Lock, stock and barrel
Lock, stock and barrel<@VM>You can select a public-key encryption application for service, software or both
Public-key encryption may be the answer to your e-commerce security concerns
By Pete Loshin
Special to GCN
The next frontier for many government agencies is electronic commerce, the'theoretically'unfettered exchange of information and services via the Internet.
Perhaps the biggest fetter holding it back is concern over security. That's where public-key encryption comes in, and with it administrators' hopes for unshackling agencies' efforts to expand online interactions.
How does it work?
Let's say you're using public-key encryption in your agency or department. Everyone, and maybe even every device, gets a public key. Everyone posts their public keys on a Web server somewhere and incorporates them on business cards and in e-mail.
If you want to encrypt a message to your director, you use her public key; she decrypts it by using her private key. Public-key encryption is sometimes called asymmetric encrpytion because a message encrypted with a public key can only be decrypted with a related private key. With symmetric algorithms, the same key is used to encrypt and decrypt.
But how do you know that the public key you use to encrypt mail to your director is actually the public key associated with the director?
You don't, unless you've got some mechanism in place to keep track of who's who, and which public key belongs to whom. That means building a public-key infrastructure for distributing public keys and using a certificate authority, or CA, to sign all your users' public keys to create public-key certificates.
Certificates are little more than simple statements digitally signed by some trusted third-party entity. These statements usually, but are not required to, contain data outlined in the International Telecommunications Union's X.509 standard: the name and other identifying information of the subject of the certificate, the subject's public key, and the digital signature of the certifying authority issuing the certificate. The CA's signature says, in effect, that the CA is vouching for the certificate holder: This person or entity is associated with this public key.
Why use certificates instead of just public keys? You wouldn't really need a certificate if you distributed public keys by hand, with each entity holding a public key giving it to you in person.
To avoid problems, however, you could never distribute keys any way but in person'hardly a practical method.
Once you start e-mailing naked public keys, you risk a man-in-the-middle attack. If Bob sends a public key to Alice by e-mail, that key could be intercepted by Carol, who replaces her own key for Bob's key. Then, when Alice encrypts a message with what she thinks is Bob's key but is actually Carol's key, Carol can read it but Bob cannot.System service
This is where certificates come in. With a certificate system, Bob gets his public key signed by a CA and sends the certificate to Alice. Alice can verify the CA's signature on the certificate, and, to the extent that Alice trusts the CA to have been conscientious about verifying Bob's information she can trust that the public key in the certificate belongs to Bob.
Much of the attention certificates and CAs are getting arises from the importance of public-key cryptography in Internet commerce.
Commerce servers need certificates so customers' browsers can encrypt sensitive consumer data. But government agencies can put certificates'and CAs'to good use for many other purposes. Most important, certificates are vital for any public-key encryption application, whether you are encrypting Internet e-mail or encrypting IP datagrams through a virtual private network.
Sounds pretty good, you might say to yourself; we should use a CA for our public keys. But there are still some questions to worry over. Whom can you trust as the trusted third party? Should you try to do it in-house, to maintain control over the entire process, or should you contract it out to a vendor that specializes in such things? And what exact functions must a CA perform?
The CA must issue certificates, respond to requests for users' certificates, and maintain a current list of revoked or invalid certificates. The products and services included in this Buyer's Guide all provide these certifying authority services.
The bottom line is that you must also be able to trust that the CA cannot be subverted, whether the CA is controlled by a third-party service provider or internally within your agency. If someone gains control of the CA's private key, she can generate her own bogus certificates that would be indistinguishable from authentic certificates.
Revocation provides a mechanism by which a compromised key can be taken out of circulation. When a certificate is revoked, the CA lists the invalid certificate as well as the date from which it was revoked, so illegitimate signatures can be flagged.
If you opt for a CA service provider, you should carefully evaluate its security arrangements. You'll also want to review its policies for issuing and managing certificates, as well as what kind of documentation or identification they require to issue a certificate.
Will the CA build policies specifically for your agency? What documentation is required to revoke a certificate? What liabilities and obligations will CA take on?
|What to ask about PKI|
|'||What is expected of the certificate authority, certificate holders and certificate users? What are their liabilities and obligations?|
|'||How are entities identified and authenticated prior to receiving certificates? What kind of documentation must they submit?|
|'||What are the operational procedures for the CA? What are the processes for applying for a certificate and revoking a certificate? How is the process audited? What records are archived, and how?|
|'||What physical and procedural controls are to be used? Where is the system hosting the CA located? How is it backed up? Who has access and control of the system?|
|'||What kind of clearance is required of CA system administrators and managers? What kind of training, experience, and qualifications are necessary?|
|'||How are keys generated, delivered, and used? What cryptographic algorithms for encryption and digital signatures are to be used? What about network and system security?|
|'||What information is to be stored in the certificates and the certificate revocation list? How is to be formatted?|
If you opt to buy CA software and do it all yourself, you should have a qualified expert help. Expect to spend a lot of time working out the details of building your own CA. The Quebec-based PKI consulting firm Labcal Technologies Inc. offers '25 Steps to the Successful Implementation of a Corporate Public-Key Infrastructure' as a free download from its site, at www.labcal.com.
Beyond certificate policymaking, certificate management and revocation are crucial day-to-day CA functions. X.509 certificates include validity dates, specifying when certificates are valid.
