reader & card that can sign files and accept external private key

classic Classic list List threaded Threaded
10 messages Options
Reply | Threaded
Open this post in threaded view
|

reader & card that can sign files and accept external private key

Dave Dykstra
Hi,

I have been communicating with Doug Engert about this, and he suggested
I ask the opensc-devel mailing list.

I have an application where I need a smartcard to sign files with
2048-bit RSA, if the correct PIN for the card is entered.  Colleagues
at CERN have been using OpenSC with the Gemalto IDBridge CT700
    http://www.gemalto.com/products/pc_link_readers/#PC_Pinpad
and the Feitian PKI card
    http://www.ftsafe.com/product/smartcard/pkicard
so I know those would work.  In our case, however, we already have
a private key that's now kept on a USB Memory stick and have the
corresponding public key widely distributed, so it would be a lot
more convenient for us if we could write the existing private key
onto smartcards rather than having the cards generate new keys.
Of course we want the key to not be able to be read out again, and
we'd destroy the USB Memory stick copy.

My question is, can anybody tell me if the above reader & card would
support accepting an external private key.  If not, can you tell me
another reader/and or smartcard that could?  

The commands that our colleagues use to initalized their cards were:
    pkcs15-init -E
    pkcs15-init -C -p pkcs15+onepin -l "Label"
    pkcs15-init --generate-key rsa/2048 --auth-id 01 --key-usage sign,decrypt -l CernVM Master Key" --public-key-label "Public Key"

I see that the pkcs15-init man page at
    http://linux.die.net/man/1/pkcs15-init
shows there's a command "--store-private-key" but I don't know if it's
supported on all cards.  I found this wiki page that mentions the option
of using the Feitian PKI cards with that command
    https://wiki.duckcorp.org/SmartCardKerberos
but Doug said it would still be a good idea to get confirmation from
people on opensc-devel, to find out what cards people have used in
situations similar to mine.

Thanks,

Dave Dykstra
Fermilab

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Ludolf Holzheid
On Tue, 2014-06-10 08:45:37 -0500, Dave Dykstra wrote:

>
> [..]
>
> I see that the pkcs15-init man page at
>     http://linux.die.net/man/1/pkcs15-init
> shows there's a command "--store-private-key" but I don't know if it's
> supported on all cards.  I found this wiki page that mentions the option
> of using the Feitian PKI cards with that command
>     https://wiki.duckcorp.org/SmartCardKerberos
> but Doug said it would still be a good idea to get confirmation from
> people on opensc-devel, to find out what cards people have used in
> situations similar to mine.

We do this¹ a lot with ACS CryptoMate and Feitian ePass3000 USB
tokens, but never used a Feitian PKI /card/.

I always thought storing an existing key was one of the base
functionality of PKI cards and tokens, so I was not aware of doing
something extraordinary ...

HTH,

Ludolf

¹ storing existing 2048-bit private keys on the PKI device

--

Bihl+Wiedemann GmbH
Floßwörthstraße 41
68199 Mannheim, Germany
 
Tel: +49 621 33996-0
Fax: +49 621 3392239
 
mailto:[hidden email]
http://www.bihl-wiedemann.de
 
Sitz der Gesellschaft: Mannheim
Geschäftsführer: Jochen Bihl, Bernhard Wiedemann
Amtsgericht Mannheim, HRB 5796

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Andreas Schwier (ML)
In reply to this post by Dave Dykstra
It's generally not a good idea to externally generate key pairs and have
them imported into the card, because if defeats the purpose of using a
hardware token anyway: Having a cryptographically strong random number
generator generating the keys and having a unique key value liked to a
physically device. You gain no real security benefit from using a
hardware device if the keys are still laying around in some password
protected PKCS#12 container. Even if you destroy the USB-Stick, how can
you be sure nobody took a copy in the meantime ?

It's cleaner to regenerate the keys on a device and use a proper key
backup scheme for valuable keys that can not be easily replaced (like
yours I guess).

