Security Architecture (ASA)

Transcription

1 AppleÕs Security Architecture (ASA) Aram PŽrez Chief Security Architect Apple Data Security Group

2 Overview Apple Data Security Group Why provide a security architecture? Requirements Building Blocks The Security Architecture Restrictions, Extensions and Wishes Summary Q&A

3 Apple Data Security Group Mission: Ð To make a wide range of data security protocols and services available to developers Ð To provide a consistent and easy to use interface for the user Motto: ÒThink CrypticÓ

4 Apple Data Security Group Mission: Ð To make a wide range of data security protocols and services available to developers Ð To provide a consistent and easy to use interface for the user Motto: ÒThink CryptoÓ

5 Two teams Ð Security Framework Ð Applied Security Organization

6 Security Framework Provide a framework to support multiple algorithms, certificate types, trust policies and data stores Integrate new data security technologies into the system without requiring changes to security applications Encourage innovative security products by providing powerful access to low level cryptographic functions

7 Applied Security Provide a consistent user experience for handling passwords, keys and certificates Abstract key and certificate types for developer through drag-and-drop and high level protocol toolkits Automate certificate management for creation, storage and revocation

8 Why Provide a Security Architecture? It is becoming a fundamental requirement in an operating system Low barrier of entry for developers Ability to provide consistent user experience for customers Faster time to market for providing new security services

9 Requirements Leverage industry work Ð We did not want to re-invent the wheel Easily supported on all Apple OSs Extensible and flexible Ð Easy to add new technologies Ð Support software, hardware or both

10 More Requirements A complete security model with a good level of abstraction Multiple certificate models and formats Ð X.509, PGP, etc.

11 Building Blocks Successful concepts from PowerTalk: Keychain and DigiSign License of a full featured industry proven security API Provide for the most popular cryptographic algorithms

12 More Building Blocks On staff chief cryptographer: Dr. Richard Crandall Apple patented encryption algorithms Ð Fast Elliptic Encryption (FEE) Fastest Odd-characteristic ECC Ð Apple Secure Compression (ASC) 1 pass compression and encryption Ð Chaotic Dynamic (Chad) On staff security architect

13 What Is Our Architecture? It is based on IntelÕs ÒCommon Data Security ArchitectureÓ or CDSA We have licensed CDSA source from Intel and are porting it

14 HereÕs What It Looks Like Applications System Security Services Common Security Services Security Add-in Modules Layered Services, Middleware, etc. CSP CSP CSSM Security API TP CL TP CL DL DL

15 System Security Services Secure Ð S/MIME Ð Open PGP (PGP/MIME) Secure communications Ð Secure Sockets Layer (SSL) Ð Transport Layer Security (TLS) Authentication Services

16 More System Security Services Secure payments Ð Secure Electronic Transaction (SET) Ð Micro Payments Ð E-Checks Certificate management Ð Creation Ð Revocation Ð Trust models

17 Common Security Services Applications System Security Services Common Security Services Security Add-in Modules Layered Services, Middleware, etc. CSP CSP CSSM Security API TP CL TP CL DL DL

18 CSSM The essential component in CDSA that integrates and manages all categories of security services It enables the tight integration of individual services, while allowing those services to be provided by interoperable modules

19 Cryptographic Service Provider Applications System Security Services Common Security Services Security Add-in Modules Layered Services, Middleware, etc. CSP CSP CSSM Security API TP CL TP CL DL DL

20 CSP A module that performs cryptographic operations and securely stores cryptographic keys May be software, hardware, or a combination of both

21 Trust Policy Applications System Security Services Common Security Services Security Add-in Modules Layered Services, Middleware, etc. CSP CSP CSSM Security API TP CL TP CL DL DL

22 TP ÒCertificate semanticsó A module that implements policies defined by authorities and institutions Policies define the level of trust required before certain actions can be performed

23 Certificate Library Applications System Security Services Common Security Services Security Add-in Modules Layered Services, Middleware, etc. CSP CSP CSSM Security API TP CL TP CL DL DL

24 ÒCertificate syntaxó CL A module that implements syntactic manipulation of memory-resident certificates and certificate revocation lists Each module may choose to implement only those operations required to manipulate a specific certificate data format, such as X.509, SDSI, PGP, etc.

