NATIONAL ELECTRONIC CONVEYANCING OFFICE

SECURITY OF DIGITAL SIGNATURES

Drew Andison

1

AUSTRALIAN GOVERNMENT INFORMATION MANAGEMENT OFFICE (AGIMO)

1

DIGITAL CERTIFICATE

Issuer’s signature

Version

Serial number

Signature algorithm

Issuer name

Validity period

Subject name

Subject public key

Identifies certificate format Identifies this certificate

Name of Certification

Authority

Identifies the owner of the key

pair

Ensures cert. Data can’t be

changed

Public key value and indicator of its

algorithm

Start date and end

date

Algorithm used to sign

certificate

2

DIGITAL SIGNATURES

• A digital signature functions for electronic documents like a handwritten signature does for printed documents.

• Digital Signatures enable "authentication" of digital messages, assuring the recipient of a digital message of both the identity of the sender and the integrity of the message

• Digital Signatures can also support confidentiality (through encryption) and non-repudiation

• See http://en.wikipedia.org/wiki/Digital_signature

33

DIGITAL SIGNATURES4

DEFENCE SIGNALS DIRECTORATESEE http://www.dsd.gov.au/_lib/pdf_doc/ism/ISM_Sep09_rev1.pdf The approved hashing algorithms are:• Secure Hashing Algorithm 1 (i.e. SHA-1), and• Secure Hashing Algorithm 2 (i.e. SHA-224, SHA-256, SHA-384 and SHA-512).The approved asymmetric/public key algorithms are:• Diffie-Hellman (DH) for agreeing on encryption session keys• Digital Signature Algorithm (DSA) for digital signatures• Elliptic Curve Diffie-Hellman (ECDH) for agreeing on encryption session keys• Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures, and• Rivest-Shamir-Adleman (RSA) for digital signatures and passing encryption

session keys or similar keys.

Most common applications use SHA-1 with RSA

5

KEY SECURITYSTATE OF PLAY

• Private Key Security is the Subscriber’s responsibility

• CA’s require Subscribers to sign legal agreements that impose security obligations

• There are no specific standards • reasonableness test

• Subscribers in effect required to set own security standards

6

GATEKEEPER & KEY SECURITY

• Gatekeeper cannot impose key security practices on end-users

• Gatekeeper operates indirectly through accredited Certification Authorities• their CPs must contain statements on key security

consistent with Core Obligations Policy• Also make explicit in Subscriber Agreements

• CAs cannot really enforce the right behaviour• Once keys and certificates are issued control is

effectively lost

7

GATEKEEPER & KEY SECURITY8

Core Obligations PolicyA Subscriber (Certificate Holder) MUST• Only use Keys and Digital Certificates within the

limits specified in the CP under which the Digital Certificate was issued;

• Take all reasonable measures to protect their Private Key(s) from compromise and take all necessary precautions to prevent loss, disclosure, modification, or unauthorised use of their Private Key(s);

• Promptly notify the CA in the event that they consider or suspect there has been a compromise of their Private Keys

KEY SECURITY GUIDANCE

European Unionhttp://docs.google.com/viewer?

a=v&q=cache:VfEfEg9Iy3sJ:www.eugridpma.org/guidelines/pkp/pk-protection-1.0-20091016.pdf+EU+end+user+storage+of+keys+and+ertificates&hl=en&gl=au&pid=bl&srcid=ADGEESgewwRLYKBIjwGX2GPc68a0RGXhajd8uYqmOs1jbOcqg_f8lTWSQ31raK7k1-GMcEND96EWzdBVNr0FVwWj8q8AdrWKPEWEs7hKxP2a7atTYnA3wtIdd6IN_29Uab-yvDskN9JH&sig=AHIEtbRC8DTYtm9uFYfQxXKQUi93SBhEgA

United Stateshttp://www.idmanagement.gov/fpkipa/documents/CommonPolicy.pdf http://www.abanet.org/scitech/ec/isc/pag/pag.html - see Section D.5.1.3

Physical Security Controls for Subscribers

9

UTAH DIGITAL SIGNATURE ACT (1995)

46-3-303 Control of the private key. (1) By accepting a certificate issued by a licensed

certification authority, the subscriber identified in the certificate assumes a duty to exercise reasonable care in retaining control of the private key and keeping it confidential.

