pki-tc message
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]
Subject: GW vs E2E Security. Was: Call for input: Asia PKIF Forum Panel Discussion
- From: "Anders Rundgren" <anders.rundgren@telia.com>
- To: "PKI TC" <pki-tc@lists.oasis-open.org>
- Date: Sat, 1 Oct 2005 13:31:07 +0200
>I have to say that I think you construct a
caricature of security, then
>shoot it down, and then extrapolate to
reach some fairly extreme
>conclusions!
Stephen,
This must be a compilation on many other
messages because the question to the Asian PKI
forum was not that exciting :-)
Anyway, your response contains a theme worth
commenting on as it is really a thing
that to date has been poorly analyzed in
general.
Secure e-mail, a caricature of
security
If I would ever use the phrase caricature of
security, I would refer to the security
architecture for Internet mail. The deficiency of this model have costed, and is still costing businesses over the
world, many billions of dollars lost yearly, due to spam, viruses and
phishing.
Most of the problems above, would have been thwarted
in their infancy if the architects behind secure e-mail had realized the
difference between a limited set of mutually trusted government agencies and the
billion+ users now on the Internet.
As hardly nobody on the entire planet could
have guessed this development, I think it would be highly incorrect
to blame the authors of S/MIME for this situation. However, it is
equally incorrect not to acknowledge this situation and ways of
dealing with it.
Solving e-mail security step by
step
It might be of interest to know that "Internet-scale" companies Yahoo and
Cisco have teamed-up to create a new e-mail security model not based
on E2E security. It will certainly not cure all problems we
have today (too late), but it is based on a domain signature scheme that will
allow stepwise improvements instead of the "flag-day" syndrome imposed by the
end-to-end approach.
GW/E2E security in enterprise transactions
>I agree
with you Anders that a great many enterprise transactions are best
>secured at the gateway (especially from an encryption point of
view).
>This is a good model indeed, but not the only one, and not
a "competitor"
>to end-to-end security.
Regarding "competition",
may I repeat my request (that I have also forwarded to the organizers of PKI
Workshop 2006)? I have to date not seen a single description of
an existing end-to-end secured multi-user purchasing system, which I claim
is because there probably is no such system. If I'm wrong I would
like to get some evidence of this including reasonably clear descriptions on how
messages are secured between the large number of parties that are
involved in such processes. Since the purchasing process actually can be
mapped to many other multi-party processes, I feel this is a generic
issue.
BTW, there are IMHO at least as many reasons for using GW signatures as
there are for using GW encryption. In the B2B world I believe the
requirement that an E2E secured message must be in the
true destination format also in the sender's client is the biggest
hurdle, as it excludes current, mostly web-based systems. There simply is
not enough money available for funding the development of thousands and
thousands of unique "fat clients", particularly as "the other solution" is
readily available as well as being inherently more
flexible. Client-side authentication using SSL fills the
security bill in a much less intrusive way. However, that security does
not have to reach beyond the business system as the business system is an
entity itself in a GW-world.
>I know from a New Zealand project
several years ago that they implemented
>government-wide gateway PKI only
because they couldn't get smartcards and
>client software as they existed
back then to work. They viewed gateway
>PKI as effective BUT a
compromise, because they lost strong authentication
>of
individuals. That is not a bad compromise in many cases; and there are
>other ways to get individually auditable proof of origin. But it
is a
>compromise nevertheless.
That is a rather one-dimensional way of
describing this system. Seen from another angle, I note that SEEMail
enabled domain-encrypted and -authenticated mail communication to EVERYBODY
within the government network with minimal costs including virtually no end-user
training. The US government OTOH have not reached that goal even today by
a long shot as they are stuck with a system that does not scale trustwise
(end-to-end security using S/MIME). Apparently, the New Zeeland government
is now extending this concept to include citizens and businesses as well:
http://www.e-government.govt.nz/see/mail/index.asp
Germany's e-Government adopts the GW
approach
I just returned from a conference in Hungary called
ISSE 2005 (Information Security Systems Europe) where I presented an
authentication solution on behalf on my employer. Fortunately, I was
also able to attend a presentation by a BSI (the NIST of Germany) delegate
who presented their gateway approach for e-government transactions and
messaging. The person started with a slide containing the line:
"End-to-end security died even before it even was alive". I could not have
put it better myself. This was not a research report but a real system
based on a set of new BSI standards, and coming from the country that more than
any other country has been associated with legally binding signatures, qualified
certificates and similar.
Based on publicly available information, the
governments in the US and in Asia have (apparently) concluded
that they do not need a security architecture for interacting with the society
at large. This is a pity, since HSPD-12/PIV does neither
address (in the original text at least), cross-agency messaging nor G2B
messaging, it is rather designed to secure access to federal
resources. The original use-case should work just fine, while the extended
use-case often does not. "How do you send an encrypted message to the tax
department" (which the BSI representative mentioned as an example), is in its
extreme simplicity showing that this is not simply a matter of using smart cards
or not, it is rather a security architecture issue. The BSI question
also indicates that there are privacy issues that are not particularly
well addressed by the E2E model (while definitely by its
challenger).
The way ahead?
The extreme positions taken by different "PKI
theologists" (unfortunately including myself), have so far created a huge
gap benefiting nobody. It is however, indeed possible combining
these two diverging paths creating a very potent security architecture that
as a bare bone minimum uses GW security for organization-to-organization
messaging, while it underneath can tunnel an individual's signatures for
the rather few cases where such are needed. In fact, this super-simple
scheme can address authorization in a way that E2E security cannot, by making
the semantics of a GW-signature indicate "archived", "checked", and
"authorized". A standalone E2E signature OTOH, does not look any
different whether it has passed directly from the desktop of the individual
or have gone the "proper way" trough internal systems. That is,
E2E-signatures seem most suited for internal consumption,
while GW-signatures mainly have external
applicability. Last but not least, a
combined GW+E2E-signature would denote an authorized
signature by an individual representative of an organization, where the
signature is intended for external consumption. Since the outer GW
signature may not only embed the E2E signature, but any number of applicable
authorization attributes, this scheme offers an "in-transaction" alternative to
the virtually non-existent X.509 attribute certificates.
Once again, I would
like to emphasize that a security architecture and smart cards are not
equivalent, smart cards are rather a potentially vital piece of such an
architecture. By adopting a migrative approach to security, I believe
smart cards will be much more quickly adopted (=used) than approaches
requiring that not only your organization switch to full-blown PKI deployment,
but also requiring every organization you want to interact with does this as
well and at the same time, using the same policies etc. That's at least
what most governments and banks are thinking in the EU.
Anders Rundgren
Located in the EU, working for a major US computer security
company, but here only representing myself.
[Date Prev]
| [Thread Prev]
| [Thread Next]
| [Date Next]
--
[Date Index]
| [Thread Index]
| [List Home]