the public key muddle - eema · pdf filethe public key muddle ... in organizations dr. gunnar...
TRANSCRIPT
The Public Key MuddleHow to manage transparent end-to-end
encryption in organizations
Dr. Gunnar Jacobson
CEO
Secardeo GmbH
Business Communication• E-Mail
– Desktop (e.g. Outlook) Cloud (e.g. Office 365)– More than 50% opened on Mobile Device
• Instant Messaging (IM)– WhatsApp/WeChat (private) -- Skype for Business– Business use growing faster than private use
• File Exchange– Increasing adoption of
Cloud Storage (Box, DropBox, OneDrive…)
• Voice over IP (VoIP)– Analog/ISDN is replaced by VoIP
Why do we have to encrypt?
• Allianz Top Business Risks 2015:#5: Cyber crime:
#1: Data theft and manipulation
• Risks are caused by
– Internal attackers (data stealing)
– Industrial espionage (APT)
– Intelligence agencies (data interception)
• Countermeasure: End-to-End Encryption
BobBob‘sPrivate Key
Text
Directory
AliceBob‘s
Public Key
Text
Public Key Encryption
End-to-End Encryption - E2EE
E2EE Requirements
• En-/Decryption is done by the (E-mail, IM, File-Exchange, VoIP) App on the device
• Interoperability is a key issue for B2B
• Encryption is legal – without backdoors
• Completely transparent to the user
• Low efforts for public key management
Key Management Challenges
Internet
Alice Bob
„Is my private keyavailable on allof my devices?“
„Do my apps workwith my key?“
Key Management Challenges
Internet
„Can I trustthis public key?“
„How can I retrieveBob‘s public key?“
Alice Bob
„Is my private keyavailable on allof my devices?“
„Do my apps workwith my key?“
Trust Models
Alice BobKBKA
CA
Provider
Bilateral Trust
Web-of-Trust
IntermediaryTrust
Hierarchical Trust
Trust Models
Alice BobKBKA
CA
Provider
Bilateral Trust
Web-of-Trust
IntermediaryTrust
Hierarchical Trust
A hierarchical trust modelbased on X.509 certificates
is the preferred model formedium & large organizations
Public Key Retrieval
• Public Keys are retrieved from
– Keyserver
– Certificate Directory Server
– Intermediary (Service Provider)
• Global retrieval of any user‘s key is required
• Security mechanisms for address harvesting
• Manual or (better) automatic retrieval (LDAP)
Private Key Distribution
• Smartcards are secure and portable but
– Expensive
– Poorly supported on mobile devices
• Software keys
– PKCS#12 is the standard format
– Manual distribution is difficult and costly
– Automated key distribution required
– Limitations caused by MDMs and Apple
E2EE Applications
• Electronic MailPGP
– used by individuals
– Add-on products required
S/MIME & X.509
– Widespread use by organizations
– Supported by all major e-mail clients
• Instant Messaging (IM)– Poor support of XMPP E2EE with PGP & S/MIME
– Popular products use OTR (man. fingerprint check)
Contrary requirements
Business E-Mail Private IM/Chat
Non-Repudiability Repudiability
Key Recovery Forward Secrecy
Organisational Trust Bilateral Trust
Interoperability Proprietary Solution
Compliance -
E2EE Applications (2)
• File Exchange– PGP (used by individuals)
– MS EFS (used within corporate domain)
– Cloud storage (proprietary): BoxCryptor, ViiVo,…
– Cloud storage: SecureZIP (PGP), certDrive (X.509)
• VoIP– Poor support of SRTP E2EE with MIKEY X.509 certs
– Cisco SCCP supports E2EE with X.509 certs
– Popular products use ZRTP(manual check of Short Auth. String)
Key Management for E2EE
High interoperability S/MIME X.509 based
Key Management
Poor interoperabilty Standards exist but Proprietary solutions
dominate
Key Management alternatives
a) Proprietary, vendor driven– Buy best-of-breed products
– Use vendor specific key management
– Vendor/service provider will control your keys
b) Standardized, universal– Rely on open and well established standards
– Use products that support digital certificates
– Build a universal key management infrastructure
– Keep corporate control of your keys
Proprietary Key Management
Proprietary Key Management
Different product vendors:Diversity of Key ManagementInconsistent Trust ModelsHigh efforts for Key DistributionLoss of corporate control of keys
Universal Key Management
Universal Key Management
Universal Key Management
Universal Key Management
MobileDevice
Manage-ment
Universal Key Management
MobileDevice
Manage-ment
xMDMProxy
Key Reco-very Server
Certificate Enrollment Proxy
• Acts like a Windows CA
• Autoenrollment from Non-Microsoft CAs
• Auto-Revocation & -Modification
• Smart Key-Backup & Recovery
• Automated distribution of private keys tomobile devices
• Using accepted certificates from Public CA
Certificate Directory Server
• Automated, secure publishing of internalcertificates
• Automated search for standard E-Mailclients via LDAP and ActiveSync in 140 Directories for
• User-transparent E2EE
• Centralized trust managment & validation
• Ad-hoc issuance for partners who don‘t have a certificate
MDM Proxy
• Solves conflicts with managed iOS
• Forwards MDM protocol messages
• Adds PKCS#12 & password to Exchange profile
• Profile is transferred securely by
– TLS
– Optional E2EE of profile
Summary
• Proprietary E2EE apps cause key managementissues
• An X.509 PKI is the basis for universal corporatekey management– Using globally accepted certificates– Automation of key management tasks– Key distribution to mobile devices
• Use E2EE apps that support X.509– Improve security– Save operational costs– Gain user satisfaction
Thank you for your Attention!