170 likes | 359 Views
NATIONAL ELECTRONIC CONVEYANCING OFFICE. 1. SECURITY OF DIGITAL SIGNATURES Drew Andison. AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE (AGIMO). Identifies certificate format. Identifies this certificate. Algorithm used to sign certificate. Issuer’s signature. Version Serial number
E N D
NATIONAL ELECTRONIC CONVEYANCING OFFICE 1 • SECURITY OF DIGITAL SIGNATURES • Drew Andison AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE (AGIMO)
Identifies certificate format Identifies this certificate Algorithm used to sign certificate Issuer’s signature Version Serial number Signature algorithm Issuer name Validity period Subject name Subject public key Name of Certification Authority Start date and end date Identifies the owner of the key pair Public key value and indicator of its algorithm Ensures cert. Data can’t be changed DIGITAL CERTIFICATE
DIGITAL SIGNATURES 3 • A digital signature functions for electronic documents like a handwritten signature does for printed documents. • Digital Signatures enable "authentication" of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message • Digital Signatures can also support confidentiality (through encryption) and non-repudiation • See http://en.wikipedia.org/wiki/Digital_signature
DEFENCE SIGNALS DIRECTORATE • SEE http://www.dsd.gov.au/_lib/pdf_doc/ism/ISM_Sep09_rev1.pdf • The approved hashing algorithms are: • • Secure Hashing Algorithm 1 (i.e. SHA-1), and • • Secure Hashing Algorithm 2 (i.e. SHA-224, SHA-256, SHA-384 and SHA-512). • The approved asymmetric/public key algorithms are: • • Diffie-Hellman (DH) for agreeing on encryption session keys • • Digital Signature Algorithm (DSA) for digital signatures • • Elliptic Curve Diffie-Hellman (ECDH) for agreeing on encryption session keys • • Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures, and • • Rivest-Shamir-Adleman (RSA) for digital signatures and passing encryption session keys or similar keys. • Most common applications use SHA-1 with RSA
KEY SECURITYSTATE OF PLAY • Private Key Security is the Subscriber’s responsibility • CA’s require Subscribers to sign legal agreements that impose security obligations • There are no specific standards • reasonableness test • Subscribers in effect required to set own security standards
GATEKEEPER & KEY SECURITY • Gatekeeper cannot impose key security practices on end-users • Gatekeeper operates indirectly through accredited Certification Authorities • their CPs must contain statements on key security consistent with Core Obligations Policy • Also make explicit in Subscriber Agreements • CAs cannot really enforce the right behaviour • Once keys and certificates are issued control is effectively lost
GATEKEEPER & KEY SECURITY • Core Obligations Policy • A Subscriber (Certificate Holder) MUST • Only use Keys and Digital Certificates within the limits specified in the CP under which the Digital Certificate was issued; • Take all reasonable measures to protect their Private Key(s) from compromise and take all necessary precautions to prevent loss, disclosure, modification, or unauthorised use of their Private Key(s); • Promptly notify the CA in the event that they consider or suspect there has been a compromise of their Private Keys
KEY SECURITY GUIDANCE • European Union • http://docs.google.com/viewer?a=v&q=cache:VfEfEg9Iy3sJ:www.eugridpma.org/guidelines/pkp/pk-protection-1.0-20091016.pdf+EU+end+user+storage+of+keys+and+ertificates&hl=en&gl=au&pid=bl&srcid=ADGEESgewwRLYKBIjwGX2GPc68a0RGXhajd8uYqmOs1jbOcqg_f8lTWSQ31raK7k1-GMcEND96EWzdBVNr0FVwWj8q8AdrWKPEWEs7hKxP2a7atTYnA3wtIdd6IN_29Uab-yvDskN9JH&sig=AHIEtbRC8DTYtm9uFYfQxXKQUi93SBhEgA • United States • http://www.idmanagement.gov/fpkipa/documents/CommonPolicy.pdf • http://www.abanet.org/scitech/ec/isc/pag/pag.html - see Section D.5.1.3 Physical Security Controls for Subscribers
UTAH DIGITAL SIGNATURE ACT (1995) • 46-3-303 Control of the private key. • (1) By accepting a certificate issued by a licensed certification authority, the subscriber identified in the certificate assumes a duty to exercise reasonable care in retaining control of the private key and keeping it confidential.
IDENTRUST - Access Certificates for Electronic Services • https://secure.identrust.com/certificates/policy/aces/revised_aces_cp_v20040506_1.pdf • The responsibilities of each applicant for an ACES Certificate are to: • • ……take reasonable precautions to prevent any compromise, modification, loss, disclosure, or unauthorized use of the private key;
IDENTRUST SERVICES - ECA CERTIFICATE SUBSCRIBER AGREEMENT • By requesting an ECA Certificate from IdenTrust, You: • b) State that You have kept and You will keep Your Private Key(s) private and that You will safeguard and maintain Your Private Key(s) (and any user IDs, passphrases, passwords or PINs used to activate Your Private Key(s)) in strict secrecy and take reasonable security measures to prevent unauthorized access to, or disclosure, loss, modification, compromise, or use of, Your Private Key(s) and the computer system or media on which Your Private Key(s) are stored;
VeriSign Australia – Gatekeeper ABN-DSC Subscriber Agreement • Organisations must through an Authorised Officer: • (a) ensure that their Key Holders comply with their obligations under this CP and the CPS; • (b) provide measures to avoid Compromise of their Key Holder’s Private Keys; • (c) immediately notify the VeriSign CA when the Organisation becomes aware that a Key Holder’s Private Key has been Compromised, or there is a substantial risk of Compromise; • Key Holders must: • (a) ensure that their Private Keys are not Compromised; • (b) immediately notify the Organisation if they become aware that their Private Key has been Compromised, or there is a substantial risk of Compromise
OFFICE OF THE FEDERAL PRIVACY COMMISSIONER – PKI GUIDELINES • A significant privacy concern in relation to use of PKI is the security of the private key. The integrity of a PKI depends on the subscriber keeping the private key inaccessible to any other party. • Digital certificates and their corresponding key pairs can be stored in a number of ways – on dedicated tokens such as smart cards or directly on computer disk drives. Each storage method has a set of benefits and deficiencies. The choice of particular storage solutions is a matter for each agency in planning its PKI implementation and for clients in reaching a conclusion about using a particular digital certificate. Gatekeeper does not specify particular storage devices, nor does it make any judgment on the merits of any particular storage method.
KEY SECURITY - US GUIDANCE • Subscribers locate their workstation in an area reasonably secure from tampering by unauthorized personnel. • Passwords and PINs should be memorized and not be written down; if a password or PIN needs to be written down it should be stored in a locked file cabinet or container accessible only to designated personnel. • A private key stored on any unsecured medium, such a diskette, it should be stored in a locked file cabinet, secured digital archive, or locked container. • Subscribers should not leave their workstations unattended when cryptography is in an unlocked state (i.e., when the PIN or password has been entered). A workstation that contains private keys encrypted on a hard drive should be physically and logically secured or protected with an appropriate access control product. • Cryptographic tokens should be protected by holders to an extent comparable with that of valuable personal items such as credit cards or drivers’ licenses. • Documents, diskettes, or other items containing PINs or passwords should be disposed of in a manner that does not compromise the confidentiality of the sensitive data.
KEY SECURITY ISSUES • SOFT CERTIFICATES VS TOKENS (SMARTCARDS, USB) • FIREWALLS – EPL • ANTI-VIRUS SOFTWARE - EPL • PASSWORD STRENGTH - ISM • USE OF BIOMETRICS – ACCESS CONTROL • ETC
Thank You • QUESTIONS???