Student: Ying Hong - PowerPoint PPT Presentation

1 / 22
About This Presentation
Title:

Student: Ying Hong

Description:

Now, encrypted key blob can be exported and stored server storage; also key ... Knowing the key blob is not sufficient to recover the original key object by ... – PowerPoint PPT presentation

Number of Views:33
Avg rating:3.0/5.0
Slides: 23
Provided by: hai63
Category:
Tags: blob | hong | student | ying

less

Transcript and Presenter's Notes

Title: Student: Ying Hong


1
How To Protect Keys
  • Student Ying Hong
  • Course Database Security
  • Instructor Dr. Yang

2
Introduction
  • As public key cryptography has become the basis
    of computer security, the weak point in security
    has shifted from the data itself to the keys
    which protect them.
  • Tow approaches
  • one is from RSA Security
  • one is from nCipher Security World

3
RSA Approach
  • Traditional approach is to save the keys and
    encrypted data within the database together.
  • RSA approach is to build an Encryption Server to
    provide centralized encryption services, which
    separates encryption keys from the encrypted data
    stored in the database.

4
Internal Database Encryption
5
External Database Encryption
6
Sample Implementation
7
Weak Point
  • Traditional approach vs. RSA approach
  • You may notice
  • RSA approach did NOT yet solve the problem of the
    exposure of the keys and sensitive data
    thoroughly. It moves the weak point from the
    server application (ProcessLogin) to the
    CryptoServer.

8
nCipher Approach
  • nCipher approach is to provide Hardware security
    modules (HSMs) with software to control key
    management.
  • nCipher also developed a new system called Secure
    Execution Engine (SEE), which can protect
    application software as its executed by allowing
    the sensitive code being executed inside the HSMs.

9

10
Secure Key Storage
  • The keys can only be used inside the HSMs, so
    that strong security perimeter is provided.
  • However, its not good idea to store keys inside
    HSM
  • HSM is attacked, keys are destroyed
  • the number of keys which can be created, used and
    stored is restricted by the capacity of storage
    built into HSM unit
  • HSMs module key is often pre-installed and known
    to the HSM manufacturer, so the chain of trust is
    not entirely under the control of the HSM
    administrator.

11
Key Backup Recovery
  • Key backup and recovery should be implemented in
    a consistently secure manner.
  • Basic concepts of protecting stored keys
  • Strong encryption triple-DES
  • Fragmentation of keys k of n key fragments
  • ACL a list of operation associated with each key

12
Key Backup Recovery cont.
13
Key Backup Recovery cont.
  • Steps of creating key blob
  • The target key is encrypted using Triple-DES
    encryption. Its ACL is also, separately,
    encrypted.
  • The key and ACL are encrypted together and the
    result is signed with a wrapper key (module key),
    to form blob. A Message Authentication Code (MAC)
    is stored with the key blob, ensuring that
    tampering is detectable.
  • The wrapper key in turn is associated with
    another ACL, which determines who can access it.

14
Key Backup Recovery cont.
  • If required, key fragments can each be wrapped
    with their own access control mechanisms.
  • Now, encrypted key blob can be exported and
    stored server storage also key fragments can be
    stored separately so that k smart cards out of a
    total set n are required to access the key.

15
Access To Key Blob
16
Access To Key Blob cont.
  • Access to key blobs is physically controlled
  • Smart cards must be presented in order to load
    the key blob into the HSM and unwrap it for
    decryption
  • Knowing the key blob is not sufficient to recover
    the original key object by itself, since any key
    stored on physical tokens is encrypted with the
    module key and module keys are held securely
    within the HSM.
  • Instead of just encrypting keys with the module
    key, the HSM can combine the module key with a
    phrase supplied by the user, so that it
    significantly improves the weak point on the
    chain of the trust we mentioned earlier.

17
Sample Implementation
18
Extension
  • nCiphers SEE technology enable the code to
    perform security functions inside the HSMs.

19
Sample Implementation
20
Benefits
  • Non-hierarchical key management
  • the administrator card set
  • the operator card set(s)
  • Initialization key uniqueness
  • the module key is not known outside the HSM and
    remains valid until the module is reinitialized
  • Scalability
  • Its possible to share module keys across a
    series of HSMs

21
Conclusion
  • RSA approach is a software-only solution, so its
    easier to use.
  • nCipher approach may be more secure than the RSA
    approach, and it takes one more step further to
    protect the sensitive code, but its obviously
    more complicated.

22
References
  • http//www.placewareforum.com/rsasecurity/page.cfm
    ?peventeventid12458subcatid11728, Securing
    Data At Rest Developing a Database Encryption
    Strategy
  • http//active.ncipher.com/whitepapers/nCipher_secu
    rity_world_wp.pdf, nCipher Security World white
    paper
  • http//active.ncipher.com/whitepapers/SEE_white_pa
    per.pdf, Secure Execution Engine white paper
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2025 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "Student: Ying Hong" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!