But certificate revocation provides a mechanism by which a certificate can be revoked early'for example, if the certificate holder is compromised or leaves the organization.
Vendors who offer CA services, such as Verisign Inc., Thawte Consulting and Alphatrust.com, would have you believe that a trusted third party means exactly that: an entity external to any of the entities using encryption to communicate.
Others, such as Baltimore Technologies Plc., sell the software necessary to establish your own CA in-house.
Still others, such as Entrust Technologies Inc., will tailor their service, whether it is for an in-house CA or a third-party CA service provider.
Yet another option is just to use the Microsoft Certificate Server included in the Windows NT 4.0 Options Pack to generate your organizational certificates.
Whether you go in-house or not, managing certificates and keys is far more complicated than simply signing public keys for the people, devices and systems under your control. Be sure to do your homework.Pete Loshin, of Arlington, Mass., is the author of several books about networking, Internet protocols and encryption.
|AlphTrust Corp. Dallas 214-290-1900 www.alphatrust.com ||AlphaTrust Network Digital ID ||Service ||Win 9x, NT 2000; Mac OS; Unix ||Netscape Navigator 4.04 or higher, Microsoft Internet Explorer 4.01 or higher, or any software supporting X.509 digital''certificates ||$39 registration,|
$20 per year
| Baltimore ''Technologies PLC Plano, Texas 972-516-3744 www.baltimore.com ||UniCERT 3.0 ||Software ||NT 4.0 ||Oracle, TCP/IP, Windows NT ||$5,000 base price;|
$25,000 to $30,000
| BCE Emergis Inc. Montreal 888-709-8759 www.emergis.com ||BCE Emergis'' PKI Hosting & Management Services ||Combination ||HP UX, NT ||Entrust PKI software ||About $6,700 to |
$67,000 per month
| CyberTrust Needham Heights, Mass. 800-362-7304 www.cybertrust.com ||Enterprise CA Version 3.3 ||Software||SunSoft Solaris, HP UX||Sun Ultra or HP 9000, 256M RAM, 2G hard drive ||$150,000, unlimited|
|Enterprise Hosting Services ||Service ||N/A ||Any Web browser || $35,000 to $65,000, includes 5,000 certificates|
| Digital Signature ''Trust Co. Salt Lake City 888-294-7831 www.digsigtrust.com ||TrustExchange ||Service ||Any client that supports X.509v3 certificates ||Standard desktop PC with browser (or other client) ||$25 per base client |
$299 per server SSL
| Diversinet Corp. Toronto 800-357-7050 www.dvnet.com ||PASSport Certificate'' Server Version 2.0 ||Software ||NT ||200-MHz processor, 128 RAM (256M'' recommended), 4G hard drive and CD-ROM drive ||$20,000, priced|
| Entrust Technologies Plano, Texas 888-690-2424 www.entrust.com ||Entrust/PKI 4.0 ||Software ||NT Server 4.0, SunSoft Solaris, HP-UX, AIX ||Windows NT Server 4.0 with Service Pack 3 or higher, 64M RAM (96M recommended), 166-MHz or higher Pentium; TCP/IP requires Entrust/ Directory or other LDAP-compliant directory ||$20,000 |
|Entrust.site'' Web Server Certificate ||Service ||Any server ||Web server that supports X.509v3 certificates ||$299 for a one-year |
certificate, $499 for a
| E-Lock ''Technologies Inc. Fairfax, Va. 877-893-9506 www.elock.com ||e-Lock PKI 2.1 ||Software ||NT ||MS Certificate Server ||Free software, charge|
for consulting and
| Microsoft Corp. Redmond, Wash. 425-882-8080 www.microsoft.com ||MS Certificate Server ||Software ||NT ||NT 4.0, NT 4.0 Option Pack ||Free download|
| Network ''Associates Inc. Santa Clara, Calif. 408-988-3832 www.nai.com ||PGP Desktop Security 6.5.1 RSA PGP Certificate Server 2.5 ||Software ||NT 4.0, SunSoft Solaris ||NT 4.0 with Service Pack 3 or higher, 128M of RAM,'' client browsers that support'' full domestic 128-bit keys ||$25,000 for 1,000 |
| RSA Data Security Inc. San Mateo, Calif. 650-295-7600 www.rsa.com/index. ''html ||Keon Certificate Server 5.0 ||Software ||NT ||Dedicated NT system'' (Windows or Server) with'' Service Pack 3 or higher, 233-MHz or higher PC,128M'' of RAM, 250M of hard-drive space, NTFS hard drive ||$25,000 for a 500- |
user license; volume
| Valicert Inc. Mountain View, Calif. 650-567-5400 www.valicert.com ||Enterprise Validation Authority Version 3.0 ||Software ||NT 4.0, SunSoft Solaris ||Any client or server using digital certificates ||$19,995 and up|
| Verisign Inc. Mountain View, Calif. 650-961-7500 www.verisign.com ||OnSite 4.0||Combination||NT 4.0 ||166-MHz Pentium, 64M of RAM, 1G hard drive||$5,000 for a pilot implementation |
|Class 1 Digital ID ||Service ||Any client ||Any client that supports X.509v3 certificates || $14.95 per year per client; volume discounts available |