 |
|
|
AEP SureWare Keyper Professional V2.2 AEP SureWare (recently acquired from Baltimore by AEP Systems Ltd.) is a range of PKI hardware products that integrate with third party security software to provide secure key storage and cryptographic acceleration functions for business-to-business e-security. The range includes: SureWare Keyper - SureWare Keyper is a hardware module designed to ensure the security of private keys in PKI applications. It is available in three versions - Professional, PCI and OEM. SureWare Keyper Professional is a standalone hardware module evaluated to FIPS 140-1 Level 4, and is aimed at high security, high reliability applications, enhancing PKI security in any PKCS#11 compliant environment. The PCI module is evaluated to FIPS 140-1 Level 3. SureWare Runner - SureWare Runner is the Secure Socket Layer (SSL) accelerator, and is designed (but not evaluated) to FIPS 140-1 Level 3. This Ethernet-based security system is available to all Web servers in an organisation, providing cost-effective security for online commerce transactions. SureWare Net - SureWare Net is a ITSEC E3-compliant data encryption device for virtual private networks (VPNs). It is highly flexible, providing the ability to download new encryption algorithms without major upgrades
The product submitted for testing was the AEP SureWare Keyper Professional Version 2.2. The SureWare Keyper Professional is a LAN-based Hardware Security Module housed in a desktop enclosure measuring 223 x 45 x 244 mm. The rear panel sports a serial port for console access, Ethernet port for LAN-based access to cryptographic and key storage functions, temperature sensor and jack for external power supply. The front panel consists of an integrated keypad that can be folded away, a back-lit two-line LCD display, LED indicators for system status and LAN traffic, a physical key switch, a restart button and a smart card reader. Each Keyper has a unique physical key which can be used to operate the key switch. When the key is turned, the keypad is locked and the menus cannot be accessed via the front panel. Unusually, the Restart button remains operational when the key switch is activated which could lead to a denial of service condition if pressed by unauthorised personnel, since cryptographic services are not started automatically on power up of the device. Ideally, we would like to see all functions (including the Restart button) disabled when the key switch is activated. The enclosure is designed to be highly tamper resistant, and has been evaluated to FIPS 140-1 Level 4 and ITSEC E3. If the device is subjected to serious physical tampering or total power failure (loss of both mains and backup battery power) this will result in the destruction of both Storage Master Keys (SMK) and the working key store. The protected key store, including the Application Keys, will be rendered useless by the destruction of the SMKs, and the application software and download software is destroyed as soon as Keyper is powered up after tamper. A cryptographic protection mechanism then protects Keyper from unauthorised software download until it can be returned to AEP Systems. The end result is that no secret unencrypted (i.e. recoverable) material exists within Keyper, and no material created by a host application will exist in the unit in any form after power on. There is an additional level of tampering - known as an �operational tamper� - which occurs following incidences of extreme temperature or voltage fluctuations. Following an operational tamper, the SMKs and all keys stored in the working key store are destroyed, rendering the Application Key store useless. Keyper can be recovered, however, by clearing the tamper condition through a menu option, re-importing the SMK and restoring the Application Keys from smart cards. SureWare incorporates AEP System's Advanced Configurable Crypto Environment (ACCE) which supports a range of Key Management options, with protected internal key store for over 1,000 keys, backed by secure key export and transport options. Hardware support for a range of algorithms such as 3-DES, RSA, DSA, Diffie Hellman and SHA-1 is included, and all SureWare modules can be upgraded with new software and algorithms. Performance is rated at 150 key signings per second with 1024-bit RSA keys, and 50 key signings per second with 2048-bit RSA keys. The Keyper is LAN-based, with a 10/100Mbit Ethernet interface that allows the unit to be shared - and even accessed simultaneously, if required - by multiple hosts on a network. Up to four concurrent TCP/IP connections can be handled by a single device, and multiple modules can be grouped using load balancing software to allow linear scaling of performance and fault tolerance. The SureWare Keyper Professional is designed to be completely self-contained, with all operations being controlled by on-board software. Although the Keyper is LAN-based, there are few day-to-day administrative functions that can be performed via a remote connection. Instead, the main administrative interface is provided via the front panel and LCD screen. Although this may seem restrictive in theory, in practice, the nature of an HSM device and inherent restrictions in locating it (i.e. in a secure room) and authenticating to it (i.e. the requirement to physically insert smart cards into the device to authorise operations) mean that the need for remote management and configuration is often nonexistent. Indeed, in the case of an HSM that is used for a root CA, the provision of remote connectivity directly to the device might be seen as a potential security risk. The only problem we did find with the administrative interface was its lack of on-screen direction. Cryptic prompts such as �Insert Card� are all that usually appear on the screen, with no indication of exactly which card is required at any given point in time. AEP Systems claims this is an additional security measure, which makes life difficult for an intruder. We believe that the only person whose life is complicated by such an approach is the legitimate administrator. Any intruder who has successfully negotiated the various physical and computer-based security measures that usually protect a room containing an HSM will have been sure to memorise the user guide word for word. The �backup� administrator called in because the usual guy is off sick, however, will find things to be more complicated than they really need to be. Security by obscurity is not a valid approach, in our opinion, and the ease of use aspect of the SureWare Keyper could be improved. That said, the product is not difficult to use, especially with the manual in front of you (AEP Systems is one of the few companies who still provides hard copy manuals, for which it is to be congratulated). Before discussing the operation of the Keyper, it is necessary to understand the key hierarchy, which consists of three categories of keys:
The Adapter Authorisation Key (AAK) The AAK protects Keyper from unauthorised access by providing the means to authenticate Security Officer smart cards. There is only one AAK, which is always generated in the Keyper during the initialisation phase. It can then be backed up in component form to smart cards, and imported to other Keyper units. When an AAK is imported, this allows the Keyper to recognise the same Security Office smart cards as the device from which the AAK was originally backed up - particularly useful in load balancing deployments. The AAK could be considered to be the �master key� within a Keyper, and is not related to any other key. The AAK is imported and backed up in N of N component form, and all AAK smart cards in a set have to be presented to re-create the key, each smart card containing one component. Security Officer smart cards are issued in sets of two, and each Security Officer card is directly related to the AAK. On issue, the Security Officer smart cards contain information on which set it belongs to - each set has a unique ID - as well as information which identifies the type of smart card. This information is protected by the AAK. The Keyper, to which the Security Officer smart cards are presented, must contain the same AAK as the Keyper that issued those smart cards. The sole purpose of the Storage Master Key (SMK) is to encrypt and store the private keys for applications (known as the Application Keys). This means that all Application Keys are encrypted and protected at all times, whether in the HSM or when being exported to smart card. The SMK is backed up in M of N component form, one component per smart card. In the case of the SureWare Keyper a minimum of two (M) of four (N) cards to a maximum of nine (M) of nine (N) cards are required to rebuild the SMK. Note that the options to import, back up, generate, delete and promote an SMK are not available if Key Export is disabled. This situation is mandated by the e-commerce laws of certain countries which state that the keys should never leave the HSM in any form. The advantage of this approach is that it is mandating the highest levels of security. The downside, of course, is that should the HSM device itself be stolen or damaged, there is no backup available, and so the entire PKI supported by that device would become null and void. Application Keys are generated by a request for cryptographic services - a key generation request by a host application such as Baltimore Technologies UniCERT Certification Authority, for example. Protected keys consist of key material, key policy, and a key identifier, all of which are wrapped by the SMK for back up/import via smart card. The Application Key store can only be backed up in full onto smart cards, and restored in the same way. Individual Application Keys cannot be identified and therefore extracted or entered via smart cards in the current release - this facility will be provided in a future release. At present, individual Application Keys with the appropriate key policy can be extracted from the Keyper via the API only. As with the SMK, the options to back up and import Application Keys are not available if Key Export is disabled. When the SureWare Keyper is first powered on, it is necessary to initialise the device before it can be used. In this state Keyper cannot accept any requests for cryptographic services, and no SMK or Application Keys can be imported. When the issue of the Security Officer smart cards is selected via the menu option during the initialisation phase, the Keyper detects whether an AAK has already been imported. If it has not, a new AAK is generated to allow the Security Officer smart cards to be issued successfully Of course, if it is required to use the SO smart cards from an existing Keyper device, then the AAK from that device can be imported (from multiple smart cards) rather than generated from scratch. During the initialisation phase, the administrator also selects whether or not key export will be allowed on that unit. To comply with the strict Austrian and German signature laws, the option exists that once key export has been disabled, it cannot be enabled without erasing all keys and returning the device to its pre-initialised state. Once initialisation has been completed, the Keyper can be made operational, requiring two SO smart cards to validate its operational state from that point forwards. Various administrative roles are supported by the SureWare Keyper:
The Operator is authenticated by the insertion and turning of the correct physical key in the key switch on the front panel of Keyper. This enables the operator to change or view network settings for SureWare Keyper and the host, and view the name and version number of the installed software only. The Security Officer(s) are authenticated by the insertion and turning of the correct physical key in the key switch on the front panel of Keyper and the insertion of their smart card followed by the PIN associated with that smart card. A single Security Officer (or an SO with a single smart card) can:
Two Security Officers (or a single SO with two smart cards) can:
Note that a new SMK can be generated at any time, but must be promoted before it becomes active. Creating a new SMK causes all the existing Application Keys to be �re-wrapped� using the new key once it has been promoted. A Key component holder simply holds a key component smart card (i.e. part of the AAK or SMK) for security purposes, inserting that smart card into a Keyper unit to accept an export or import of a key component. Similarly, an Application Key holder holds a smart card containing backed up Application Keys, inserting that smart card into a Keyper unit to accept a back up or import of those keys. Once the Keyper has been initialised, the holder(s) of the SO smart cards can set the device to be operational and start the cryptographic services. This is achieved via insertion of the smart cards into the card reader and entering the PIN numbers at the front panel. Once that has been accomplished, the Keyper is ready to accept crypto requests from remote hosts on the same network. The device is capable of storing up to 1000 1024-bit RSA keys or 500 2048-bit keys in its internal protected memory. These can be backed up to one or more smart cards by the SO. Note that the vital AAK and SMK can also be backed up to smarts cards by the SO, and complete sets of labelled smart cards are provided for these various backups with each Keyper device. Installing the SureWare Host Adapter(s) to enable host access to the Keyper HSM is as straightforward as inserting the CD and then selecting the appropriate adapter from a menu:
The PKCS#11 Adapter is a software program which provides a PKSC#11 Application Programmers Interface (API) to an application running on a host machine. The Adapter enables the host machine to access the SureWare Keyper hardware (the SureWare HSM will often be referred to as a �token� by third party applications). The PKCK#11 Adapter is independent of the SureWare HSM in that it passes cryptographic requests to the unit with which it is configured to communicate. The PKCS#11 Adapter simply sees the SureWare HSM as a �black box� on the other end of a LAN connection. The SureWare Keyper HSM is an extremely flexible device when it comes to deployment. Thanks to the LAN-based operation, a single HSM device can be shared by any number of host applications (including separate PKI implementations, for example) running on the same network (it is not possible to route crypto requests between subnets). Multiple HSM devices can also be installed on a network, and can be dedicated to, or shared between, multiple host applications. Of particular interest in more heavily loaded installations, however, is the ability to use a separate piece of software called the Load Balancer to allow balancing of cryptographic requests between the PKCS#11 Adapter/CSP and between two and sixteen SureWare HSMs. The SureWare Load Balancer is available as a separate item for Windows NT v4, Windows 2000, Sun Solaris and HP-UX v11 to allow balancing cryptographic requests between the PKCS#11 Adapter/CSP based applications and up to sixteen SureWare modules. Each SureWare Keyper is capable of managing a maximum of four parallel connections from a single or multiple hosts. Where single or multiple hosts requiring more than 4 parallel connections are connected to a single Keyper, the user has two options:
The Load Balancer shares a number of SureWare modules based upon the number of tasks that they are able to process, and the number of tasks that they are currently processing. When a call is received from the PKCS#11 Adapter/CSP the Load Balancer looks to see which SureWare module has the most tasks available and passes that call to that SureWare module. If more than one SureWare module has the same number of tasks available, the first of those SureWare modules found is selected. The Load Balancer consists of three programs/processes:
