Slide 1Outline of the TalkKEY MANAGEMENT SYSTEMSKey Management SystemKey Management SystemKey Management SystemIEEE P1619.3 STANDARDIEEE P1619.3 StandardIEEE P1619.3 StandardIEEE P1619.3 StandardSTRONGKEY SYMMETRIC KEY MANAGEMENT SYSTEMStrongkey Symmetric Key Management System (SKMS)Strongkey SKMS ArchitectureStrongkey SKMS ArchitectureOASIS KEY MANAGEMENT INTEROPERABILITY PROTOCOLOASIS Key Management Interoperability Protocol (KMIP)OASIS Key Management Interoperability Protocol (KMIP)OASIS Key Management Interoperability Protocol (KMIP)ConclusionsReferencesKEY MANAGEMENT SYSTEMCS691 M2009 Semester ProjectPHILIP HUYNHOutline of the TalkKey Management SystemIEEE P1619.3 Standard Key Management Infrastructure for Cryptographic Protection of Stored DataStrongkey Symmetric Key Management System (SKMS)OASIS Key Management Interoperability Protocol (KMIP)01/14/2019 PHILIP HUYNH / CS691 2KEY MANAGEMENT SYSTEMSMotivationsFunctionalitiesSecurity01/14/2019 PHILIP HUYNH / CS691 3Key Management SystemMotivations for Key ManagementThe keys must be kept secret. While the encryption algorithm should be public.Whoever has access to the key, can also access the information, assume someone else's identity, etc. 01/14/2019 PHILIP HUYNH / CS691 4Key Management SystemKey Management Functionalities1. Generation2. Distribution3. Storage4. Replacement / Exchange5. Usage6. Destruction01/14/2019 PHILIP HUYNH / CS691 5Key Management SystemKey Management System SecurityPrevent intruder from obtaining a keyAvoid unauthorized use of keys, deliberate modification and other forms of manipulation of keysOnce the reliability of a key is impaired, its use must be terminated immediately01/14/2019 PHILIP HUYNH / CS691 6IEEE P1619.3 STANDARDProblemsSolution01/14/2019 PHILIP HUYNH / CS691 7IEEE P1619.3 StandardEncrypting Storage ProblemsWe can’t always expect a tape drive to be able to get keys from an encryption appliance’s key server, or for an encryption appliance to be able to get keys from a tape drive’s key server because there is very little interoperability between vendors’ key management systems.We can’t expect a storage device to be able to get keys from a distant key server. If we encrypt a backup tape in New York data center and send the tape to an offsite backup facility we can’t always expect that the data can be decrypted at the backup facility because the storage device there may be unable to reach the key server that provide the decryption key.01/14/2019 PHILIP HUYNH / CS691 8IEEE P1619.3 StandardThe goalEliminate all the key management problems Make interoperable key management possible.Abstracts the components of a cryptographic system intoKey management server Key management clientCryptographic unit. The standard also defines operations between the key management servers. 01/14/2019 PHILIP HUYNH / CS691 9IEEE P1619.3 StandardThe abstraction components roles and responsibilities1. Key management server creates and distributes keys as well as the policies covering their use.2. Key management clients get keys and policies from a key management server on behalf of a cryptographic unit.3. Cryptographic units perform the actual encryption and decryption operations with the keys the key management clients manage.01/14/2019 PHILIP HUYNH / CS691 10STRONGKEY SYMMETRIC KEY MANAGEMENT SYSTEMProblemsSolution01/14/2019 PHILIP HUYNH / CS691 11Strongkey Symmetric Key Management System (SKMS)Why is symmetric key management a problem?Many encryption application Vendors provide different KM Systems. As a result, IT Operation Staffs have to manage many different KM Systems.The complexity of KMS management raises the TCO, and causes the potential danger of a vulnerability in the security strategy.SolutionClient/Server KM System for encryption applicationsSymmetric Key Server – implements the KM functions that are abstracted from the applicationsSymmetric Key Client – provides API that can make requests for symmetric key services.01/14/2019 PHILIP HUYNH / CS691 12Strongkey SKMS ArchitectureSKS serverA server-class computer running an OS – Linux, UNIX, or Windows that has JVM available for itA relational database for storing the symmetric encryption keys.A J2EE compliant application server to response to the requests over the networkA JCE-compliant cryptographic provider to perform the cryptographic operations of key generation, key protection, digital signing, verification,…An optional, Hardware security module (HSM) or Trusted Platform Module (TPM) for securely storing the cryptographic keys that protect the database’s contentThe SKS server software, consisting of an Enterprise Archive (EAR) and a Web archive (WAR) file for administration consoleSKCL ClientA client computer running an OS – Linux, UNIX, Windows, and OS/400 that has JVM available for itA JCE-compliant cryptographic provider to perform the cryptographic operations of key generation, key protection, digital signing, verification,…01/14/2019 PHILIP HUYNH / CS691 13Strongkey SKMS ArchitectureSKCL Client (continued)An optional, Trusted Platform Module (TPM), smartcard, or other USB-based cryptographic token for securely storing the cryptographic keys that protect client’s authentication credentials.The SKCL software, consisting of an API callable by Java applications for communicating with the SKS server and performing cryptographic functions. Non-Java applications have the option of either using a JNI library to call the SKCL, or communicating with the SKS server directly using the SKSML protocol.SKSML ProtocolA call from the client to request a symmetric key – new o existing – from the SKS server.A call from the client to request key-caching policy information from the SKS server.A response from the SKS server containing the symmetric key and key’s use policy.A response from the SKS server containing the key-caching policy.A fault message from the SKS server, if either of the two calls doesn’t succeed.01/14/2019 PHILIP HUYNH / CS691 14OASIS KEY MANAGEMENT INTEROPERABILITY PROTOCOLProblemsSolution01/14/2019 PHILIP HUYNH / CS691 15OASIS Key Management Interoperability Protocol (KMIP)Why is key management a problem?The proliferation of key management system result in higher operational and infrastructure costs of enterprise using encryption, certificates, asymmetric key