Windows Server 2003 Security Infrastructures: Core Security Features (HP Technologies)

In the following sections we look in detail at the core components of Windows Server 2003 and XP PKI: the certificate server, Active Directory, the CryptoAPI, certificates, and the Data Protection API.

13.4.1 Certificate Server

In this section we focus on the architecture of Microsoft’s Certificate Server; in Chapter 16 we return to the specific configuration options of Certificate Server.

The Windows Server 2003 certificate server provides the following core services: It receives and processes certificate requests, it identifies and validates certificate requests, it issues certificates according to the security policy, it renews and revokes certificates, it publishes certificates, it creates and publishes CRLs, and it logs all certificate and CRL transactions into a log database. A brand-new function of the Windows Server 2003 CA is that it can also take care of secure private key archival.

Certificate Server architecture

The architecture of the Microsoft Certificate Server is illustrated in Figure13.2. It is largely identical to the one that was used in the previous editions of the Certificate Server. An architectural feature not available in previous versions is that the CA database layout has been modified to let the CA cope with private key archival and recovery.

Figure 13.2: Certificate Server architecture.

At the heart of the Windows Certificate Server sits an engine (certsrv.exe) that generates certificates and CRLs and directs the message flow between the other components. The engine communicates with three important modules: the entry, policy, and exit module.

The exit and policy modules are both customizable and replaceable. If the policy module or the exit module does not correspond to the needs of an organization, it can develop modules in C++ or Visual Basic (VB) and plug them into the CA architecture. All this is documented in the Windows Server 2003 platform SDK.

The policy and exit modules can be configured using the Certification Authority MMC snap-in or using the certutil command-line utility. Using the properties of the CA-object in the Certification Authority MMC snap- in, you can do things like add another exit module, configure X.509 certificate extensions [CRL and delta CRL distribution (CDP) and Authority Information Access (AIA) points], and configure CRL and delta CRL publication parameters. I will return to the configuration capabilities of the certutil utility later in this book.

The Certificate Server obviously has its proper database and administration interfaces. It also interacts with entities known as intermediaries to communicate with PKI clients and the CryptoAPI to access the CA private key storage provider.

CA installation modes

When you install a Windows Server 2003 Certificate Server, you have the following installation options: You can install it as a root or a subordinate CA, or you can install it as an enterprise (AD integrated) or stand-alone CA (non-AD integrated). Installing the Certificate Server in Enterprise mode provides full integration with Active Directory. It activates the Enterprise mode of the Windows Server 2003 CA policy module. Let’s look now at what this really means and how this is different from a CA installed in stand-alone mode.

Comparing the two CA installation modes

Installation requirements To install a CA in enterprise mode, two requirements must be met:

  1. The account installing the CA should be an Enterprise administrator and a domain administrator of the root domain of the AD forest.

  2. The server on which the Enterprise CA is installed should be a member of a domain with a functioning AD.

If one of these two conditions is not met, the enterprise mode installation options will be grayed out during the CA installation, and you will only be able to install the CA in stand-alone mode.

To install a stand-alone CA, no AD is required; you can install it on a stand-alone server, member server, or domain controller. Also, there is no need for the account performing the installation to be an enterprise or domain administrator—local machine administrator permissions are sufficient. If you do install a stand-alone CA using enterprise administrator privileges, the CA will offer some additional features. For example, if an enterprise administrator installs it on a member server that is joined to the domain, the stand-alone CA will publish the certificates it issues to the AD.

Use of certificate templates An enterprise Certificate Server uses the certificate templates that are stored in the AD configuration naming context. Certificate templates define the content and characteristics of a certificate. Windows Server 2003 PKI supports version 2 certificate templates. Contrary to version 1 templates, version 2 templates are fully customizable. Certificate templates also provide a way to control which certificate types an enterprise CA can issue and which users can request which certificate type to an enterprise CA. Certificate templates are explained in detail in Section13.4.4, “Certificates.”

