The Public Key Muddle How to manage transparent end-to-end encryption in organizations Dr. Gunnar Jacobson CEO Secardeo GmbH
Business Communication • E-Mail – Desktop (e.g. Outlook) Cloud (e.g. Office 365) – More than 50% opened on Mobile Device • Instant Messaging (IM) – WhatsApp/WeChat (private) -- Skype for Business – Business use growing faster than private use • File Exchange – Increasing adoption of Cloud Storage (Box, DropBox, OneDrive …) • Voice over IP (VoIP) – Analog/ISDN is replaced by VoIP
Why do we have to encrypt? • Allianz Top Business Risks 2015: #5: Cyber crime: #1: Data theft and manipulation • Risks are caused by – Internal attackers (data stealing) – Industrial espionage (APT) – Intelligence agencies (data interception) • Countermeasure: End-to-End Encryption
Public Key Encryption Text Text Bob‘s Bob Bob‘s Alice Public Key Private Key Directory
End-to-End Encryption - E2EE
E2EE Requirements • En-/Decryption is done by the (E-mail, IM, File-Exchange, VoIP) App on the device • Interoperability is a key issue for B2B • Encryption is legal – without backdoors • Completely transparent to the user • Low efforts for public key management
Key Management Challenges „Is my private key available on all of my devices ?“ Internet Alice Bob „Do my apps work with my key ?“
Key Management Challenges „Is my private key „ How can I retrieve available on all Bob‘s public key ?“ of my devices ?“ Internet Alice Bob „Do my apps work „Can I trust with my key ?“ this public key ?“
Trust Models CA Hierarchical Trust Bilateral Trust K A K B Alice Bob Intermediary Trust Web-of-Trust Provider
Trust Models CA Hierarchical Trust A hierarchical trust model Bilateral Trust based on X.509 certificates K A K B Alice Bob is the preferred model for medium & large organizations Intermediary Trust Web-of-Trust Provider
Public Key Retrieval • Public Keys are retrieved from – Keyserver – Certificate Directory Server – Intermediary (Service Provider) • Global retrieval of any user‘s key is required • Security mechanisms for address harvesting • Manual or (better) automatic retrieval (LDAP)
Private Key Distribution • Smartcards are secure and portable but – Expensive – Poorly supported on mobile devices • Software keys – PKCS#12 is the standard format – Manual distribution is difficult and costly – Automated key distribution required – Limitations caused by MDMs and Apple
E2EE Applications • Electronic Mail PGP – used by individuals – Add-on products required S/MIME & X.509 – Widespread use by organizations – Supported by all major e-mail clients • Instant Messaging (IM) – Poor support of XMPP E2EE with PGP & S/MIME – Popular products use OTR (man. fingerprint check)
Contrary requirements Business E-Mail Private IM/Chat Non-Repudiability Repudiability Key Recovery Forward Secrecy Organisational Trust Bilateral Trust Interoperability Proprietary Solution Compliance -
E2EE Applications (2) • File Exchange – PGP (used by individuals) – MS EFS (used within corporate domain) – Cloud storage (proprietary): BoxCryptor, ViiVo ,… – Cloud storage: SecureZIP (PGP), certDrive (X.509) • VoIP – Poor support of SRTP E2EE with MIKEY X.509 certs – Cisco SCCP supports E2EE with X.509 certs – Popular products use ZRTP (manual check of Short Auth. String)
Key Management for E2EE High interoperability Poor interoperabilty S/MIME Standards exist but X.509 based Proprietary solutions Key Management dominate
Key Management alternatives a) Proprietary, vendor driven – Buy best-of-breed products – Use vendor specific key management – Vendor/service provider will control your keys b) Standardized, universal – Rely on open and well established standards – Use products that support digital certificates – Build a universal key management infrastructure – Keep corporate control of your keys
Proprietary Key Management
Proprietary Key Management Different product vendors: Diversity of Key Management Inconsistent Trust Models High efforts for Key Distribution Loss of corporate control of keys
Universal Key Management
Universal Key Management
Universal Key Management
Universal Key Management Mobile Device Manage- ment
Universal Key Management Mobile Device MDM Manage- Proxy ment x Key Reco- very Server
Certificate Enrollment Proxy • Acts like a Windows CA • Autoenrollment from Non-Microsoft CAs • Auto-Revocation & -Modification • Smart Key-Backup & Recovery • Automated distribution of private keys to mobile devices • Using accepted certificates from Public CA
Certificate Directory Server • Automated, secure publishing of internal certificates • Automated search for standard E-Mailclients via LDAP and ActiveSync in 140 Directories for • User-transparent E2EE • Centralized trust managment & validation • Ad-hoc issuance for partners who don‘t have a certificate
MDM Proxy • Solves conflicts with managed iOS • Forwards MDM protocol messages • Adds PKCS#12 & password to Exchange profile • Profile is transferred securely by – TLS – Optional E2EE of profile
Summary • Proprietary E2EE apps cause key management issues • An X.509 PKI is the basis for universal corporate key management – Using globally accepted certificates – Automation of key management tasks – Key distribution to mobile devices • Use E2EE apps that support X.509 – Improve security – Save operational costs – Gain user satisfaction
Thank you for your Attention!
Recommend
More recommend
