isafeguard Quick Start Guide

Transcription

1 isafeguard Quick Start Guide Now that you have successfully installed the software on your computer let's start using it to secure your files, s and other information. About Cryptography Before you start you should understand some basic cryptographic concepts so that you can use the software effectively. Click here to learn more about cryptography. Preparing To Use isafeguard There are a few steps you must follow to use the software. Step 1: Launching isafeguard The software is launched when you login. The first time you login you will be asked to create a new profile. Click here to learn how to login. Step 2: Creating A New Profile Follow the program to create a new profile. If you want to learn more please go through the Create A New Profile tutorial. Step 3: Obtaining A Certificate Again follow the program to create a self-signed certificate. If you want to learn more please go through the Create A New Certificate tutorial. If your company has a PKI you may use the same wizard to enroll into your company's PKI. You now have a self-signed certificate and the associated private key - both are stored in your profile. You can use the certificate to secure files and other digital assets for yourself. In addition if you have already had a certificate stored on your computer or smartcard/security token you may use it too. Step 4: Exchanging Certificates/Public Keys If you want to securely communicate with other people you will need to exchange certificates/public keys. Click here to learn how to do manual certificate/public key exchange. If you want to learn more about the certificate export wizard click here. Note: If your company has Active Directory and Microsoft Certificate Service the key exchange can be done automatically. Using isafeguard 1. Securing Files and Folders To learn how to secure your files and folders click here. You may also go through the tutorial Signing and Encrypting Files to learn more. 2. Securing s To learn how to secure your s click here. You may also go through the tutorial Signing and Encrypting s to learn more. 3. Managing the Passwords of Your Online Accounts 1

2 To learn how to manage the passwords of your online accounts using isafeguard Password Manager click here. 4. Securing Personal Notes To learn how to use isafeguard Personal Information Editor click here. 5. Backing Up Your Files and Folders Securely To learn how to backup your files and folders securely click here. You may also go through the tutorial Creating and Extracting Archive Files to learn more. 6. Wiping Your Files and Folders To learn how to securely delete your files and folders click here. You may also go through the tutorial Wiping Files and Cleaning Disk Free Space to learn more. 7. Wiping Free Space on Your Hard Drives To learn how to securely clean the free space of hard drives click here. You may also go through the tutorial Wiping Files and Cleaning Disk Free Space to learn more. Using Advanced Features 1. Countersigning Signed and Encrypted Files To learn how to countersign signed and encrypted files click here. 2. Countersigning Signed and Encrypted s To learn how to countersign signed and encrypted s click here. 3. Using Smartcards/Security Tokens To learn how to use smartcards/security tokens click here. 4. Searching Other People's Certificate From Internet Directory Services To learn how to find other people's certificate from known Internet Directory Services click here. 5. Changing Default Settings To learn how to change software default settings click here. Note: There are many other features that are not covered in this quick start guide. You will learn these features once you are comfortable using the software. Product Overview This section gives you a brief overview of the software product. About isafeguard isafeguard is a powerful cryptographic software product that enables you to protect your most valuable assets - information with strong encryption and authentication. Using strong encryption isafeguard provides protection against anyone eavesdropping on the network. Even if your data is intercepted, it is completely unreadable to the snooper. Using strong authentication isafeguard ensures the integrity and origin of your data. 2

3 isafeguard is a very import tool within your network security infrastructure, since loss of confidentiality may mean loss of business. isafeguard Features isafeguard provides the following features Features available in Enterprise, Professional and Freeware editions Integrated with Windows Shell Creating own X.509 digital certificates Supporting X.509 certificates for any Certificate Authorities Signing and encrypting files and folders Signing and encrypting s Verifying digital signatures and countersignatures Certificate Revocation List (CRL) and CRL distribution point Searching other people's certificates from Internet Directory Services Using Certificates on local computer Managing passwords of online accounts and filling web forms Wiping files and folders Wiping disk free space Secure text editor And more Features available in Enterprise, Professional editions Countersigning signed (and encrypted) files and s Supporting Smartcards/Security Tokens Creating and extracting certificate protected archive files Creating and extracting password protected self extracting archive files Creating and extracting regular ZIP files Features available in Enterprise edition Integrated with Microsoft Active Directory Integrated with Microsoft Certificate Services Self-service PKI enrollment and certificate renewal Data recovery agent (DRA) And more Supported Smartcards/Security Tokens isafeguard supports the following Smartcards/security tokens: etoken PRO from ealaddin etoken R2 from ealaddin Supported Clients isafeguard supports many clients including the following: Microsoft Outlook Microsoft Outlook Express gmail Yahoo Mail 3

