summaryrefslogtreecommitdiffstats
path: root/design/hs_pki_architecture
blob: 1e928cbd059b86f49a1ce31f4131af4098899201 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
Hardware:
Root CA:
 ~raspi:
 + USB / integrated / SFF ICC reader
 + USB / external reader
  ~+ 5 additional USB for external ICC readers for bootstrap process to be more convinient
 + USB / storage for moving artifacts
 + Serial interface for I/O
 ~+ Dummy terminal (better) or USB keyboard + VGA

CA:
 ~raspi:
 + USB / integrated / SFF ICC reader
 + USB for KC
 + USB for audit log replication (or syslog dependency + offline backup)
 + network interface

KC:
 ~ USB reader for his workstation

Bootstraping Root CA (ca be Root CA, but other ICC readers through USB)
 * 2 ICC readers for Root_CA_ICC
 * 2 ICC readers for CA_ICC
 * 2 ICC readers for KC ICC 
 * 1 port for USB storage
Root CA
 * 1 Root CA ICC reader
 * 1 KC ICC
 * 1 for USB storage

Components:
 - Root CA ICC (javacard + nxp)
  * Root CA signing keypair
  * CA  keypair (for issuing KC certificates)

 - CA ICC (javacard + nxp)
  * CA signing keypair (for end-user/device certificate issuing)
  * CA server keypair (for communication between CA's)

 - CA tools/interfaces (go? python? java)

 - CA server (webservice API + gui + queue srvc)

 - KC ICC (javacard + NXP)
  * CA key share
  * KC Signing certificate (US CAC interface?)

 - KC tools (go? python? java)

 - Monitor ICC (javacard + NXP)

Roles:
 - CA:			Certificate Authority. 
			Issues end-user/device certificates (N>2)
			CA is online, connected to infrastructure.

 - Root CA:		Issue CA ceritifcates and KC certificates (at least N>2).
			Root CA is offline, airgapped device.

 - AIA:			Authority Information Access - CA certificates repo (ldap/https)

 - CRL:			Certificate Revocation List. List of certificates that CA issued
			but must be revoked (i.e. compromised) before end of it's
			lifetime.
 - CDP:			CRL distribution point.

 - Key Custodian:	PKI peptide control interface (N>2). 

 - Master of Ceremony: 	PKI meta-peptide control interface for CA ceremonies. 
   			Should not be Key Custodian during ceremony. N=1

 - Key Manager: 	Spin all this shit around.

 - Auditor: 		Looking at others hands.

I Bootstrap

A KC cards
?> First 2 KCs generate their keys and CSR's on KC ICC using KC tools.
   This can be done on their workstation, but doing it on Root CA will be more convinient.

># kc init
<# Set PIN
># ****
<# PIN set
<# DN:
># cn=<username>,ou=pki,ou=Services,dc=hackerspace,dc=pl
<# KC ICC done

<- KC1_ICC:KC1_sigPK	#Used for issuing commands to CA/RootCA
<- KC1_ICC:KC1_CAzmkPK	#Used to protect backups of CA private keys
<- KC1_sigPK.csr	#Export to RootCA to get KC certificate
<- KC1_zmkPK.csr	#Export for CA to encrypt it's private keys

<- KC2_ICC:KC2_sigPK	#Same as above for KC2
<- KC2_ICC:KC2_CAzmkPK
<- KC2_sigPK.csr
<- KC2_zmkPK.csr
   ...
<- KCN_ICC:KCN_sigPK	#Same as above for KCN
<- KCN_ICC:KCN_CAzmkPK
<- KCN_sigPK.csr
<- KCN_CAzmkPK.csr

B Root_CA_N1

-> Key manager initiates self-generation of asymmetric crypto keys on 1st CA ICC and
   sets two (or more) initial KC's:

># ca root init -kc KC1*.csr -kc KC2*.csr [-kc KCN*.csr]

<- Root_CA_N1_ICC:RootCA_sigPK:pub	#Will be used in CA cert but also for integrity
<- Root_CA_N1_ICC:RootCA_sigPK:priv	#Used for issuing CA and KC certificates
<- Root_CA_N1_ICC:RootCA_KC_zmkPK:pub	#Will be used by KC to send recovery share to CA
<- Root_CA_N1_ICC:RootCA_KC_zmkPK:priv	#Will be used by CA to decrypt share from KC


<- (Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)	#Option: generate AES key for protection
						# 	 of CA signing key
<- (Root_CA_N1_ICC:RootCA_sigPK:priv.encr.aes)	#Option: Encrypt signing key with AES
<- Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_1..N	# Split signing key (or it's
							# encryption key) into shares
							# for each KC

<- Root_CA_N1_sigPriv_SSSS_1_KC1_zmk.enc	#Encrypt CA private key share1 with KC1
						#encryption key

<x Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_1	#Remove share1
<- Root_CA_N1_sigPriv_SSSS_2_KC2_zmk.enc		#Share2 for KC2
<x Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_2	#Remove share2
   ...
<- Root_CA_N1_sigPriv_SSSS_N_KCN_zmk.enc		#ShareN for KCN
<x Root_CA_N1_ICC:RootCA_sigPK:priv(.aes_key)_SSSS_N	#Remove shareN

<- Root_CA_N1_sigPriv_SSSS_1_KC1_zmk.enc.RootCA_sigPK.sig #Integrity check enc -> sig
<- Root_CA_N1_sigPriv_SSSS_2_KC2_zmk.enc.RootCA_sigPK.sig #Integrity check enc -> sig
   ...
<- Root_CA_N1_sigPriv_SSSS_N_KCN_zmk.enc.RootCA_sigPK.sig #Integrity check enc -> sig

<- Root_CA_N1_sigPriv_SSSS_1_RootCA_sigPK.sig_KC1_zmk.enc #Integrity check sig -> enc
<- Root_CA_N1_sigPriv_SSSS_2_RootCA_sigPK.sig_KC1_zmk.enc #Integrity check sig -> enc
   ...
<- Root_CA_N1_sigPriv_SSSS_N_RootCA_sigPK.sig_KC1_zmk.enc #Integrity check sig -> enc

<- Root_CA_N1_ICC:RootCA_KC1_encPK	# CA encryption public key for KC to send
					# their encrypted shares
<- Root_CA_N1_KC1.kc.crt		# KC1 certificate issued with Root_CA
					# This will be used to issue commands to RootCA
<- Root_CA_N1_KC2.kc.crt		# Same as above for KC2 ...
   ...
<- Root_CA_N1_KCN.crt.kc		# ... and KCN
<- Root_CA_N1.crt			# Issue self-signed certificate
<- Root_CA_N1.csr			# Issue CSR for root cross-signing
<x Root_CA_N1_ICC:RootCA_sigPK:priv	# Destroy signing private key

===================================
Root_CA_N1_ICC:
	RootCA_sigPK:pub		# Retain it or not?
	RootCA_KC_zmkPK:priv		# Decrypt CA signing private key shares from KC
	

C CA_N2
-> Key manager initiates key generation on 2nd CA ICC

># ca root init -ca 

.B same as 1.A but on 2nd CA ICC and any further CA ICC


1. NXP Java card as keystore
2. Token concept?