[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [KEYPROV] My notes from today
Pasi,
I think we are getting to some consensus.
I was wondering if Key, KeyAttributes and KeyType need a bit more
analysis.
I believe that we should explicitly model KeyPolicy e.g. the Policy
governing the use of the key, hence this would be:
- Usage (encryption, decription, OTP, etc)
- permitted dates the key can be used
- permitted number of transactions
- PINPoliicy
- etc
Then we have the key and its algorithm
There is the concept of static parameters for a specific algorithm for
example
- IV
- OTP length
- format produced
And then for some algorithm types we have the concept of dynamic
values/meta_data, tied to a key for example:
- OTP event counter
- time drift
Now I am not sure if we need to split them out but currently in PSKC we
have modeled them separately
- dynamic value are under Key.Data (e.g. Key.Data.Counter)
- static values are under Key.Usage (e.g. Key.Usage.ResponseFormat)
The other point I wanted to make is that the User binding currently can
be on a device level AND on a Key level and the Users could be different
so maybe we should leave the user under the respective sub elements:
<KeyContainer>
<KeyPackage>
...info about Key
Algorithm (under here we could put the current
Key.Usage and rename them as algorithm.parameters)
Data (dynamic data)
Policy
...info about User
...info about Issuer
...info about Cryptographic Module
...info about Device
SerialNo
Manufacturer
...info about User
etc
</KeyPackage>
<KeyPackage>
....
</KeyPackage>
<KeyPackage>
....
</KeyPackage>
</KeyContainer>
Philip
-----Original Message-----
From: keyprov-bounces at ietf.org [mailto:keyprov-bounces at ietf.org] On
Behalf Of Pasi.Eronen at nokia.com
Sent: Wednesday, March 25, 2009 1:46 AM
To: keyprov at ietf.org
Subject: [KEYPROV] My notes from today
Writing these down before the social event...
Key: A logical component that performs symmetric key operations using
a Key Value, Key Attributes, and other state.
Key Value: The secret value used by a Key. (DSKPP and PSKC treat this
as a single key, although there could be some internal structure.)
Key Attributes: Set of information that influence how the Key Value
will be used, and how the Key can be used.
Example: The length of OTP value (for OTP algorithms that support
variable length OTPs), date after which the Key should not be used,
how access to Key functionality should be controlled (e.g. local
PIN code).
Key Type: Determines how a Key works: for example, the allowed lengths
of the Key Value, the cryptographic operations that can be performed
(e.g. OTP computation or challenge-response) and their inputs,
outputs, and algorithms; and what Key Attributes can be used.
Example: some examples of one-time password Key Types are HOTP
[RFC4226], S/Key [RFC1760], and SecurID-AES. In DSKPP and PSKC,
Key Types are identified by URIs.
Cryptographic Module: A logical component that contains one or more
Keys. Can be implemented in hardware or software.
Device: The physical device implementing the Cryptographic Module.
Example: For hardware Cryptographic Modules, a single Device
usually contains only one Cryptographic Module. For software
Cryptographic Modules, the Device is the host device (laptop,
server, mobile phone, etc.), and can contain multiple
Cryptographic Modules.
Key Package: A data structure for moving a single Key from one
Cryptographic Module to another. Contains data about the Key (e.g. Key
Value and Attributes), Cryptographic Module (e.g. source or intended
destination Key), Device, Issuer (an organization or party that
manages some Keys -- and possibly Cryptographic Modules and/or Devices
-- or has some kind of authority over them), and User (user, account,
role, or other entity that uses the services provided by Key, or is
otherwise associated with it).
Key Container: A data structure or file containing one or more Key
Packages.
These were not discussed, but should be very straightforward:
DSKPP Client: The logical entity implementing the client part of DSKPP
protocol; communicates with an Cryptographic Module to provision Keys
to the Cryptographic Module. In case of Hardware Cryptographic
Modules, the DSKPP Client might run on a PC to which the Hardware
Cryptographic Module is connected. In case of Software Cryptographic
Modules, the DSKPP Client could be part of the same software package
as the Cryptographic Module itself, or separate. (The interface
between the Cryptographic Module and the DSKPP Client is not specified
in this document.)
DSKPP Server: The logical entity that communicates with the DSKPP
client; usually communicates with a server-side Cryptographic Module
so that a corresponding Key (with the same Key Value) exists also on
the server side. The interface between the DSKPP Server and the
server-side Cryptographic Module is beyond the scope of this document.
--------------
<KeyContainer>
<KeyPackage>
...info about Key
...info about Cryptographic Module
...info about Device
...info about Issuer
...info about User
</KeyPackage>
<KeyPackage>
....
</KeyPackage>
<KeyPackage>
....
</KeyPackage>
</KeyContainer>
--------
Best regards,
Pasi
_______________________________________________
KEYPROV mailing list
KEYPROV at ietf.org
https://www.ietf.org/mailman/listinfo/keyprov