10

IDENTRUST - Access Certificates for

Electronic Services

https://secure.identrust.com/certificates/policy/aces/revised_aces_cp_v20040506_1.pdf

The responsibilities of each applicant for an ACES Certificate are to:

• ……take reasonable precautions to prevent any compromise, modification, loss, disclosure, or unauthorized use of the private key;

11

IDENTRUST SERVICES - ECA CERTIFICATE SUBSCRIBER AGREEMENT By requesting an ECA Certificate from IdenTrust, You:

b) State that You have kept and You will keep Your Private Key(s) private and that You will safeguard and maintain Your Private Key(s) (and any user IDs, passphrases, passwords or PINs used to activate Your Private Key(s)) in strict secrecy and take reasonable security measures to prevent unauthorized access to, or disclosure, loss, modification, compromise, or use of, Your Private Key(s) and the computer system or media on which Your Private Key(s) are stored;

12

VeriSign Australia – Gatekeeper ABN-DSC Subscriber Agreement

Organisations must through an Authorised Officer:(a) ensure that their Key Holders comply with their obligations under this

CP and the CPS;(b) provide measures to avoid Compromise of their Key Holder’s Private

Keys;(c) immediately notify the VeriSign CA when the Organisation becomes

aware that a Key Holder’s Private Key has been Compromised, or there is a substantial risk of Compromise;

Key Holders must:(a) ensure that their Private Keys are not Compromised;(b) immediately notify the Organisation if they become aware that their

Private Key has been Compromised, or there is a substantial risk of Compromise

13

OFFICE OF THE FEDERAL PRIVACY COMMISSIONER – PKI GUIDELINES

A significant privacy concern in relation to use of PKI is the security of the private key. The integrity of a PKI depends on the subscriber keeping the private key inaccessible to any other party.

Digital certificates and their corresponding key pairs can be stored in a number of ways – on dedicated tokens such as smart cards or directly on computer disk drives. Each storage method has a set of benefits and deficiencies. The choice of particular storage solutions is a matter for each agency in planning its PKI implementation and for clients in reaching a conclusion about using a particular digital certificate. Gatekeeper does not specify particular storage devices, nor does it make any judgment on the merits of any particular storage method.

14

KEY SECURITY - US GUIDANCESubscribers locate their workstation in an area reasonably secure from

tampering by unauthorized personnel.Passwords and PINs should be memorized and not be written down; if a

password or PIN needs to be written down it should be stored in a locked file cabinet or container accessible only to designated personnel.

A private key stored on any unsecured medium, such a diskette, it should be stored in a locked file cabinet, secured digital archive, or locked container.

Subscribers should not leave their workstations unattended when cryptography is in an unlocked state (i.e., when the PIN or password has been entered). A workstation that contains private keys encrypted on a hard drive should be physically and logically secured or protected with an appropriate access control product.

Cryptographic tokens should be protected by holders to an extent comparable with that of valuable personal items such as credit cards or drivers’ licenses.

Documents, diskettes, or other items containing PINs or passwords should be disposed of in a manner that does not compromise the confidentiality of the sensitive data.

15

KEY SECURITY ISSUES• SOFT CERTIFICATES VS TOKENS (SMARTCARDS, USB)

• FIREWALLS – EPL

• ANTI-VIRUS SOFTWARE - EPL

• PASSWORD STRENGTH - ISM

• USE OF BIOMETRICS – ACCESS CONTROL

ETC

16

Thank You

QUESTIONS???

17