31/2002 NOVOMODO Validation 909090909 VALID4.26.02 20-byte Validation Token • Unforgeable • Works only with proper document and date • Simple • 20 bytes • Fast • A few hashes (10,000 times faster than one digital signature) • Public • Can post on the Web! PROOF
Sally Student Expires7/31/2002 day 2 day 3 day 1 909090909 VALID4.27.02 909090909 VALID4.28.02 909090909 VALID4.26.02 day 4 909090909 REVOKED NOVOMODO Validation 20-byte Validation Token 909090909 VALID4.26.02 PROOF Validation Authority Basics
Validation Responders Subscriber S # Validation Authority OK Relying Party *** Web Merchant Financial Service Provider Corporate Network Health Care Data Records Governmental IDs/Access 802.11 “hot-spots” PC Cell phone Smartcard PDA Laptop Single Vault NO Vaults! NOVOMODO Basics Secure Scalable Cost effective Easily managed OCSP
Validation Responders Subscriber S # Validation Authority OK Relying Party *** Web Merchant Financial Service Provider Corporate Network Health Care Data Records Governmental IDs/Access 802.11 “hot-spots” PC Cell phone Smartcard PDA Laptop Single Vault NO Vaults! NOVOMODO Basics Secure Scalable Cost effective Easily managed
Network Gateway & Responder Wireless Platform Validation Authority Cell Phone PDA Bluetooth device Smartcard Subway tickets Tollbooth OK OK No connecting infrastructure required! NOVOMODO2-PARTY Validation Val. Token “Push” (e.g., silent SMS) Wireless, Physical Access Control, … Offline Validation! NO 3rd Party Call! Unique to NOVOMODO Relying Party Logical or Physical Access
NOVOMODO Dynamic Privilege Management
909090909 VALID4.26.02 909090909 VALID4.26.02 Dynamic Privilege Management: Example Low-levelclearance Database Access Medium-levelclearance Purchasing Power PKI Enabled Application Access High-levelclearance On The Cert
Dynamic Privilege Management Low-levelclearance 909090909 VALID4.26.02 Database Access Medium-levelclearance Purchasing Power 909090909 VALID4.26.02 PKI Enabled Application Access High-levelclearance On The Cert
909090909 VALID4.27.02 909090909 VALID4.27.02 Dynamic Privilege Management Low-levelclearance Database Access Medium-levelclearance Purchasing Power PKI Enabled Application Access High-levelclearance On The Cert
Dynamic Privilege Management Low-levelclearance Database Access Medium-levelclearance Purchasing Power 909090909 VALID4.27.02 909090909 VALID4.27.02 PKI Enabled Application Access High-levelclearance On The Cert
909090909 VALID4.28.02 909090909 VALID4.28.02 909090909 VALID4.28.02 Dynamic Privilege Management Low-levelclearance Database Access Medium-levelclearance Purchasing Power PKI Enabled Application Access High-levelclearance On The Cert
Dynamic Privilege Management • Revocation + Reissuance • Same Certificate, multiple privileges, multiple authorities • Low-cost independent control Unique To NOVOMODO ! Tenants
Dynamic Privilege Management • Revocation + Reissuance • Same Certificate, multiple privileges, multiple authorities • Low-cost independent control Unique To NOVOMODO !
RSVT NAVY OK *** Department of Defense Department of Defense OK Validation Responders Smart Access Card NAVY Department of Defense Donald Rumsfeld Secretary of Defense Pentagon Washington, DC #1234567 RSVT NAVY Smart Card with Single Certificate but Dynamic Cert Management ROOSEVELT Share Card, Cert, Infrastructure, … RETAIN CONTROL ! Independent Validation Authorities
Novomodo Validation Authority LDAP Simple DeploymentFunctional Block Diagram CA DPM RA Novomodo Responders Relying Party Application SUBSCRIBER
CA CA CA CA VA VA VA VA Rsp Rsp Rsp Rsp Rsp Rsp Rsp CA CA CA Rsp VA VA VA Rsp Rsp Rsp Rsp Enabling FlexibilityArchitecture Options NOVOMODO Inc.
Summary • Technology is simple, secure and scales • Attractive alternative to OCSP • Near real time off-line validation • Ideal for wireless platforms • Ideal for physical access via smartcards & biometrics • Dynamic privilege management – for 1st time: • Multiple privileges on single certificate • Multiple privileges independently controlled • Privileges can be pre-positioned for future use • Replaces unworkable attribute certificates • Unique to Novomodo NOVOMODO Inc.
Bob Dulude Chief Security Officer bob@novomodo.com
Background on one-way hashing • H is easy to compute (10,000 times faster than signature) • H is hard to invert (e.g., SHA-1) EASY X H(X) HARD • If X is 20 bytes = 160 bits, then there are 2160 possible X’s • even at 1 trillion hashes/sec, it takes 1028 years to try them all>> than the lifetime of the universe
X365 VA computes X365 =H(X364) VA computes X364 =H(X363) X364 H VA computes X363 =H(X362) X363 H H ... ... X1 VA computes X1 =H(X0) H X0 H VA generates a secret random 20-byte value NOVOMODO Validation
secret NOVOMODO Validation X365 added to certificate H X364 H X363 H ... H X1 H X0
X364 X363 X364 NOVOMODO Validation C is valid on issue date X365 , ...) C=SIGCA(serial number,PKU, U, issue date, exp. date, H if C is valid the next day, VA reveals X364 H if C is valid 1 day after next, VA reveals X363 X363 H if C is valid D days before expiration,VA reveals XD ... H X1 Cost of validity proof to VA: table lookup Cost of verification: a few hashes H X0
H X364 X363 X364 Y0 Y0 Y0 Y1 NOVOMODO Revocation C=SIGCA(serial number,PKU, U, issue date, exp. date, X365 , ,.) VA computes Y1 =H(Y0) H VA generates a secret random 20-byte value Y0 H X363 To prove that C is revoked: reveal Y0 H ... H X1 NOVOMODO: definitive, fast proofs of either validity or revocation! H X0 Token
X365 X364 CA H Makes Cert X363 H ... H X1 H X0 H Separation of CA from VA U (serial number,PKU, , issue date, exp. date, , ...) C =SIGCA RA Authenticates User Signs Cert Only VA can release tokens! X100 VA VA Manages the Cert
Z365 B365 A365 Z364 B364 A364 H H H CA Z363 B363 A363 H H H ... ... ... H H H Z1 B1 A1 H H H … Z0 VA B0 H H H A0 SecLev 2 SecLev 1 SecLev n Multiple Privileges in One Cert (sn, PKU, U, i.d., e.d., , ,…, ) C =SIGCA A364 B363 RA Validator releases the 20-byte proof for the right Sec Lev for that day KEEP SAME CERT!! A362
Z365 B365 A365 Z364 B364 A364 H H H CA Z363 B363 A363 “Landlord” CA H H H ... ... ... H H H Z1 B1 A1 H H H … Z0 B0 H H H A0 VZ VA VB Independent VAs: NOVOMODO: Independent Validators (sn, PKU, U, i.d., e.d., , ,…, ) C =SIGCA A364 Z364 B363 Z271 Each VA manages “own privileges”! Return
SK yes/no *** Subscriber E-Business Relying Party serial # SK Dig. Sig. Secure Vaults(to protect secret signing key SK) digital signature costly to compute costly to check OCSP OCSP Single privilege Doesn’t scale Vaults vulnerable Costly deployment Return