4 Hotmail AOL Web Mail Juno Mail Lycos Mail Eudora Webmail .com content formats supported: Text RTF HTML Standards isafeguard Supports isafeguard supports the following standards Microsoft CryptoAPI 3DES, RC2 and RC4 RSA SHA1 and MD5 X.509 v3 PKCS #1: RAS Cryptography Standard PKCS #7: Cryptographic Message Syntax Standard PKCS #10: Certification Request Syntax Standard PKCS #11: Cryptographic Token Interface Standard PKCS #12: Personal Information Exchange Standard DoD M Algorithm Installation Guide This guide helps you install isafeguard on your computer. If you have any questions please contact System Requirements For best performance, the minimum system requirements are as follows: A Pentium 133 MHz PC or compatible 32 MB RAM Windows Vista, Windows XP, Windows 2000, or Windows NT/SP5 or later, or Windows 98 Microsoft Internet Explorer 6.0 or later Warning: You may need to download specific installer package for your Windows. Windows 95 is not supported. Downloading and Installing Microsoft Windows Installer The installation package uses Microsoft Windows Installer service that ships as part of the Microsoft Windows Vista, Windows XP, Windows 2000 and Windows Millennium Edition (Windows Me) operating systems, and is provided in a service pack to Windows 95, Windows 98, and Microsoft Windows NT 4

5 version 4.0. If you don't have Windows Installer service installed on your machine, you may use the following web link to download and install Windows Installer service. Choose Windows Installer Redistributable (x86/win9x) if you are running Windows 95 or Windows 98 Choose Windows Installer Redistributable (x86/nt 4.0) if you are running Windows NT 4.0 After the installation, follow the instructions below to install the software. Installing isafeguard From Windows Explorer Follow the steps below to install the software from Windows Explorer. 1. Start Window Explorer 2. Find the file e.g. isafe.msi 3. Right mouse click on the file 4. Select Install menu item from the popup menu 5. Following the installation wizard to complete the installation Installing isafeguard From Command (DOS) Prompt Follow the steps below to install the software from command (DOS) prompt. 1. Start a command (DOS) window 2. Change to directory where isafe.msi is stored 3. Enter isafe.msi, and then hit the Enter key 4. Follow the installation wizard to complete the installation Removing isafeguard From Your Computer 1. Start Windows Control Panel by selecting Start and then Control Panel 2. Double click on Add or Remove Programs 3. Select isafeguard Security Suite for Windows by clicking on it 4. Click the Remove to remove isafeguard from your computer Note: When you uninstall the software there is a registry key named MXC Software left behind under HKEY_CURRENT_USER/Software. We leave it there so that when you reinstall isafeguard your settings are kept. You may just leave it there or use regedit to delete the registry key completely. Warning: You must not delete anything else other than the key named MXC Software. If you are not sure how to use regedit properly DON'T use it. The following instruction is for advanced users only. To delete the key after uninstall the software 1. Open a DOS (Command Prompt) window 2. Type regedit and then hit the enter key 3. Expand HKEY_CURRENT_USER and then Software 4. Find key MXC Software under Software and then right click the mouse button on the key 5. Select Delete from the popup menu and then confirm the delete operation Introduction to Cryptography To use this software effectively, you need to understand some basics of cryptography including 5

