As a direct result of the recent security breaches impacting organizations that rely on Public Key Infrastructure (PKI) to encrypt and authenticate online communications and transactions, SafeNet, Inc., a worldwide leader in data protection, today issued several security guidelines to better secure PKI-based transactions.
For all the infrastructure advantages and business benefits of PKI, recent breaches clearly indicate that the way in which PKI is implemented may not be as inherently secure as most organizations have mistakenly assumed. What hasn’t been clearly understood is that the private key system used by PKI to encrypt and decrypt messages creates a single and significant point of vulnerability. A recent flurry of breaches involving certificate authorities have exposed this weakness, and have shaken the very foundation of trust that organizations have in PKI.
In order to help enterprises build greater integrity and reliability into their PKI deployments, eliminate unwanted exposure and close security gaps, SafeNet’s cryptographic experts advise the following actions:
1. Know your options for securing keys, weigh the risks, and choose wisely. All recent breaches have had a common theme –private keys and certificates were protected in software, and were left vulnerable. Software-based security has many benefits – it’s portable and offers great flexibility. Software can be copied easily and live in multiple locations at the same time, making the very benefits of software the areas of greatest security risk. A hardware-based security module (HSM) creates the trust anchor that locks the private keys and only allows access to vital information from an authorized source. Similarly, hardware based tokens and cards lock the certificates and avoid software based certificate risks.
2. Don’t assume that because you are working with a certificate authority your infrastructure is secure. If you rely on the certificate authority to authenticate, authorize, and secure application services, understand that the certificate itself is the vital piece within PKI. If the certificate private key is compromised, the entire PKI environment is compromised. Utilize layers of secure cryptography and select hardware-based options when securing your critical processing PKI end points.
3. Plan for the next generation of critical applications. Traditional PKI end points have historically included certificate authorities, registration authorities, SSL servers, and applications servers. These have now expanded to include mission-critical business processing applications, such as the smart grid, financial transactions, digital invoices, code signing, and secure device manufacturing. The nature of advanced PKI applications demands greater diligence, given the risk profile of the applications it enables. It is critical to establish a trust anchor for the protection and issuance of keys and certificates within these vital applications, ensuring that keys cannot be stolen, and the operations/transactions performed by those keys are auditable.
“PKI is many beneficial things, but standalone security isn’t one of them,” said Mark Yakabuski, vice president, product management for SafeNet. “It is important to realize the certificate identity itself is the vital piece within PKI – if the certificate identity is compromised, the PKI environment is compromised. The good news is that critical certificate identities can be secured with the proper hardware-based security mechanisms.”
Yakabuski is available for additional commentary. He can also provide examples of HSMs could have mitigated the damage done by recent security events, including APT attacks on certificate authorities, SSL certificate attacks, device code signing, and even the Stuxnet Worm.
About Hardware Security Modules
HSMs are defined as an anchor of trust, providing protection for applications, transactions, authorizations and information assets by safeguarding the cryptographic keys that are at the heart of any digital identity environment. An HSM can ensure the certificate private keys it protects are maintained in physical hardware, throughout the lifecycle of the private key.
With hardware-based protection, an HSM adds multiple layers of security and protects keys against the threats that software-based servers are susceptible to. For example, an HSM:
1. Encrypts the keys themselves;
2. Ensures that the keys remain within the secure hardware device throughout the key management lifecycle;
3. Ensures that only authorized applications and users can access and use the HSM-protected critical private keys; and
4. Ensures the logging and auditing of the certificate private keys.
HSMs only allow for the copying of keys from hardware to hardware. Keys exist solely in the restricted HSMs, and are under the control of defined custodians, allowing for tracking and auditing assurance of the certificate private keys they create.
About SafeNet, Inc.
Founded in 1983, SafeNet, Inc. (safenet-inc.com) is one of the largest information security companies in the world, and is trusted to protect the most sensitive data for market-leading organizations around the globe. SafeNet’s data-centric approach focuses on the protection of high value information throughout its lifecycle, from the data center to the cloud. More than 25,000 customers across commercial enterprises and government agencies trust SafeNet to protect and control access to sensitive data, manage risk, ensure compliance, and secure virtual and cloud environments.