But said that, people import private keys into smartcards and PKI token
all the time ;-)

Andreas

Am 10.06.2014 15:45, schrieb Dave Dykstra:

> Hi,
>
> I have been communicating with Doug Engert about this, and he suggested
> I ask the opensc-devel mailing list.
>
> I have an application where I need a smartcard to sign files with
> 2048-bit RSA, if the correct PIN for the card is entered.  Colleagues
> at CERN have been using OpenSC with the Gemalto IDBridge CT700
>     http://www.gemalto.com/products/pc_link_readers/#PC_Pinpad
> and the Feitian PKI card
>     http://www.ftsafe.com/product/smartcard/pkicard
> so I know those would work.  In our case, however, we already have
> a private key that's now kept on a USB Memory stick and have the
> corresponding public key widely distributed, so it would be a lot
> more convenient for us if we could write the existing private key
> onto smartcards rather than having the cards generate new keys.
> Of course we want the key to not be able to be read out again, and
> we'd destroy the USB Memory stick copy.
>
> My question is, can anybody tell me if the above reader & card would
> support accepting an external private key.  If not, can you tell me
> another reader/and or smartcard that could?  
>
> The commands that our colleagues use to initalized their cards were:
>     pkcs15-init -E
>     pkcs15-init -C -p pkcs15+onepin -l "Label"
>     pkcs15-init --generate-key rsa/2048 --auth-id 01 --key-usage sign,decrypt -l CernVM Master Key" --public-key-label "Public Key"
>
> I see that the pkcs15-init man page at
>     http://linux.die.net/man/1/pkcs15-init
> shows there's a command "--store-private-key" but I don't know if it's
> supported on all cards.  I found this wiki page that mentions the option
> of using the Feitian PKI cards with that command
>     https://wiki.duckcorp.org/SmartCardKerberos
> but Doug said it would still be a good idea to get confirmation from
> people on opensc-devel, to find out what cards people have used in
> situations similar to mine.
>
> Thanks,
>
> Dave Dykstra
> Fermilab
>
> ------------------------------------------------------------------------------
> HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
> Find What Matters Most in Your Big Data with HPCC Systems
> Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
> Leverages Graph Analysis for Fast Processing & Easy Data Exploration
> http://p.sf.net/sfu/hpccsystems
> _______________________________________________
> Opensc-devel mailing list
> [hidden email]
> https://lists.sourceforge.net/lists/listinfo/opensc-devel
>


--

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Schülerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org
                 http://www.smartcard-hsm.com
                 http://www.coolpacs.org

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Nikos Mavrogiannopoulos-2
On Tue, Jun 10, 2014 at 5:50 PM, Andreas Schwier (ML)
<[hidden email]> wrote:
> It's generally not a good idea to externally generate key pairs and have
> them imported into the card, because if defeats the purpose of using a
> hardware token anyway: Having a cryptographically strong random number
> generator generating the keys and having a unique key value liked to a
> physically device. You gain no real security benefit from using a
> hardware device if the keys are still laying around in some password
> protected PKCS#12 container. Even if you destroy the USB-Stick, how can
> you be sure nobody took a copy in the meantime ?

There two tradeoffs, trust on the smart card random generator, vs
trust on your PC being inaccessible, and isolation of the key vs
redundancy.

For the first there can be many arguments exchanged and the outcome
will always be "it depends on ...". My experience with redundancy is
that in most of the cases you need it. Being locked out of a system
just because the smart card you had your key became broken is a very
common failure. Since it doesn't happen often the process to recover
is most of the times inefficient and slow. There quite few people with
useless openpgp keys that cannot even revoke, just because they
generated them in the card. Yes, for some specialized applications
generating the keys in the cards is recommended, but not as a general
rule. Keeping an encrypted backup or a backup in few other cards
should be the norm.

regards,
Nikos

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Andreas Schwier (ML)
Still remember the Debian crypto bug, generating predictable keys ?

IMHO it's better to use a device that allows a backup / restore
mechanism with encrypted key blob and a n-of-m scheme to control it.
That embedded in a solid key management procedure and you're on the safe
side.

Andreas

Am 10.06.2014 18:15, schrieb Nikos Mavrogiannopoulos:

> On Tue, Jun 10, 2014 at 5:50 PM, Andreas Schwier (ML)
> <[hidden email]> wrote:
>> It's generally not a good idea to externally generate key pairs and have
>> them imported into the card, because if defeats the purpose of using a
>> hardware token anyway: Having a cryptographically strong random number
>> generator generating the keys and having a unique key value liked to a
>> physically device. You gain no real security benefit from using a
>> hardware device if the keys are still laying around in some password
>> protected PKCS#12 container. Even if you destroy the USB-Stick, how can
>> you be sure nobody took a copy in the meantime ?
>
> There two tradeoffs, trust on the smart card random generator, vs
> trust on your PC being inaccessible, and isolation of the key vs
> redundancy.
>
> For the first there can be many arguments exchanged and the outcome
> will always be "it depends on ...". My experience with redundancy is
> that in most of the cases you need it. Being locked out of a system
> just because the smart card you had your key became broken is a very
> common failure. Since it doesn't happen often the process to recover
> is most of the times inefficient and slow. There quite few people with
> useless openpgp keys that cannot even revoke, just because they
> generated them in the card. Yes, for some specialized applications
> generating the keys in the cards is recommended, but not as a general
> rule. Keeping an encrypted backup or a backup in few other cards
> should be the norm.
>
> regards,
> Nikos
>