6 Encryption and decryption Public key and private key (key pair) Digital certificate (or certificate) and certificate trust model Digital signature You will also need to understand what a profile is and how important it is to choose a good pass phrase to protect it and keep it in a safe place. This section gives you a brief introduction to cryptography. In this section you will learn the following: What Is Cryptography Basic Terms Shared Secret Cryptography Public Key Cryptography Modern Cryptographical Algorithms Encryption: How Does isafeguard Work? Digital Signature Digital Signature Hash Functions Digital Signature: How Does isafeguard Work? Digital Signature Law Digital Certificate What Does A Public Key Look Like? X.509 Certificate Format Certificate Types Certificate Trust Model Direct Trust Hierarchical Trust Indirect Trust Model Trust Model Used In isafeguard Certificate Validity and Certificate Trust Countersignatures What is a countersignature? Why is countersignature important? How countersignatures are generated? Conforming to standards Key Storage Summary Further Readings 6

7 What Is Cryptography? In this section we will give you a brief description of what cryptography is, the basic terminology, etc. and explain how isafeguard works. Basic Terminology Cryptography is the science of mathematical manipulation of data for the purpose of securing the data so that the information is hidden from any one for whom it is not intended, even those who can see the manipulated data. Data in its original form is known as plaintext or cleartext. The manipulated data is known as ciphertext. The process for producing ciphertext from plaintext is called encryption or encipher. The process for producing plaintext from ciphertext is called decryption or decipher. Now that you know the basic terminology let's look at an example. Shared Secret Cryptography Let's assume that you have a very important message you want to send to your best friend, Bob, "Hello, Bob, how are you doing?" You want to send it securely; even people who intercept the message won't be able to read it. So you figured out an algorithm to encrypt the message. Here are the algorithm details: you replace letter "A" with letter "D", letter "B" with letter "E" and so on, the whole encryption table looks like this: Replace With A B C D E F G H I J K L M N O P Q R S T U V W X Y Z D E F G H I J K L M N O P Q R S T U V W X Y Z A B C After encrypting, your message reads like this "Khoor, Ere, krz duh brx grlqj?" You tell Bob the secret and Bob can read the message. Of course you must find a way to tell Bob the secret securely; otherwise anyone who knows the secret can read your message. This is a very simple encryption and decryption algorithm (known as Caesar Cipher). You can imagine how important it is to keep the secret. Since the same key is used for encryption and decryption in shared secret cryptography it is also known as symmetric cryptography and the key is called symmetric key. Public Key Cryptography In contrast, public key cryptography doesn't count on this shared secret to communicate securely. You create an encryption key and a decryption key. When a message is encrypted using your encryption key, it can only be decrypted using your decryption key. You make your encryption key public (thus public key), list it in the directory, it to other people, whatever. But you must keep your decryption key private (thus private key). The decryption key (or private key) should never leave your hand. If someone, say, Bob, wants to send you a secret message he can use your encryption key to encrypt his message, only you, with your decryption key, can decrypt the message. There is no shared secret between you and Bob to allow you to communicate securely. This is the key advantage of public key cryptography. Since you now understand that an encryption key is a public key, a decryption key is a private key, we will use the terms public key and private key when we mean encryption key and decryption key from now on. The public key and private key are related - they are a pair, called key pair. When we say a key pair we mean a public key and the related private key. Since different keys are used for encryption and decryption in public key cryptography it is also known as asymmetric cryptography. 7

8 Note: Since a private key is always stored with the corresponding public key we sometimes use private key and key pair interchangeably if that does not cause confusion. Modern Cryptographic Algorithms The above discussion about shared secret cryptography and public key cryptography is overly simplified - but it does give you the ideas. In modern cryptography much more complex systems are used. The following lists some of the algorithms commonly used in industry and government: RC4 - symmetric algorithm RC2 - symmetric algorithm DES - symmetric algorithm 3DES - symmetric algorithm AES - symmetric algorithm MD5 - hash algorithm SHA1 - hash algorithm RSA - public key algorithm Public key system has great advantage over shared secret key system because it solves the key distribution problem - a key issue in shared secret cryptography. However public key algorithm such as RSA is very slow while shared secret algorithms are much faster. Therefore in real cryptosystems they are used together. Encryption: How isafeguard Works isafeguard is a hybrid cryptosystem. It takes advantages of both shared secret and public key algorithms. Here is how it works. When encrypting a random symmetric key is generated to encrypt the message. Then the intended recipients' public keys are used to encrypt the random symmetric key. Finally the encrypted random symmetric key and the encrypted message are sent to the recipients. When decrypting one of the recipients' private key is used to decrypt the random symmetric key. And then the random symmetric key is used to decrypt the message. isafeguard supports three symmetric algorithms RC2, RC4, 3DES, two hash algorithms MD5 and SHA1, and one public key algorithm RSA. Digital Signature Digital signature is one of the most important applications of PKI technologies. In this section we will briefly describe what a digital signature is and how it is produced. Digital Signature You may be wondering, what if I use my private key to encrypt a message? Can I decrypt the message with my public key? You are absolutely right. But this process is called signing a message. Just like signing your name on a paper document, you can sign an electronic document, Microsoft Word document for example, with your private key. Remember a document signed with your private key can only be verified with your public key. So any electronically signed documents must be from you and not from anyone else if they can be verified with your public key because only you have your private key - no body else does. Hash Functions 8

