Intel’s Common Data Security Architecture · Intel Corporation 11 CSSM Module Managers u Define...

Intel’sCommon Data SecurityArchitecture

Draft Release 2.0 version 1.0

Presented at TOG Members MeetingPKI-TG Session

June 26, 1997Denise Ecklund, Intel Architecture Labs

Intel Corporation 2

Today’s Agenda

u History of CDSA and TOG, PKI-TG

u Certificate and Key Life Cycle Management

u Key Recovery as an Elective Service Category

u Portable Credentials

u CSSM Enhancements

u Status Update

u Group Questions and Answers

Intel Corporation 3

History of CDSA, TOG, PKI-WG

u Intel presented CDSA at PKI Mtg, Dec-96– PKI-TG requested response to PKI Requirements

u Intel presented PKI-Reqs response, Mar-97– PKI-TG recommended 3 specific extension areas:

» Certificate and Key Life Cycle Management» Key Recovery Services» Portable Credentials Support

– Close review by other TOG members

u Intel presenting these results today, anticipating– PKI-TG recommendation to Technical Managers– July-97 TM recommendation to begin Fast Track

Intel Corporation 4

Acknowledgements

u Intel acknowledges the thorough review and theactive contributions of the following companies inevolving CDSA 2.0– Entrust Technologies

– IBM

– Netscape Communications

– Trusted Information Systems

u Additional, appreciated feedback from– Intel Product Groups building appls on CSSM

– United States NSA

Intel Corporation 5

CDSA - a four layer architecture

Layered Security Services and Tools

CSSM Security API

Common Security Services Manager

Security Service Add-in Modules

Service Provider Interfaces

Defines acommon API

Extensible forall types ofsecurity services

Supports varieddegrees of “security-awareness”in applications

Applications in C++

Applications in C Applications in Java

Method Wrapper

Intel Corporation 6

Summary of Enhancements - 1

u Certificate and Key Life Cycle

– Follows an extended PKIX model» RA, CA, local & remote services

– New APIs for Trust Policy andCertificate Library operations

» create, verify, renew, recover, multisign

– Supports asynchronous operationcompletion

Intel Corporation 7


u Key Recovery– Defines a secure model for individuals, corporations,

and governments to recover encryption keys using abroad range of recovery mechanisms

» encapsulation, escrow, hybrid schemes

– New, independent category of security service

– Uses new dynamic service manager bindingmechanism

– New APIs and new SPIs

– Works with any add-in Cryptographic Service Provider

Intel Corporation 8


u Portable Credentials– No a priori detailed model from PKI-TG– No detailed model defined by working team– Intel view includes at least HW tokens– Latest evolution of CSSM APIs provide

complete support for PKCS#11 and otherHW token interfaces

Intel Corporation 9


u Smoothing it out and putting it all togetheru Infrastructure Enhancements

– Horizontal Extensibility» Dynamic addition of security service categories

– Multi-service Add-in Modules» Allow add-in vendors to provide any subset of SPIs

– Support for TOG’s PKI Model» Use stronger integrity checks among components» In the specs - clarify required vs optional

parameters & behavior

Intel Corporation 10

A Quick Refresher on CDSA

CertificateLibrary

Data store

CommonSecurity ServicesManager

Security Add-inModules

CryptographicServiceProvider

Trust ModelLibrary

CSSM Security API

CSPManager

SPI DLICLITPI

TP ModuleManager

CL ModuleManager

DL ModuleManager

Data StorageLibrary

EMI

ElectiveModule Mgr

New Category

of Service

EM-API

SystemSecurity Services

Middleware

Language Interface Adapter

Layered Services

Tools

Applications in JavaApplications in C++Applications in C

Method Wrapper

Integrity Services Security Contexts


CSSM Module Managers

u Define the CSSM APIs and SPIs for a category ofsecurity services

u Base Service Module Managers are always present– certificate, trust policy, data store, cryptography

u Elective Module Managers are transparently loadedon demand– key recovery, audit/logging, future services

u Provide a subset of the CSSM services– dispatch APIs to zero, one or more SPIs– pre and/or post-process dispatched API calls


CSSM Core Services

u Implement architectural extensibility– Dynamic attaching of add-in modules

(mechanism implementations)

– Transparent attaching of elective module managers(categories of security service)

u Standard component management– install, register-services, query-registry, etc.

u Integrity Services

u Security Context Management– parameters required for cryptographic operations

Certificate and Key Life CycleManagement


SupportingCertificate and Key Life Cycle

u The model is based on PKIX-* and compatiblewith the PGP keyring model

u Basic Entities

– Certification Authority, Client,Registration Authority

– remote or co-located

u Basic Services over the life cycle

– Certificate delivery, verification & mgmt

– asynchronous operation completion possible


Certificate and KeyLife Cycle Phases

CertificateGeneration

Active Phase

CertUpdate Cert

Recovery

CertRetrieval

CertVerificationCert

Revocation

Registrationof Certificate Bearer Key Generation

(and other CA-provided services)

CertMultiSign


SupportingCertificate Life Cycle in CSSM

u New APIs for Trust Policy Modules– Verification of trust to perform an action

(based on certificates)

u New APIs for Certificate Library Modules– Certificate create, renew, recover, multisign


Trust Policy API - Review

u Access to certificate-based trust models– semantics of trust

u Generic API supports different trust models– from hierarchical to introducer

u Basic categories of operations:– verify application-specific action

– operates on groups of semantically-relatedcertificates


TP_CertVerify ( )

u Verification is based on– chain of certificates– a set of trusted certificates (cross-certified)– a set of specified policies– the action to be performed (if the cert verifies)

u Outputs– Yes or No– list of evidence from the verification process– automatic initiation of specified action


Cert Management API - Overview

u Defines memory-based manipulation of– certificates and certificate revocation lists (CRL)

u Generic API so libraries can supportdifferent certificate types

u CSSM_OIDs name cert and CRL fields– CSSM_OID structure holds a generic object identifier– Examples: ASCII string, enum value, X.509 OID, S-expression

u Basic categories of operations:– create, sign, verify– view, get_field_values– life cycle mgmt, type_translations


APIs support AsynchronousCompletion of Operations

u Some operations invoke remote servicesthat may not complete for “days”– Examples: certificate enrollment

u Two APIs per asynchronous operation– initiator function

» returns: estimated time to completion, transactionID

– result retrieval function» returns: result or new estimated time to completion


Certificate Creationand Certificate Renewal

u Set-up and initialize» CL_RegistrationFormRequest; CL_CertCreateTemplate

u CL_CertRequest– keypair generation by client or by CA/RA– submit request to CA entity

» include authorization info and certificate template

– request additional CA “backend” services» key backup, cert renewal notice, white pages listing, etc.

u CL_CertRetrieve– retrieve certificate ( and remote keypair )

RA

CA

CA


Certificate Recovery - setup

u CL_CertRecoveryRequest– requires authorization data

– can request a subset of your certificate history

u CL_CertRecoveryRetrieve– retrieves a set of certificates and their

associated private keys into a local cache

– certificates and keys in the cache areprotected and ready to be recovered

– also outputs the number of cached items

CA

CAcache


Certificate Recovery - completion

u CL_Recover Cert– recover/look at each cached certificate

– determine which keys to recover

u CL_RecoverCertKey– recover the I-th private key into a local CSP

– provide new passphrase to secure recovered key

u CL_CertAbortRecovery– scrubs the cache and ends the recovery process

{cert3, key3}{cert2, key2}

{cert1, key1}

{cert3, key3}{cert2, key2}

{cert1, key1}CSP

secured storage

empty cache


Certificate MultiSign

u CL_CertMultiSignRequest

– request additional signature on a certificate

– uses a selectable signing scope

– does not invalidate earlier signature(s)

– supports notary public functionality

u CL_CertMultiSignRetrieve

– retrieve the multiply-signed certificate

CA

CA

Key Recovery


The Purpose of Key Recovery

u The primary purpose of a Key Recovery is torecover a key that has been used to ensure theconfidentiality of some data

