Distributed Key Management and Cryptographic Agility. Tolga Acar 24 Feb. 2011

Similar documents
Concrete cryptographic security in F*

Relaxing IND-CCA: Indistinguishability Against Chosen. Chosen Ciphertext Verification Attack

IND-CCA2 secure cryptosystems, Dan Bogdanov

Symmetric Encryption 2: Integrity

Feedback Week 4 - Problem Set

Block ciphers, stream ciphers

Block ciphers used to encode messages longer than block size Needs to be done correctly to preserve security Will look at five ways of doing this

Block cipher modes. Lecturers: Mark D. Ryan and David Galindo. Cryptography Slide: 75

Symmetric-Key Cryptography Part 1. Tom Shrimpton Portland State University

Cryptography. Andreas Hülsing. 6 September 2016

Cryptography CS 555. Topic 11: Encryption Modes and CCA Security. CS555 Spring 2012/Topic 11 1

Relaxing IND-CCA: Indistinguishability Against Chosen Ciphertext Verification Attack

CS408 Cryptography & Internet Security

Hypervisor Security First Published On: Last Updated On:

Strong Privacy for RFID Systems from Plaintext-Aware Encryption

MTAT Research Seminar in Cryptography IND-CCA2 secure cryptosystems

AWS Key Management Service (KMS) Handling cryptographic bounds for use of AES-GCM

CS155. Cryptography Overview

symmetric cryptography s642 computer security adam everspaugh

CS 6903 Modern Cryptography February 14th, Lecture 4: Instructor: Nitesh Saxena Scribe: Neil Stewart, Chaya Pradip Vavilala

Authenticated Encryption

Cryptography Lecture 4. Attacks against Block Ciphers Introduction to Public Key Cryptography. November 14, / 39

Cryptography CS 555. Topic 8: Modes of Encryption, The Penguin and CCA security

Lecture 18 - Chosen Ciphertext Security

Block ciphers. CS 161: Computer Security Prof. Raluca Ada Popa. February 26, 2016

Cryptology complementary. Symmetric modes of operation

CS 255: Intro to Cryptography

Paper presentation sign up sheet is up. Please sign up for papers by next class. Lecture summaries and notes now up on course webpage

Authenticated Encryption

Introduction to Cryptography. Lecture 3

Computational Security, Stream and Block Cipher Functions

MTAT Cryptology II. Commitment Schemes. Sven Laur University of Tartu

Message Authentication ( 消息认证 )

Proofs for Key Establishment Protocols

Message authentication codes

Computer Security CS 526

On the Security of a Certificateless Public-Key Encryption

Unit 8 Review. Secure your network! CS144, Stanford University

CloudSky: A Controllable Data Self-Destruction System for Untrusted Cloud Storage Networks

CSE 127: Computer Security Cryptography. Kirill Levchenko

CS 395T. Formal Model for Secure Key Exchange

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

Authenticated encryption

Lecture 8. 1 Some More Security Definitions for Encryption Schemes

Lecture 6: Symmetric Cryptography. CS 5430 February 21, 2018

Introduction. CSE 5351: Introduction to cryptography Reading assignment: Chapter 1 of Katz & Lindell

Cryptography 2017 Lecture 3

1 Achieving IND-CPA security

Scope Statement For Shared Key Authentication and Encryption in Lustre 2.X

Course Map. COMP 7/8120 Cryptography and Data Security. Learning Objectives. How to use PRPs (Block Ciphers)? 2/14/18

symmetric cryptography s642 computer security adam everspaugh

Concrete Security of Symmetric-Key Encryption

Lecture Secure, Trusted and Trustworthy Computing Trusted Platform Module

Random Oracle Instantiation in Distributed Protocols Using Trusted Platform Modules

Refining Computationally Sound Mech. Proofs for Kerberos

Lecture Embedded System Security Trusted Platform Module

CS155. Cryptography Overview

Cryptographic hash functions and MACs

Leveraging Intel SGX to Create a Nondisclosure Cryptographic library

Crypto Background & Concepts SGX Software Attestation

Message authentication. Why message authentication. Authentication primitives. and secure hashing. To prevent against:

Overview of Cryptography

Dyadic Security Enterprise Key Management

Storage Encryption: A Cryptographer s View. Shai Halevi IBM Research

Lecture 8 - Message Authentication Codes

Security of Cryptosystems

COS433/Math 473: Cryptography. Mark Zhandry Princeton University Spring 2017

CSC 5930/9010 Modern Cryptography: Cryptographic Hashing

ASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1

Security of Identity Based Encryption - A Different Perspective

Computationally Sound Mechanized Proof of PKINIT for Kerberos

Goals of Modern Cryptography

Homework 2: Symmetric Crypto Due at 11:59PM on Monday Feb 23, 2015 as a PDF via websubmit.

