The Public Key Muddle

Transcription

1 The Public Key Muddle How to manage transparent end-to-end encryption in organizations Dr. Gunnar Jacobson CEO Secardeo GmbH

2 Business Communication Desktop (e.g. Outlook) Cloud (e.g. Office 365) More than 50% opened on Mobile Device Instant Messaging (IM) WhatsApp/WeChat (private) -- Skype for Business Business use growing faster than private use File Exchange Increasing adoption of Cloud Storage (Box, DropBox, OneDrive ) Voice over IP (VoIP) Analog/ISDN is replaced by VoIP

3 Why do we have to encrypt? Allianz Top Business Risks 2015: #5: Cyber crime: #1: Data theft and manipulation Risks are caused by Internal attackers (data stealing) Industrial espionage (APT) Intelligence agencies (data interception) Countermeasure: End-to-End Encryption

4 Public Key Encryption Text Text Alice Bob s Public Key Bob s Private Key Bob Directory

5 End-to-End Encryption - E2EE

6 E2EE Requirements En-/Decryption is done by the ( , IM, File-Exchange, VoIP) App on the device Interoperability is a key issue for B2B Encryption is legal without backdoors Completely transparent to the user Low efforts for public key management

7 Key Management Challenges Is my private key available on all of my devices? Internet Alice Bob Do my apps work with my key?

8 Key Management Challenges Is my private key available on all of my devices? How can I retrieve Bob s public key? Internet Alice Bob Do my apps work with my key? Can I trust this public key?

9 Trust Models CA Hierarchical Trust Alice K A Bilateral Trust K B Bob Web-of-Trust Intermediary Trust Provider

10 Trust Models CA Hierarchical Trust Alice A hierarchical trust model based K A on Bilateral X.509 certificates Trust K B is the preferred model for medium & large organizations Intermediary Web-of-Trust Trust Bob Provider

11 Public Key Retrieval Public Keys are retrieved from Keyserver Certificate Directory Server Intermediary (Service Provider) Global retrieval of any user s key is required Security mechanisms for address harvesting Manual or (better) automatic retrieval (LDAP)

12 Private Key Distribution Smartcards are secure and portable but Expensive Poorly supported on mobile devices Software keys PKCS#12 is the standard format Manual distribution is difficult and costly Automated key distribution required Limitations caused by MDMs and Apple

13 E2EE Applications Electronic Mail PGP used by individuals Add-on products required S/MIME & X.509 Widespread use by organizations Supported by all major clients Instant Messaging (IM) Poor support of XMPP E2EE with PGP & S/MIME Popular products use OTR (man. fingerprint check)

14 Contrary requirements Business Non-Repudiability Key Recovery Organisational Trust Interoperability Private IM/Chat Repudiability Forward Secrecy Bilateral Trust Proprietary Solution Compliance -

15 E2EE Applications (2) File Exchange PGP (used by individuals) MS EFS (used within corporate domain) Cloud storage (proprietary): BoxCryptor, ViiVo, Cloud storage: SecureZIP (PGP), certdrive (X.509) VoIP Poor support of SRTP E2EE with MIKEY X.509 certs Cisco SCCP supports E2EE with X.509 certs Popular products use ZRTP (manual check of Short Auth. String)

16 Key Management for E2EE High interoperability S/MIME X.509 based Key Management Poor interoperabilty Standards exist but Proprietary solutions dominate

17 Key Management alternatives a) Proprietary, vendor driven Buy best-of-breed products Use vendor specific key management Vendor/service provider will control your keys b) Standardized, universal Rely on open and well established standards Use products that support digital certificates Build a universal key management infrastructure Keep corporate control of your keys

18 Proprietary Key Management

19 Proprietary Key Management Different product vendors: Diversity of Key Management Inconsistent Trust Models High efforts for Key Distribution Loss of corporate control of keys

20 Universal Key Management

21 Universal Key Management

22 Universal Key Management

23 Universal Key Management Mobile Device Management

24 Universal Key Management MDM Proxy Mobile Device Management x Key Recovery Server

25 Certificate Enrollment Proxy Acts like a Windows CA Autoenrollment from Non-Microsoft CAs Auto-Revocation & -Modification Smart Key-Backup & Recovery Automated distribution of private keys to mobile devices Using accepted certificates from Public CA

26 Certificate Directory Server Automated, secure publishing of internal certificates Automated search for standard clients via LDAP and ActiveSync in 140 Directories for User-transparent E2EE Centralized trust managment & validation Ad-hoc issuance for partners who don t have a certificate

27 MDM Proxy Solves conflicts with managed ios Forwards MDM protocol messages Adds PKCS#12 & password to Exchange profile Profile is transferred securely by TLS Optional E2EE of profile

28 Summary Proprietary E2EE apps cause key management issues An X.509 PKI is the basis for universal corporate key management Using globally accepted certificates Automation of key management tasks Key distribution to mobile devices Use E2EE apps that support X.509 Improve security Save operational costs Gain user satisfaction

29 Thank you for your Attention!