A stand-alone CA cannot use AD certificate templates. As a consequence, you cannot set which user can get which certificate type(s) from it. By default, a stand-alone CA can only issue Web authentication (SSL, TLS), e-mail protection (S/MIME), server authentication, code signing, time-stamp signing, and IPsec certificates. You can, however, modify the stand-alone CA’s Web interface (to list other certificate types) or simply request other certificate types using special OID values that are stored in a certificate’s Extended Key Usage (EKU) X.509 extension.

Information retrieval for certificate requests An enterprise CA retrieves user information from the AD during certificate enrollment. This information is used to populate certain certificate fields. For example, a certificate issued by an enterprise CA contains a reference to a user’s user principal name (UPN) in the certificate’s SubjectAltName X.509 field.

Because a stand-alone CA has no access to AD, user identification information that is required for the certificate must be filled in manually by the user on the CA’s enrollment Web site.

For both enterprise and stand-alone CAs, you can change the default values that are added to a certificate request at enrollment time. You can do so by editing the certdat.inc file that is located in the %SystemRoot%\ system32\certsrv directory. You can change the default values for the following certificate entries: sDefaultCompany, sDefaultOrgUnit, sDefault- Locality, sDefaultState, and sDefaultCountry.

Automated certificate enrollment support An enterprise certificate server supports automated certificate enrollment, or in short certificate autoenrollment. In Windows Server 2003, the latter feature has been extended to cover both users and machines. Automated certificate enrollment is explained in greater detail in Chapter 15.

A user who wants a certificate from a stand-alone CA has to start the enrollment process himself or herself. No automation is provided.

Certificate request approval An enterprise Certificate Server can support automatic or manual certificate request approval. Request-handling properties can be set in the properties of an enterprise CA (use the properties of the policy module) or in the properties of a version 2 certificate template (use the Issuance Requirements tab). In the first case it will apply to all certificates the CA issues, but in the second case only to one particular certificate type (as defined in the template).

The same options are available for a Windows Server 2003 stand-alone CA. The only difference is that a stand-alone CA cannot use certificate templates, and as a consequence request-handling properties cannot be set for individual certificate templates.

Certificate and CRL publication An Enterprise CA uses the Active Directory to store and publish certificates, CRLs, and delta CRLs. Each certificate published in the AD is automatically mapped to the Windows account of its requestor. The certificate is added to the multivalued usercertificate attribute of the user object. Not every certificate generated by an enterprise CA is automatically published in the AD. Examples of certificates that are not automatically published are an enrollment agent or a CTL signing certificate.

A stand-alone CA can publish the issued certificates to AD, but not automatically as a part of the certificate enrollment process. You can obviously publish the certificates manually to the AD.

Centralized key archival An enterprise CA supports centralized key archival in the CA database, a standalone CA doesn’t.

Conclusion

Enterprise mode typically targets enterprise certificate users that have an AD user account and that authenticated to your AD infrastructure using the Kerberos protocol. Stand-alone mode, on the other hand, is clearly targeting external users (like extranet users) that do not have an internal Windows account.

Table 13.1 compares the default characteristics of a Windows Server 2003 stand-alone and enterprise CA.

Table 13.1: Windows Server 2003 Stand-Alone Versus Enterprise CA

Windows Server 2003 Stand-Alone CA

Windows Server 2003 Enterprise CA

Non-AD integrated.

AD integrated.

Extranet and Internet certificate user oriented.

Intranet certificate user oriented.

Can issue a limited set of certificate types and certificates requiring a custom OID in their EKU extension; does not support certificate templates.

Can issue all Windows Server 2003 certificates defined in the Windows Server 2003 certificate templates MMC snap-in. Supports version 1 (Windows 2000 PKI) and version 2 (Windows Server 2003 PKI) certificate

User enrollment interface is Web-based. You can also use the certreq.exe command-line utility.