CSC 5930/9010 Modern Cryptography: Digital Signatures

Generic Transformation of a CCA2-Secure Public-Key Encryption Scheme to an eck-secure Key Exchange Protocol in the Standard Model

Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD

Lecture 8: Cryptography in the presence of local/public randomness

Cryptography III. Public-Key Cryptography Digital Signatures. 2/1/18 Cryptography III

CSC 5930/9010 Modern Cryptography: Public-Key Infrastructure

Cryptographically Sound Security Proofs for Basic and Public-key Kerberos

Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD

A CCA2 Secure PKE Based on McEliece Assumptions in the Standard Model

Space-Efficient Identity-Based Encryption: Spelling out the Approach by Boneh-Gentry-Hamburg

Winter 2011 Josh Benaloh Brian LaMacchia

ASYMMETRIC (PUBLIC-KEY) ENCRYPTION. Mihir Bellare UCSD 1

Authenticated Encryption in TLS

Definitions and Notations

Public-Key Cryptography

Refresher: Applied Cryptography

Homework 3: Solution

CIS 6930/4930 Computer and Network Security. Topic 7. Trusted Intermediaries

Encryption from the Diffie-Hellman assumption. Eike Kiltz

CSC 774 Network Security

On Symmetric Encryption with Distinguishable Decryption Failures

Permutation-based Authenticated Encryption

6.857 L17. Secure Processors. Srini Devadas

Cryptographic Systems

Department of Computer Science Institute for System Architecture, Operating Systems Group TRUSTED COMPUTING CARSTEN WEINHOLD

CSC/ECE 774 Advanced Network Security

SecureDoc Disk Encryption Cryptographic Engine

Transcription:

Distributed Key Management and Cryptographic Agility Tolga Acar 24 Feb. 2011 1

Overview Distributed Key Lifecycle Problem statement and status quo Distributed Key Manager Typical application scenario and architecture Hardware Rooted Key Management How to use TPMs for key management TPM Key hierarchy Diving into Cryptographic Theory Security Definitions Cryptographic Agility 2

Distributed Key Management Encrypt M 1 Decrypt C 1 C 1 =E(K,M 1 ) C 2 =E(K,M 2 ) M 1 =D(K,C 1 ) Read ciphertext Node 1 Node 2 Node N Save ciphertext C 1 Replication Protocol Storage (Replica) Storage (Replica) Where is the correct key? How is it protected? 3

Key Lifecycle Model Creation. A key object is created on at least one replica, but its attributes (e.g., key value) are not set. Initialization. The key object has all its core key attributes set on at least one replica. Full Distribution. An initialized key is available on all replicas. Active. An initialized key is available for cryptographic operations on at least one replica. Inactive. An initialized key is available for some cryptographic operations on all replicas (e.g., decrypt, only). Termination. An initialized key is permanently deleted from all replicas. 4

Key State Transitions Initialization Creation Active Inactive Termination Full Distribution Create and initialize a key Cryptographic operations 5

DKM Problem Statement No cross-user and cross-machine data protection Windows Data Protection API (DPAPI) is single-user, single-machine. KeyCzar and PKCS#11 uses local keys; no distribution mechanism. Engineering problem Ad-hoc key management groups (protection siloes) Scalability & Availability (10Ks of machines) Geo-redundancy (multiple data centers) Key lifecycle management (automation) Cryptography problem Protect arbitrary data (broad applicability) Use existing algorithms (e.g. AES, HMAC-SHA2) Automatically update group keys (key rollover) Crypto agile (algorithm and key length changes) 6

DKM Architecture API Client 1 Protect Unprotect K A Secure connection DKM Container API DKM Group Container Client 2 Protect Unprotect K B DKM Repository DKM Group A K A ACL API Client 3 Protect Unprotect K A Group B K B ACL Untrusted Storage (DKM-protected data) 7

DKM Approach Active Directory Approach Key storage is straightforward Store group keys in AD objects Protect keys with AD object ACLs AD security groups correspond to principals / groups Rely on Active Directory replication for high availability Network transport is secure (LDAP with Kerberos) DKM provides Auto key update mechanism Multiple groups and multiple keys per group Cryptographic policy per domain and per group Crypto agility 8

Walkthrough: DKM in Hosted E-Mail Scenario: Hosting mail for multiple tenants in a datacenter Product supports message aggregation from other providers for users with multiple email accounts User signs in once E-Mail Server fetches and aggregates mail Tenant Admins must be able to perform Administrative tasks But should NOT be able to read user credentials 9

Walkthrough: DKM in Hosted E-Mail Tenant 1 Tenant Admin can administer Exchange Hosted E-Mail Tenant 1 Tenant 2 User s ISP Active Directory Admin 1 User 1 Tenant Admin can NOT access DKM keys DKM Keys Mailbox Stores User Settings User s Mailbox User Settings User s Mailbox Tenant 2 Internet User s DKM encrypted ISP password User s DKM encrypted ISP password Admin 2 E-Mail Servers ISP Mail Server User 2 DKM (Hotmail, Yahoo, Gmail, etc) 10