The HCP is the process that performs the actual load balancing. The HCMP monitors the HCP to ensure that it is running. The PMU is a command line utility to stop and start the HCP and HCMP and to send management commands to the HCP. As with other areas of the SureWare system, the configuration could be made easier by the provision of a simple graphical interface. Instead, all configuration is via manual editing of text files. This is not a particularly arduous process, however, and once the Load Balancer is started its operation is totally seamless. We noted the load spread evenly between multiple HSMs on our test network during the generation of large numbers of signing requests. We also noted that removing one HSM from the network caused the load to be transferred to the remaining devices. It is possible to specify retry parameters to determine if, and how often, the Load Balancer should retry operations on failed or missing devices. When we reconnected our HSM, signing requests were being allocated to it within seconds. Note that it is not possible to load balance key generation processes, only signing requests. If a key generation request is sent to a load balanced configuration, only the HSM that actually generates the key would have it available for subsequent signing operations using that key. An identical key store needs to exist on all HSM devices in a load balanced configuration. A future release of SureWare Load Balancer will have additional support for balancing key generation and key import calls. All security related operations, (i.e. primarily local key management operations) are audited with the time and date of occurrence together with an event number, and (sometimes) a relevant parameter. No actual security information is divulged by the audit log - only event data. When the internally held audit log is full, new events begin to overwrite the oldest events, though AEP Systems claims that under typical usage the audit log can contain several months of audit events. All events can be viewed in real time by attaching a terminal or terminal emulator via the serial port on the back of Keyper. All audit events contain the time and date the event occurred and SureWare Keyper serial number, and all numbers are displayed as hexadecimal values. Unfortunately, the event codes themselves are also expressed as hexadecimal numbers rather than text descriptions. Whilst this keeps the log files compact (which is what enables the Keyper to store so many before overwriting) and could arguably make the audit messages language independent, it also makes them impossible to read. A full list of audit events and their meanings are supplied in the SureWare Keyper User Guide. The Audit Extraction Utility is a Java-based command line utility that can be run on a remote workstation to extract log data from HSM devices over the network. The resulting file is a plain text version of the log entries stored on the Keyper, complete with hex codes representing the audit events. The data can be presented in a comma or tab delimited file which can be imported into any standard database system such as Microsoft Access. AEP Systems suggests that users should return logs to them for analysis. If this is unacceptable, the only alternative is to pore through the log entries line by line and decode them with the help of the User Guide. It would be nice if AEP Systems was to include an automated graphical utility for this function, capable of producing man-readable output without having to resort to looking up codes in manuals. The company is considering this for a future release. Whilst many smaller users of PKI and other crypto applications may well get by with software-based solutions, larger users of PKI - and certainly those providing a commercial PKI service to others - will find the use of a HSM to be essential. In many cases it may even be mandated by law. Whilst the performance and scalability enhancements of the cryptographic acceleration capabilities can be ignored in low-volume implementations, the security enhancements cannot. Any PKI lives and dies by the security of its Certification Authority Root Signing Key. If the Root Key is compromised in any way, then none of the certificates issued by the CA can be trusted. The SureWare Keyper offers secure private key storage and cryptographic acceleration functions in a single device. Installation and configuration is straightforward, although we would like to see a slightly more helpful user interface for the Keyper and the Load Balancer option, and a more user-friendly audit extraction and reporting utility. We would also like to see the Restart button disabled when the access key switch is locked - at the moment, only the front panel is disabled meaning the device could still be restarted (which would effectively disable the cryptographic functions) without the use of the key. Whilst the AEP SureWare Keyper may not have the most intuitive management interface in the world, it does what it does extremely well. Thanks to it�s LAN-based architecture it is extremely flexible when it comes to deployment and provides the means to share a single unit between multiple host applications, making it very cost-effective for smaller implementations. It also scales extremely well by adding multiple units to the network as required and then using the Load Balancer software to allocate requests between any number of them from two to sixteen. With a claimed performance of up to 150 1024-bit signatures per unit, the Keyper provides a cost effective means of scaling that up to 2400 per second with seamless fail over should one or more of the load-balanced units cease to function for any reason. With the assurance that the Keyper Professional has been evaluated to FIPS 140-1 Level 4 and ITSEC E3, the device provides the highest level of security for your private keys, and is worth considering for any PKI implementation. Company name:
AEP Systems Ltd. A complete list of regional offices can be obtained at www.aepsystems.com Click here to return to the PKI Index Section |
Security Testing |
Send mail to webmaster
with questions or
|