9 In real world applications a document or message is not directly signed with your private key for the following reasons. 1. The signed document or message size would double. 2. Signing process would be slow. Instead a document or message is first digested with a hash algorithm, and then the digest or hash value is encrypted with a signer's private key. When verifying a digital signature the original document or message is digested using the same hash algorithm. The computed hash value is then compared with the hash value decrypted using the signer's public key. If they match then you are sure the document has not been modified after being signed. Remember that any changes to a document, even a single bit, will result in different hash value or digest. This guarantees that a signed document or message is tamper proof. Digital Signature: How isafeguard Works isafeguard works in the same way. In addition isafeguard support signing and encrypting which ensure privacy, integrity, authenticity and non-repudiation. Here is how it works. A message is first digitally signed in the way described above and then encrypted in the way described in section Encryption: How Does isafeguard Work?. Digital Signature Law The Millennium Digital Commerce Act of 2000 former President Bill Clinton signed makes it legal to utilize digital signature to sign checks, credit and loan applications and many other legally binding documents. It is not complete to talk about digital signature without mentioning digital certificate which the topic of the next section. Digital Certificate You now understand how public key cryptography works. You also know that you need to distribute your public key to other people in order for them to send messages to you securely. In this section you will learn what a digital certificate is and what comprise a digital certificate. What Does A Public Key Look Like? Be aware that a public key is only a series of digits; it does not make any sense to human. Here is an example of a 512 bit RSA public key displayed in hex format: E4 EEDC FAB C7E7 9AD2 B7B0 F30E EC04 4A6E 6054 D3A1 10C5 B130 B4FB 8ACA E00 870F 98ED FF78 2CDC B9FA 916A B76F 585B CD E87A FD0B FEA0 D Does it make any sense to you? Maybe not. In addition when you get a public key like this, you also want to know whom this key belongs to, right? A digital certificate (or certificate) binds the owner's public key, name, and other necessary information together and makes it more convenient and reliable to make your public key public. There is a more important reason for using certificates: certificate trust. We will talk about this later in section Certificate Trust Model. Now let's take a look at what are included in a certificate. 9

10 X.509 v3 Certificate Format A standard X.509 v3 certificate contains the following standard fields: Certificate version Serial number of the certificate The distinguished name of the certificate issuer The distinguished name of the certificate owner The validity period of the certificate The public key The digital signature of the issuer Signature algorithm used Zero or more certificate extensions Note: An example distinguished name looks like this: CN=Michael Davis, E=mdavis@mxcsoft.com, OU=Sales, O=MXC Software, C=US. Certificate Types Certificates that are used to digitally sign other certificates are called CA certificates. All other certificates are called end entity certificates. A CA certificate issued by yet another CA is called intermediate CA certificate. A CA certificate issued by the CA itself is called root CA certificate. A CA-issued certificate is issued by a CA. A self-signed certificate is issued to a user by the user himself. isafeguard support both, i.e. you may use certificates you generated yourself or certificates from CAs. In isafeguard certificates are stored in four certificate stores. The following table summarizes the certificate types we described above. Certificate Type Personal Others Intermediate CA Root CA Description End entity certificates with private keys End entity certificates without private keys Intermediate CA certificates Root CA certificates We will discuss the trust rules of all these certificate types in section Certificate Trust Model. Certificate Trust Model Here is another challenge. When you receive a certificate, for example, from . The certificate indicates the owner's name is Bob. How can you be sure that the certificate really belongs to Bob? Remember Eve can generate a certificate with same name called "Bob" and can snooping on the net to intercept the s between Bob and you. Refer to FAQ: man-in-the-middle-attack for more information about this kind of attack. Fortunately each certificate has its unique thumbprint, like a person does. If you can find a way to verify the certificate's thumbprint with Bob then you are sure that the certificate really belongs to Bob not someone else. Direct Trust One way to verify the thumbprint is your calling Bob and having him read his certificate's thumbprint to 10

