Transcript Finance Powerpoint template

1
NATIONAL ELECTRONIC CONVEYANCING
OFFICE
SECURITY OF DIGITAL
SIGNATURES
Drew Andison
AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE (AGIMO)
DIGITAL CERTIFICATE
2
Identifies certificate format
Algorithm used to sign
certificate
Start date and end
date
Identifies this certificate
Version
Serial number
Signature algorithm
Issuer name
Validity period
Subject name
Subject public key
Name of
Certification
Authority
Issuer’s signature
Identifies the owner of the
key pair
Public key value and indicator of
its algorithm
Ensures cert. Data can’t be
changed
DIGITAL SIGNATURES
3
•
A digital signature functions for electronic documents like a
handwritten signature does for printed documents.
•
Digital Signatures enable "authentication" of digital messages,
assuring the recipient of a digital message of both the identity of the
sender and the integrity of the message
•
Digital Signatures can also support confidentiality (through
encryption) and non-repudiation
•
See http://en.wikipedia.org/wiki/Digital_signature
DIGITAL SIGNATURES
4
5
DEFENCE SIGNALS DIRECTORATE
SEE http://www.dsd.gov.au/_lib/pdf_doc/ism/ISM_Sep09_rev1.pdf
The approved hashing algorithms are:
• Secure Hashing Algorithm 1 (i.e. SHA-1), and
• Secure Hashing Algorithm 2 (i.e. SHA-224, SHA-256, SHA-384 and SHA-512).
The approved asymmetric/public key algorithms are:
• Diffie-Hellman (DH) for agreeing on encryption session keys
• Digital Signature Algorithm (DSA) for digital signatures
• Elliptic Curve Diffie-Hellman (ECDH) for agreeing on encryption session keys
• Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures, and
• Rivest-Shamir-Adleman (RSA) for digital signatures and passing encryption
session keys or similar keys.
Most common applications use SHA-1 with RSA
KEY SECURITY
STATE OF PLAY
6
• Private Key Security is the Subscriber’s
responsibility
• CA’s require Subscribers to sign legal agreements
that impose security obligations
• There are no specific standards
•
reasonableness test
• Subscribers in effect required to set own security
standards
7
GATEKEEPER & KEY SECURITY
• Gatekeeper cannot impose key security practices
on end-users
• Gatekeeper operates indirectly through accredited
Certification Authorities
• their CPs must contain statements on key
security consistent with Core Obligations Policy
• Also make explicit in Subscriber Agreements
• CAs cannot really enforce the right behaviour
• Once keys and certificates are issued control is
effectively lost
8
GATEKEEPER & KEY SECURITY
Core Obligations Policy
A Subscriber (Certificate Holder) MUST
• Only use Keys and Digital Certificates within the limits
specified in the CP under which the Digital Certificate was
issued;
• Take all reasonable measures to protect their Private
Key(s) from compromise and take all necessary
precautions to prevent loss, disclosure, modification, or
unauthorised use of their Private Key(s);
• Promptly notify the CA in the event that they consider or
suspect there has been a compromise of their Private Keys
KEY SECURITY
GUIDANCE
9
European Union
http://docs.google.com/viewer?a=v&q=cache:VfEfEg9Iy3sJ:www.eugridpma.org/guidelines/
pkp/pk-protection-1.020091016.pdf+EU+end+user+storage+of+keys+and+ertificates&hl=en&gl=au&pid=bl&
srcid=ADGEESgewwRLYKBIjwGX2GPc68a0RGXhajd8uYqmOs1jbOcqg_f8lTWSQ31r
aK7k1GMcEND96EWzdBVNr0FVwWj8q8AdrWKPEWEs7hKxP2a7atTYnA3wtIdd6IN_29Uab
-yvDskN9JH&sig=AHIEtbRC8DTYtm9uFYfQxXKQUi93SBhEgA
United States
http://www.idmanagement.gov/fpkipa/documents/CommonPolicy.pdf
http://www.abanet.org/scitech/ec/isc/pag/pag.html - see Section D.5.1.3 Physical Security
Controls for Subscribers
10
UTAH DIGITAL SIGNATURE ACT (1995)
46-3-303 Control of the private key.