Data Source Data Destination

InterceptionPoint

Datato Send Data

Received

OtherLocal,

Encrypted Data

Encrypted Data

Corporations and governmentsrecover a key to decryptintercepted, cipher data

Individuals and corporationsrecover a key to decryptstored, cipher data


Using Key Recovery

u Key Recovery is useful when a key is lost,corrupted or unavailable

u Using KR is voluntary or directed by policy

u Provided as an explicit service– if selected, it must be invoked by an application

or a layered service


The Model for Key Recovery (KR)

u Participants and their Roles in Key Recovery

Recovery Agents: a set of trusted, independent systemsthat work together to recover keys on demand

Participating Parties: users or systems that enable keyrecovery by generating the key recovery informationthat is required by their recovery agents

Authorized Parties: users or systems that are authorizedto recover their keys or someone else’s keys from a setof recovery agents


Key Recovery Concepts (KR)

u Objects and their Purpose in Key Recovery

Key Recovery Fields: information that enables specifiedkey recovery agends to recover a referenced key

Key Recovery Policy: a statement defining who must usekey recovery, when it must be used, what mechanismmust be used, and what KR agents can be used

Key Recovery Mechanism: a set of functions that generateand process key recovery fields and recover keys onrequest


Phases of the KR Process

Key_Exch,KRFields,

CipherText

1) Key RecoveryRegistration

(optional)

Authorization data,KRFields

Decryption Key

KeyRecoveryServer

KR-enabledCryptographicApplication A

RegistrationMessages

KRRegistrationApplication

Key RecoveryAgent(s)/Server

2) Key RecoveryEnablement

3) Key RecoveryRequest

KR-enabledCryptographicApplication B

KRAgent-1

KRAgent-2

KRAgent-N

KRRequestApplication

Policy: Encrypt: …..

0) KR PolicyDefinition


Key Recovery In CDSA

SPITPI CLIDLI

CLM MgrDLM MgrCSP MgrTPM Mgr KRM Mgr

KR-SPI

CSSM Security API KR-API

Key RecoveryService Provider

TPLib

CLLib

CSPLib

DLLib

IPSECSMIME

Protocol HandlersSSL

Context MgmtIntegrity

EDI

CommonSecurityServicesManager

LayeredSecurityServices

SecurityAdd-inModules

Applications in C++

Applications in C Applications in Java

Method Wrapper


Attaching Add-in Modulesand Elective Module Managers

CSSM Core Service Actions:If cateory is Electivethen (1) transparently load module manager (2) perform the attach operation for the add-in module

Application

Hdl = attach( KeyRecov1 );

InstalledKR

Modules

InstalledCSP

Modules

InstalledTP

ModulesInstalled

CL Modules

InstalledDL

Modules

CSSM

CSP1 TP2 CL1 DL1

CSPMMgr

TPMMgr

CLMMgr

DLMMgr

Mgr forElective

KR Module

KRModule

Mgr forElective

KR Module

1

2


Key Recovery APIs - categories

u Registration - optinal register with KR agents/server

u Context - create security context for KR enablement

u Enablement - create KR fields

u Request - request a recovery by a set of KR agents


KR and CSP Module ManagersWork Together

u All Module Managers can share stateand work together

u KR Module Manager (KRMM) is asophisticated module manager– understands CSSM security context structure

– shares state with the Cryptographic MM

– makes policy decisions

Portable Credentials

One Piece of the Puzzle:PKCS#11 and other HW Tokens


Cryptographic Services API

u APIs appropriate for hardware tokens,software modules, & hybrids– CSSM Cryptographic APIs subsume legacy APIs

» GCS-API, PKCS#11, Fortezza Cryptoki, etc.

u Basic Categories of Operations– sign/verify– digest/hash– encrypt/decrypt– key operations– random number generation

u Help manage parameters and their state

GCS-API

PKCS#11

CSSM API


Enhancements to Fully SupportPKCS#11 Service Model

u New APIs for– login/logout, sessions, optional password/PIN

u Extended structures for– key formats: reference, wrapped, raw

– each device slot is one subservice

u Features– Dynamic description of capabilities

– Multi-service add-ins for (CSP + DL) APIs

Reader

A-Card

B-Card


Multi-Service Add-in Modules

Common Security Services Manager

CSPMMgr

TPMMgr

CLMMgr

DLMMgr

ElectiveMMgr

CSP1TP2 CL1DL1 NewService

PKCS#11 Add-in Module

Application: Hdl = CSSM_Attach(pkcs11_guid) CSSM_Encrypt(Hdl, …) CSSM_DL_DataGetFirst(Hdl, …)

Application Actions:Attach one service moduleReceive one HandleUse the handle for CSP ops and for DL ops

Add-in Module:(1) Implements functions from multiple service categories(2) Registers multiple sets of functions with CSSM


Adaptation Layers in CDSA

Example legacy CSPs:BSAFEPKCS#11 HW tokensFortezza token

CSSM API

CSPManager

SPI DLICLITPI

TPMMgr

CLMMgr

DLMMgr

C LibTP Lib

LegacyCryptographic

ServiceProvider

AdaptationLayer

SPIto

SPINativeCSP

Data store

D Lib


Intel’s PKCS#11 Adaptation Layer

u One implementation of PKCS#11 adapter

u Inter-operating devices in Intel Labs (today)– Rainbow (CryptoSwift, add-in card)

– DataKey (Smart card)

– Litronic (ME2000, CryptOS)

– Fischer (Smart disk)

– Chrysalis (Luna)

u New devices under test– GemPlus

Reader AS-Card

Data

Sign Data

Verify Data Signature

Reader BS-Card

Data

CSSM Enhancements

Putting it all together, with integrity


Integrity Requirements

u In a dynamic environment, components mustauthenticate themselves– prove identity

– prove integrity

u Components must have signed credentials– certificate

– manifest

u Component object modules must be signed

CSSMModule

Mgr

ModuleAttach

Who areyou?

Are you“the CSSM”?


The Model for Credentials

u Certificate chain represents trust in a vendor– used to prove identity– supported by real world licenses

u Manifest describes the integrity of– the module’s functional capabilities– the module’s object code (this is the module)

u Acknowledgements to Netscape and Javasoft for– early work on Manifests (W3C effort w/ Intel)– review of Intel’s Enhanced Manifests


An Add-in Module’s Certificate

u A hierarchical chain of three certificates– CSSM vendor owns the root certificate

– Add-in module vendor owns the middle certificate

– The module owns the leaf certificate

Certificate File

CSSM Vendor’sCertificate

(self-signed)

Add-in ModuleVendor’s Certificate

(signed byCSSM Vendor)

Product Certificate(signed by

Add-in ModuleVendor)


A ManifestManifest File

ManifestSections

Name:

MD5-Digest:

SectionName:

Name:

MD5-Digest:

SectionName:

Capabilities

Capabilities

Object Reference

Object Reference


CSSM Integrity Services

u Built on an Embedded Integrity ServicesLibrary (EISL)

u Use self_check to establish a trust perimeter

u Use credential-based bilateral authenticationprocedure to extend trust perimeterto dynamicallyattaching components

EISL

CSSM base EISL

CSSM base EISL

EISL

Module

Status and Summary


Summary ofour Response to PKI-TG

u Evolution– new APIs for Cert Life Cycle and Key Recovery– modified CSSM APIs based on experience

u Future enhancements - layered technologies– continued work on Object-oriented i/f: e.g., Java,– support high level APIs, e.g., GSS, SSPI, etc.– provide packagable protocols, e.g., PKCS#12

u Documents/Specifications available– 13 documents: Arch, APIs, SPIs, Special Srvs


Categorization ofCDSA Documentation

Normative

AppsDevelopers

CSSMDevelopers

Add-inModuleDevelopers

Informative

CSSM-API, EISL, KR-API CDSA,Signed-Mfests

(1 of) {TPI, CLI, DLI, SPI, KRI }CSSM-AMmgmt, EISL

CSSM-API, EISL,CSSM-EMMI,CSSM-AMmgmt

CDSA,API,Signed-MfestsCSSM Policy

CDSA,Signed-Mfests

3

4

3+


Status of CDSAReference Implementation

u Release 1.1.a on the Intel Web site(http://www.intel.com/ial/security/)– for Windows* 95 and Windows NT*