DKM in Hosted E-Mail Tenant 1 Hosted E-Mail Tenant 1 Tenant 2 User s ISP Active Directory Admin 1 DKM Keys User Settings User Settings User 1 Mailbox Stores User s Mailbox User s Mailbox Tenant 2 Internet User s DKM encrypted ISP password User s DKM encrypted ISP password Admin 2 2 1 E-Mail Servers ISP Mail Server User 2 E-Mail Servers can retrieve mail from the ISP on behalf of the user DKM 3 (Hotmail, Yahoo, Gmail, etc) 11

Secret Protection Technology: DKM-TPM Motivation HSM Hardware Security Module TPM-based Crypto Software Crypto No Hardware Cost: Security: Deployment: Expensive Moderate Inexpensive Very Secure More Secure Moderate (OS-Dependent) Hard Easier Easy Approach sits between a pure HSM solution and a full software solution.

DKM-TPM Key Hierarchy Keys Storage: TPM Processing: TPM Protection: TPM EK (Endorsement Key) SRK (Storage Root Key) Keys Storage: External Processing: TPM Protection: TPM TLSK (TLS Key) AIK (Attestation Identity Key) SK (Signing Key) WK (Wrapping Key) Keys Storage: External Processing: Memory Protection: TPM DKMK (DKM Key)* Seal * There are one or more DKM Keys.

DKM-TPM Roles 1. Master (Root of Trust) Root of Trust for TPM public keys Role assignment to TPM public keys Push to Stores 2. Store (Repositories) DKM repository (keys, policies, and metadata) DKM Responder Responds to requests from Masters, Stores, and Nodes 3. Node (Application servers) Cryptographic operations with DKM keys Client API Sends requests to Stores

DKM-TPM Roles Node Store Master Node Logic & API Store Logic & API Master Logic & API CommClient CommClient CommServer CommClient Repository KM & Crypto Repository KM & Crypto Repository KM & Crypto TPM TPM TPM Master PK List Store PK List Node PK List Configuration DKM Keys Policies Master PK List Store PK List Node PK List Configuration Master PK List Store PK List Node PK List Configuration

Cryptosystem Security Definitions Probabilistic Polynomial-Time (PPT) adversaries Probabilistic randomized algorithm that gives the correct answer with > ½ probability. Random Oracle Model (RO or ROM) Black box with a stateful uniform random response x y Random Oracle y {0, 1}* If (x in A) y Fetch(A,x) Else Store(x,y) in A Return y 16

Attack Game Encryption scheme security definitions IND-R: Indistinguishability from Random IND-CPA: Indistinguishability under Chosen Plaintext Attack (a.k.a. semantic security) IND-CCA: Indistinguishability under Chosen Ciphertext Attack IND-CPA IND-CCA m 0, m 1 C Left-Right Oracle b {0, 1} C = Enc(K, m b ) Return C Guess b? IND-CPA Game 17

Ciphertext Attacks IND-CCA2: Indistinguishability under adaptive chosen ciphertext attack Decryption Oracle access (non-trivial) Non-adaptive Query the decryption oracle till the challenge ciphertext is received Adaptive Continuous queries to the oracle (max q queries) IND-CPA IND-CCA IND-CCA2 18

IND-CCA/CCA2 Game Free Oracle Access Queries {m,c} Responses {C,m} Encrypt C = Enc(K, m) Decrypt m = Dec(K, C) Challenge m 0, m 1 C Left-Right Oracle b {0, 1} C = Enc(K, m b ) Guess b? Adaptive (CCA2) Adversary C m Decrypt m = Dec(K, C) 19

Cryptographic Agility Cryptographic primitives as sets: PRF = {F : F is a secure pseudorandom function} AE = {F : F is a secure authenticated encryption scheme} Assume F 1 and F 2 have the same key space and length Informal Definition: A primitive Π is agile if any F 1, F 2 Π can securely use the same key. K F 1 F 2 20

Pseudo Random Function Agility Facts PRF: F is a PRF if no efficient adversary can distinguish F(K,.) from a random function. F 1 (K 1,x) and F 2 (K 2,x) are not distinguishable from a pair of random functions. K Definition: A set {F 1,F 2 } is agile if F 1 (K,x) and F 2 (K,x) are not distinguishable from a pair of random functions. x F 1 F 2 F 1 (K,x) x F 2 (K,x) Question: Are PRFs agile? Yes, if every {F 1,F 2 } is agile. Answer: No. Example: F 2 (K,x) = NOT (F 1 (K,x)) Now, what? 21

Agility in Practice Certain primitives are agile: collision-resistant hash functions Strong agility is achievable in practice: Authenticated Encryption Don t use the key directly in the encryption algorithm <ae> Use a derived subkey in <ae> (x,f 1 (K,x)) K F 1 F 2 (x,f 1 (K,x)) PRF-based security for Authenticated Encryption: CCM, GCM, etc. Pick a PRF from a small agile set Encryption of M with K, with PRF K ae = PRF(K,<ae>) C = E(K ae, M) Decryption K ae = PRF(K,<ae>) M = D(K ae, C) 22

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback