The Public Key MuddleHow to manage transparent end-to-end

encryption in organizations

Dr. Gunnar Jacobson

CEO

Secardeo GmbH

Business Communication• E-Mail

– Desktop (e.g. Outlook) Cloud (e.g. Office 365)– More than 50% opened on Mobile Device

• Instant Messaging (IM)– WhatsApp/WeChat (private) -- Skype for Business– Business use growing faster than private use

• File Exchange– Increasing adoption of

Cloud Storage (Box, DropBox, OneDrive…)

• Voice over IP (VoIP)– Analog/ISDN is replaced by VoIP

Why do we have to encrypt?

• Allianz Top Business Risks 2015:#5: Cyber crime:

#1: Data theft and manipulation

• Risks are caused by

– Internal attackers (data stealing)

– Industrial espionage (APT)

– Intelligence agencies (data interception)

• Countermeasure: End-to-End Encryption

BobBob‘sPrivate Key

Text

Directory

AliceBob‘s

Public Key

Text

Public Key Encryption

End-to-End Encryption - E2EE

E2EE Requirements

• En-/Decryption is done by the (E-mail, IM, File-Exchange, VoIP) App on the device

• Interoperability is a key issue for B2B

• Encryption is legal – without backdoors

• Completely transparent to the user

• Low efforts for public key management

Key Management Challenges

Internet

Alice Bob

„Is my private keyavailable on allof my devices?“

„Do my apps workwith my key?“

Key Management Challenges

Internet

„Can I trustthis public key?“

„How can I retrieveBob‘s public key?“

Alice Bob

„Is my private keyavailable on allof my devices?“

„Do my apps workwith my key?“

Trust Models

Alice BobKBKA

CA

Provider

Bilateral Trust

Web-of-Trust

IntermediaryTrust

Hierarchical Trust

Trust Models

Alice BobKBKA

CA

Provider

Bilateral Trust

Web-of-Trust

IntermediaryTrust

Hierarchical Trust

A hierarchical trust modelbased on X.509 certificates

is the preferred model formedium & large organizations

Public Key Retrieval

• Public Keys are retrieved from

– Keyserver

– Certificate Directory Server

– Intermediary (Service Provider)

• Global retrieval of any user‘s key is required

• Security mechanisms for address harvesting

• Manual or (better) automatic retrieval (LDAP)

Private Key Distribution

• Smartcards are secure and portable but

– Expensive

– Poorly supported on mobile devices

• Software keys

– PKCS#12 is the standard format

– Manual distribution is difficult and costly

– Automated key distribution required

– Limitations caused by MDMs and Apple

E2EE Applications

• Electronic MailPGP

– used by individuals

– Add-on products required

S/MIME & X.509

– Widespread use by organizations

– Supported by all major e-mail clients

• Instant Messaging (IM)– Poor support of XMPP E2EE with PGP & S/MIME

– Popular products use OTR (man. fingerprint check)

Contrary requirements

Business E-Mail Private IM/Chat

Non-Repudiability Repudiability

Key Recovery Forward Secrecy

Organisational Trust Bilateral Trust

Interoperability Proprietary Solution

Compliance -

E2EE Applications (2)

• File Exchange– PGP (used by individuals)

– MS EFS (used within corporate domain)

– Cloud storage (proprietary): BoxCryptor, ViiVo,…

– Cloud storage: SecureZIP (PGP), certDrive (X.509)

• VoIP– Poor support of SRTP E2EE with MIKEY X.509 certs

– Cisco SCCP supports E2EE with X.509 certs

– Popular products use ZRTP(manual check of Short Auth. String)

Key Management for E2EE

High interoperability S/MIME X.509 based

Key Management

Poor interoperabilty Standards exist but Proprietary solutions

dominate

Key Management alternatives

a) Proprietary, vendor driven– Buy best-of-breed products

– Use vendor specific key management

– Vendor/service provider will control your keys

b) Standardized, universal– Rely on open and well established standards

– Use products that support digital certificates

– Build a universal key management infrastructure

– Keep corporate control of your keys

Proprietary Key Management

Proprietary Key Management

Different product vendors:Diversity of Key ManagementInconsistent Trust ModelsHigh efforts for Key DistributionLoss of corporate control of keys

Universal Key Management

Universal Key Management

Universal Key Management

Universal Key Management

MobileDevice

Manage-ment

Universal Key Management

MobileDevice

Manage-ment

xMDMProxy

Key Reco-very Server

Certificate Enrollment Proxy

• Acts like a Windows CA

• Autoenrollment from Non-Microsoft CAs

• Auto-Revocation & -Modification

• Smart Key-Backup & Recovery

• Automated distribution of private keys tomobile devices

• Using accepted certificates from Public CA

Certificate Directory Server

• Automated, secure publishing of internalcertificates

• Automated search for standard E-Mailclients via LDAP and ActiveSync in 140 Directories for

• User-transparent E2EE

• Centralized trust managment & validation

• Ad-hoc issuance for partners who don‘t have a certificate

MDM Proxy

• Solves conflicts with managed iOS

• Forwards MDM protocol messages

• Adds PKCS#12 & password to Exchange profile

• Profile is transferred securely by

– TLS

– Optional E2EE of profile

Summary

• Proprietary E2EE apps cause key managementissues

• An X.509 PKI is the basis for universal corporatekey management– Using globally accepted certificates– Automation of key management tasks– Key distribution to mobile devices

• Use E2EE apps that support X.509– Improve security– Save operational costs– Gain user satisfaction

Thank you for your Attention!