11 you. Once the thumbprints match you are sure that the certificate is really Bob's and any s encrypted with this certificate can only be read by Bob with his private key. This is so call direct trust in which the communicating parties are responsible for doing all the hard work of thumbprint verification. This is the most basic form of certificate trust. If the number of people you correspond with is small you can, for example, call each of them to verify the certificate thumbprints. If, however, you correspond with a lot of people this is not an easy task. That is why we need to use other mechanisms to verify the validity of a certificate. Note: Direct trust is the only way of trusting a certificate in isafeguard versions before 3.0. Hierarchical Trust In the hierarchical trust model everybody's certificate is issued by a third party called Certificate Authority (CA). If one trust the CA then he automatically trust the certificates that CA issues. This is a simplified form of hierarchical trust model. In reality there are a number of root certificate authorities from which trust extends. These CAs may issue certificates themselves, or they may issue certificates that are used to issue certificates down some chain. The whole structure is like a trust tree. End (leaf) certificate is verified by tracing backward from its issuer to the issuer's issuer until a directly trusted root CA is found. Again we see direct trust here. The above description is simplified for illustration purpose. But it does make the point: a trusted third party is required to build the trust relationship without direct contacts among communicating parties. Indirect Trust Model The trusted party, however, does not have to be a CA. Actually not everyone has a certificate from a CA. Many people use self-signed certificates for communicating with their friends and family members. They can use direct trust or use the so-called indirect trust described below. When Bob hands you his certificate on a disk you know the certificate is really his. You establish the trust through direct trust. Therefore you mark this certificate as trusted. Bob does the same thing with your certificate. So Bob and you can communicate securely. In the similar way you trust Alice's certificate and mark hers as trusted. One day Bob wants to communicate with Alice securely. It is impossible for Alice to hand her certificate to Bob personally since they are hundreds of miles away from each other. Bob could ask her to her certificate to him and then give her a call to verify the thumbprint. This may not be always possible; Bob may not have her phone number, for example. Or alternatively Bob could ask you to sign Alice's certificate and send the signed certificate to him since you have her certificate and have verified the thumbprint with her. When Bob receives Alice's certificate with your digital signature he can verify the digital signature with your certificate he has already had and trusted. Once the verification is successful Bob can be sure he gets Alice's certificate and can communicate with her securely. This is so called indirect trust. The trust between two communicating parties is established through a trusted third party - you. This trust model is particularly useful when communicating parties don't use a common certificate authority. Trust Models Used In isafeguard Starting from version 3.0 isafeguard supports direct trust, indirect trust and hierarchical trust. For selfsigned certificates (including root CA certificates) direct trust and indirect trust models are used. For CAissued certificates hierarchical trust model is used. The following is a list of the trust rules used in isafeguard : 11