(1) By accepting a certificate issued by a licensed certification
authority, the subscriber identified in the certificate assumes
a duty to exercise reasonable care in retaining control of the
private key and keeping it confidential.
11
IDENTRUST -
Access Certificates for
Electronic Services
https://secure.identrust.com/certificates/policy/aces/revised_ace
s_cp_v20040506_1.pdf
The responsibilities of each applicant for an ACES Certificate
are to:
• ……take reasonable precautions to prevent any compromise,
modification, loss, disclosure, or unauthorized use of the
private key;
12
IDENTRUST SERVICES - ECA
CERTIFICATE SUBSCRIBER AGREEMENT
By requesting an ECA Certificate from IdenTrust, You:
b) State that You have kept and You will keep Your Private Key(s)
private and that You will safeguard and maintain Your Private
Key(s) (and any user IDs, passphrases, passwords or PINs used to
activate Your Private Key(s)) in strict secrecy and take reasonable
security measures to prevent unauthorized access to, or disclosure,
loss, modification, compromise, or use of, Your Private Key(s) and
the computer system or media on which Your Private Key(s) are
stored;
13
VeriSign Australia – Gatekeeper ABNDSC Subscriber Agreement
Organisations must through an Authorised Officer:
(a) ensure that their Key Holders comply with their obligations under this CP
and the CPS;
(b) provide measures to avoid Compromise of their Key Holder’s Private Keys;
(c) immediately notify the VeriSign CA when the Organisation becomes aware
that a Key Holder’s Private Key has been Compromised, or there is a
substantial risk of Compromise;
Key Holders must:
(a) ensure that their Private Keys are not Compromised;
(b) immediately notify the Organisation if they become aware that their Private
Key has been Compromised, or there is a substantial risk of Compromise
14
OFFICE OF THE FEDERAL PRIVACY
COMMISSIONER – PKI GUIDELINES
A significant privacy concern in relation to use of PKI is the security of
the private key. The integrity of a PKI depends on the subscriber
keeping the private key inaccessible to any other party.
Digital certificates and their corresponding key pairs can be stored in a
number of ways – on dedicated tokens such as smart cards or
directly on computer disk drives. Each storage method has a set of
benefits and deficiencies. The choice of particular storage solutions
is a matter for each agency in planning its PKI implementation and
for clients in reaching a conclusion about using a particular digital
certificate. Gatekeeper does not specify particular storage devices,
nor does it make any judgment on the merits of any particular
storage method.
KEY SECURITY - US GUIDANCE
15
Subscribers locate their workstation in an area reasonably secure from
tampering by unauthorized personnel.
Passwords and PINs should be memorized and not be written down; if a
password or PIN needs to be written down it should be stored in a locked
file cabinet or container accessible only to designated personnel.
A private key stored on any unsecured medium, such a diskette, it should be
stored in a locked file cabinet, secured digital archive, or locked container.
Subscribers should not leave their workstations unattended when cryptography
is in an unlocked state (i.e., when the PIN or password has been entered). A
workstation that contains private keys encrypted on a hard drive should be
physically and logically secured or protected with an appropriate access
control product.
Cryptographic tokens should be protected by holders to an extent comparable
with that of valuable personal items such as credit cards or drivers’ licenses.
Documents, diskettes, or other items containing PINs or passwords should be
disposed of in a manner that does not compromise the confidentiality of the
sensitive data.
KEY SECURITY ISSUES
16
• SOFT CERTIFICATES VS TOKENS (SMARTCARDS, USB)
• FIREWALLS – EPL
• ANTI-VIRUS SOFTWARE - EPL
• PASSWORD STRENGTH - ISM
• USE OF BIOMETRICS – ACCESS CONTROL
ETC
17
Thank You
QUESTIONS???