25 Data Library Applications System Security Services Common Security Services Security Add-in Modules Layered Services, Middleware, etc. CSP CSP CSSM Security API TP CL TP CL DL DL

26 DL A module that provides stable storage for security-related data objects These objects can be certificates, certificate revocation lists (CRLs), cryptographic keys, policy objects or application-specific objects

27 What Are We Delivering? Keychain Access Applications System Security Services Common Security Services Default Security Add-in Modules Keychain CSP CSP SSL Cert Mgt CSSM Security API TP CL TP CL Sign Enc??? DL DL

28 Default Cryptographic Service Provider (CSP) Fully exportable, available world-wide Signatures: FEE (ECDSA), RSA, DSA (full strength) Symmetric: DES, RC2, RC4, ASC (Apple Secure Compression) (40 bits) Key exchange: FEE, RSA, D-H (512) Hashes: MD2, MD5, SHA-1

29 Default Trust Policy (TP) Trust based on X.509 certificates

30 Default Certificate Library (CL) X.509 V3 certificates & CRLs

31 Default Data Library (DL) File based Protected by ÒpassphraseÓ Will store certificates, CRLs, keys and passwords The Keychain will be standard API for accessing objects stored in DL

32 US/Canada Only CSP Full strength CSP, not exportable Signatures: FEE, RSA, DSA Symmetric: DES, 3DES, RC2, RC4, ASC (Apple Secure Compression) Asymmetric: FEE, RSA, D-H Key exchange: FEE, RSA, D-H Hashes: MD2, MD5, SHA-1

33 ÒFinancialÓ CSP Planning a CSP for financial applications Will provide strong cryptography for financial transactions Available worldwide Most likely will require application to Òbe signedó

34 Delivery Dates Stand-alone Keychain Ð 3rd Quarter 1998 Core CDSA with default add-in modules (including smartcard support) Ð 1st Quarter 1999 CDSA-based Keychain Ð 1st Quarter 1999 SSL v3 over CDSA Ð 2nd Quarter 1999

35 CDSA 2.0 More Dates Ð 3-4 months after release of reference code

36 CDSA Restrictions Only CSP/DL multi-service modules allowed Ð CSPs have minimum key management API: Generate Find private key by public key Ð DLs have a ÒfullerÓ object management API Ð Easier for Keychain and other applications Only ÒoneÓ API Ð Easier for supporting smartcards

37 More Restrictions Keys have a single use Ð Good security practice Ð Easier export/import compliance Only key references allowed, no raw key bits Ð Exception for public keys Keys have a well known set of attributes Ð Based on the CSSM_KEY structure

38 CDSA Extensions Conversion functions between DL keys and CSP keys Ð ASA_DBRecordToKey Ð ASA_FreeKey

39 CDSA 2.0 Wish List More object definition Ð Currently applications are tied to a particular DL because they have to know the attributes supported by the DL A better key management API Ð Currently applications are tied to a particular CSP because there is no standard key management API

40 More Wishes Conversion functions between DL and CSP Ð Currently there is no way to use a key from a DL with a CSP Clearer support for smartcards Work on system security services APIs that are based on CDSA Ð SSL/TLS Ð Secure

41 Summary Apple has a Security Architecture Ð Based on CDSA Ð Will be integrated with the operating system Ð Will be delivered with every Apple computer Our focus is the System Security Services and the User experience Ð CDSA is an enabling technology for us Ð Developers are interested in security functionality not security APIs

42 For More Information This presentation Ð Intel: Ð Ð Has documentation for Version 1.2 The Open Group: Ð Ð Has documentation for Version 2.0

43 Questions & Answers Think Crypto