12 1. Self-signed certificates are trusted directly by verifying their thumbprints with the certificate subjects. 2. Self-signed certificates with private keys are trusted; no matter they are CAs or end entities. 3. Self-signed certificates, including root CA certificates, signed by directly-trusted certificates are trusted. 4. Certificates, with or without private key, issued by a trusted CA certificate is trusted. 5. A CA certificate is trusted only if its issuing CA certificate is trusted. Note: A certificate is called directly-trusted certificate if The certificate is self-signed and you have the corresponding private key; or You get the certificate through a secure channel, someone hand you his certificate, for example; or You have verified its thumbprint with its subject through a secure channel. Certificate Validity and Certificate Trust A certificate is said to be trusted if you are sure the certificate really belongs to the subject shown on the certificate. A certificate is said to be valid if it is trusted and in its valid time period and not being revoked. Certificate Revocation Here is another question you may have regarding certificate. What if my private key is compromised? Or I don't use a certificate anymore? Well if you use certificates issued by a Certificate Authority (CA) you may revoke your certificate by working with the CA. The CA will publish a list of revoked certificate, called Certificate Revocation List, periodically. For example Thawte allows you to revoke your certificate using their web site. Thawte then will add your certificate to the list of revoked certificates. isafeguard fully supports Certificate Revocation List. When checking the validity of a certificate isafeguard will check against your CA's CRL to make sure it is not revoked before allowing you to use it to sign and encrypt data. Countersignatures Countersignature is one of the most important applications of public key cryptography. In this section we will introduce countersignature. What is a countersignature? A countersignature is a signature of an existing signature and message or a signature of an existing signature. Why are countersignatures important? Countersignatures are important when, for example, a lawyer prepares and digitally signs a legal document and then sends to his client, expecting the client to confirm agreement with the terms contained in the document. The client reads the terms and, if in agreement, countersigns the document. The countersigned document is then sent back to the lawyer. The lawyer now knows, and can prove, that the client agreed to the terms. How countersignatures are generated? 12

13 A countersignature is generated by signing the encrypted hash of an existing signature. It is possible to countersign a countersignature when more than two people need to agree on the terms of a document. The following screen shot shows the signature and countersignatures of a signed and encrypted document. In the above example Bob (the first signer) calculates the hash (or digest) of the data and then signs (encrypts with the his private key) the hash value to generate a signature. Alice (the first counter signer) countersigns the signature of the first signer, Bob. Michael (the second counter signer) countersigns Alice's countersignature; and so on and so forth. A chain of signature and countersignatures are created. From the above process you can see the order of the signature and countersignatures is important and reserved. Conforming to standards The digital signature and countersignatures generated by isafeguard conform to PKCS #7 and PKCS #9. For more information about digital signatures and countersignatures please contact us at help@mxcsoft.cm or refer to PKCS #7 and PKCS #9 references at RSA web site Signing and countersigning are complex processes. However when using isafeguard you will find it very easy to sign and countersign your important documents of any types and your s. 13

14 Key Storage - Your Profile A profile is special binary file that stores your key pairs and your certificates, including certificates from other people. The content of the profile is encrypted with a 168-bit 3DES encryption key derived from your login name and pass phrase so only you can decrypt the profile. This process is transparent to you. Every time you run the software, you are asked to login - you are required to provide your login name and pass phrase in order to access your key pairs and certificates. You know how important it is to safeguard your private key(s). Now you know how important it is to keep your profile and pass phrase secure. If you keep your profile and pass phrase safe, you are protected. Note: To make your private key (key pair) more secure you may store your private key in a security token. isafeguard allows you to save your private key in a security token. Summary This section summarizes the basic PKI protocol and some important concepts that you should remember to use this software effectively. Basic PKI Protocol To help you remember the basic PKI protocol, think about the following scenario: 1. Bob gets Alice's public key (certificate). 2. Bob signs his message with his private key. 3. Bob encrypts his message with Alice's public key (certificate). 4. Bob sends the signed and encrypted message to Alice. 5. Alice receives the signed and encrypted message. 6. Alice decrypts the signed and encrypted message using her private key. 7. Alice verifies Bob's signature using his public key (certificate). Something to Remember 1. When encrypting, you use someone's public key (may be yours). 2. When signing, you use your private key. 3. When decrypting, you use your private key. 4. A certificate is owned by a user and is identified by the user's name and address. Further Readings Cryptography is big topic; we won't be able to cover it in more detail. Hope this introductory will help you get started. If you are interested in learning more about cryptography, you may consider reading the following books: 1. Bruce Schneier, John Wiley & Sons, "Applied cryptography", John Wiley & Sons, Charlie Kaufman, Radia Perlman and Mike Speciner, "Network Security - Private communication in a public world", Prentice Hall PTR, Bruce Schneier, "Secrets & Lies, Digital Security in a Networked World", Wiley Computer Publishing, Alfred Menezes, Paul van Oorschot and Scott Vanstone, "Handbook of Applied Cryptography", CRC Press, 1996 There are many other resources available on the Internet. 14