– statically linked, exportable CSP

– used in two Intel applications

u Release 1.2 will be on web site Sept-97– same as release 2.0 minus some APIs

u Release 2.0 before Dec-97


Status of CDSAfor TOG Fast Track Process

u Intel– is a specification member of the TOG PKI-TG

– has signed TOG Fast Track Agreement

– is prepared to present specs for TOG TechnicalManagers Review in July 1997

– is preparing for the normal Fast Track processduring August and September 1997

– is committed to carefully consider all feedbackresulting from Fast Track review

CDSA Questions for the Panel


Example - Limited StrengthEncryption or Failure without KR

6.DecryptData(HB1,Enc(msg))

(side A)Communication

Protocol

(side B)Communication

Protocol

CSSMCSSM

1.CreateKeyHandle

4.ObtainKeyHandle

KeyExch, Enc(msg)

2.ContextHandleHA1

3.EncryptData(HA1, msg)

5.ContextHandleHB1

Policy: Encrypt: <= 56 bits or >56 bits + KR

Short key encryptionor the EncryptData call fails


Example -KR-enabled Communication

Policy: Encrypt: <= 56 bits or >56 bits + KR

KR and CSPs are separate,but they work together via theKRMM and the CSP MM

10.DecryptData(HB2, Enc(msg))

(side A)Communication

Protocol(side B)

CommunicationProtocol

CSSM-KRMMCSSM-KRMM

1.CreateKeyHandle

6.ObtainKeyHandle

KeyExch KRFields,Enc(msg)

2.KeyHandleHA1

5.EncryptData(HA2, msg)

7.KeyHandleHB1

InterceptPoint

3. GenerateRecovery Fields

4.HandleHA2,KRFields

8. ProcessRecovery Fields

9.HandleHB2


MS CAPI 2.0 as aMulti-Service Add-in Module

u MS CAPI 2.0 is a multi-service provider– cryptographic operations

– certificate store

– certificate encode/decode

CSSM API

CSPManager

SPI TPICLIDLI

DLMMgr

CLMMgr

TPMMgr

TP Lib

MS CAPI 2.0 Implementation

Adaptation Layer

Data store


A Signed Manifest

Signature Block FileSigner Information File

Signature BlockDigestvalue

EncryptedHash Value

Hash ofSignatureInfo File

PKCS#7Signature Block

Manifest File

Name:MD5-Digest:

SectionName:

Digest of objectrefenced by Name

ManifestSections Relative

File Name

URL

Name:MD5-Digest:

SectionName:

In Memory

Digest of objectrefenced by Name

Capabilities

Capabilities

Digest of objectrefenced by NameName:

MD5-Digest:

SectionName:

Capabilities

SignerInfo File

ManifestSectionIdentifier

Hash ofManifest Section

Name:MD5-Digest:

SectionName:

Capabilities

All signing is performed using the module’s certificate


System-wide Policy Compliance

u A system-wide policy can be defined– constrains the use of security services

» restrict certificate creation or cryptographic opers

– specified by a certificate and signed manifest

u CSSM can provide generic mechanisms to recordand test for policy compliance– record and protect system-wide policy at CSSM install

– check service provider’s capabilities at service providerinstall and attach

– check function calls against system-wide contraints


Credential Verification Procedure

u A six step procedure packaged as twofunctions in the EISL1. Verify the certificate chain

2. Verify the signature on the manifest

3. Verify the digest values for each of the manifest sections

4. For each manifest section, verify the digest value on each referenced object code file

5. Verify secure linkage» verified object code is the code you are about to invoke

» or the code that invoked you


Bilateral Authentication

u Performed as the first phaseof ModuleAttach processing

u Six step procedure1. CSSM performed a self integrity check

2. CSSM performs an integrity check of the attaching module

3. CSSM verifies secure linkage by checking that the initiation point iswithin the verified module

4. The add-in module performs a self integrity check

5. The add-in module performs an integrity check of CSSM

6. The add-in module verifies secure linkage by checking that the functioncall originated from the verified CSSM

u Use EISL functions

CSSMModule

Mgr

ModuleAttach

Who areyou?

Are you“the CSSM”?

Intel’s Common Data Security Architecture · Intel Corporation 11 CSSM Module Managers u Define...

Documents

Transcript of Intel’s Common Data Security Architecture · Intel Corporation 11 CSSM Module Managers u Define...