--

    ---------    CardContact Software & System Consulting
   |.##> <##.|   Andreas Schwier
   |#       #|   Schülerweg 38
   |#       #|   32429 Minden, Germany
   |'##> <##'|   Phone +49 571 56149
    ---------    http://www.cardcontact.de
                 http://www.tscons.de
                 http://www.openscdp.org
                 http://www.smartcard-hsm.com
                 http://www.coolpacs.org

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Nikos Mavrogiannopoulos
On Tue, 2014-06-10 at 18:42 +0200, Andreas Schwier (ML) wrote:
> Still remember the Debian crypto bug, generating predictable keys ?

Well that can only be a disadvantage for the smart cards. If a similar
bug exists there it will never be found as the code is rarely available
and it is even more hard to upgrade the software there.

> IMHO it's better to use a device that allows a backup / restore
> mechanism with encrypted key blob and a n-of-m scheme to control it.
> That embedded in a solid key management procedure and you're on the
safe
> side.

That does not address the use-case I mention (e.g., how could you deploy
that thing for openpgp smart cards?), and it requires key management and
specialized smart cards, which defeats the purpose of being the norm.

regards,
Nikos



------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Andreas Schwier (ML)
On 06/10/2014 07:26 PM, Nikos Mavrogiannopoulos wrote:
> On Tue, 2014-06-10 at 18:42 +0200, Andreas Schwier (ML) wrote:
>> Still remember the Debian crypto bug, generating predictable keys ?
>
> Well that can only be a disadvantage for the smart cards. If a similar
> bug exists there it will never be found as the code is rarely available
> and it is even more hard to upgrade the software there.
At least smart cards certified under the Common Criteria scheme undergo
a full analysis on the quality of the random number generator. No source
required to do the statistical analysis.

>
>> IMHO it's better to use a device that allows a backup / restore
>> mechanism with encrypted key blob and a n-of-m scheme to control it.
>> That embedded in a solid key management procedure and you're on the
> safe
>> side.
>
> That does not address the use-case I mention (e.g., how could you deploy
> that thing for openpgp smart cards?), and it requires key management and
> specialized smart cards, which defeats the purpose of being the norm.
I never claimed that OpenPGP cards supports key backup / restore, they
probably never thought about that. But they also do other strange things
with the card and refuse to support standard interfaces like PKCS#11.
>
> regards,
> Nikos
>
>


------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

NdK-3
Il 10/06/2014 20:47, Andreas Schwier ha scritto:

> I never claimed that OpenPGP cards supports key backup / restore, they
> probably never thought about that.
They thought about that, but if you need a backup the key is generated
externally. It's one of the points I was trying to address in MyPGPId...

BYtE,
 Diego.

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Jaroslav Imrich
In reply to this post by Andreas Schwier (ML)
On Tue, Jun 10, 2014 at 6:42 PM, Andreas Schwier (ML) <[hidden email]> wrote:
Still remember the Debian crypto bug, generating predictable keys ?

Still remember the FIPS and BSI CC certified cards [1] generating predictable keys ?


Regards, Jaroslav

------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel
Reply | Threaded
Open this post in threaded view
|

Re: reader & card that can sign files and accept external private key

Andreas Schwier (ML)
On 06/10/2014 09:23 PM, Jaroslav Imrich wrote:
> On Tue, Jun 10, 2014 at 6:42 PM, Andreas Schwier (ML) <
> [hidden email]> wrote:
>
>> Still remember the Debian crypto bug, generating predictable keys ?
>>
>
> Still remember the FIPS and BSI CC certified cards [1] generating
> predictable keys ?
Sure, but the CC evaluation for this happened 12 years ago and the
quality metrics improved considerable since then. At that time even RSA
768 was considered secure enough and CAs were using MD5 all the time.
>
> [1] http://smartfacts.cr.yp.to/
>
> Regards, Jaroslav
>


------------------------------------------------------------------------------
HPCC Systems Open Source Big Data Platform from LexisNexis Risk Solutions
Find What Matters Most in Your Big Data with HPCC Systems
Open Source. Fast. Scalable. Simple. Ideal for Dirty Data.
Leverages Graph Analysis for Fast Processing & Easy Data Exploration
http://p.sf.net/sfu/hpccsystems
_______________________________________________
Opensc-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/opensc-devel