User enrollment can be done using a Web interface or using the MMC Certificates snap-in. Enrollment can also happen automatically using the certificate autoenrollment feature. You can also use the certreq.exe command-line utility.

Communication with the CA front-end is occurring across HTTP or HTTPs.

Communication with the CA front-end can use RPC/ DCOM or HTTP/HTTPs.

User has to enter identification information manually at certificate request time.

User identification information is automatically retrieved from Active Directory.

Certificate enrollment approval happens automatic or manual. The CA has a single setting that controls this behavior for all certificate types.

Certificate enrollment approval happens automatic or manual. This behavior can be controlled globally on the CA level or per certificate type using a certificate template setting. Also, the certificate approval process can use the AD authentication and access control model through the ACLs that are set on certificate templates.

The certificate is downloaded to the user profile when it is manually retrieved from the CA Web site. By default, the CA does not publish certificates to AD.

Depending on the certificate template, the certificate is automatically downloaded to the user profile and/or published to AD.

CRL and CA certificate can be published manually to AD.

CRLs, Delta CRLs, CA, and cross-certification certificates are automatically published to AD.

Does not automatically support AD based certificate lookup and retrieval.

Supports AD-based certificate lookup and retrieval.

Can be installed on Windows Server 2003 Domain Controller, Member server, or stand-alone server (not a member of any domain).

Can be installed on Windows Server 2003 Domain Controller or Member server. No support for centralized key archival in the CA database. Supports centralized key archival in the CA

Registration authorities

In large PKI setups, PKI users use a Registration Authority as the primary point of contact for a CA. An RA typically deals with PKI user identification and enrollment. Like its predecessors, Windows Server 2003 PKI does not include a true Registration Authority function.

Windows Server 2003 supports some limited RA functionalities through special “Enrollment agent” certificates (OID 1.3.6.1.4.1.311.20.2.1—Certif- icate Request Agent). Enrollment agent certificates can be used for:

Advanced RA support for Windows Server 2003 PKI is available from third-party software vendors. Some examples are mentioned in Table 13.2, which does not provide an exhaustive list of RA software—also, it is not the goal of this book to provide a feature comparison between the different RA software products.

The reason why Microsoft did not include an RA function with the Windows Server 2003 OS probably has to do with the high level of customization that is required to fit an RA to an organization’s needs. One organization may require that the RA is linked to its ERM system, another one may require smart card enrollment and life-cycle management integration, and yet another one may require integration with its building access control mechanism. Some regions also have special legal requirements for an RA function: The European Union, for example, imposes very strict rules for the implementation of an RA that is dealing with qualified certificates and certificates that are used for advanced digital signatures.

13.4.2 Active directory

A PKI uses a directory to store certificate revocation lists (CRLs), delta CRLs, user, CA, and cross-certification certificates. When setting up a Windows Server 2003 PKI, the Active Directory is an obvious directory choice. AD is the only possible directory option if you want to take advantage of some typical Window.NET AD-based PKI features (like the use of

Table 13.2: RA Software for Windows Server 2003 PKI

Company Name (Web Site)

Product Name

Key Features

Alacris (http://www.alacris.ocm)

idNexus

  • Web-based RA administration interface

  • Smart card enrollment support

  • Advanced reporting capabilities

Spyrus (http://www.spyrus.com)

SignalRA

  • MMC-based RA administration interface

  • HSM support

  • Smart card and security token enrollment and management support

  • Advanced reporting capabilities

  • Dedicated audit log (SQL Server Database)

Windows Server 2003 PKI in general is very tightly integrated with AD. A nice example of this integration is the use group policy objects to distribute trusted CA information to Windows 2000 or Windows XP Professional workstations. As explained in the previous sections, this integration is very tight when deploying Windows Server 2003 enterprise Certificate Servers. In that case Windows Server 2003 PKI also uses AD to store CA- and PKI- related configuration information.

PKI-related AD entries

Table 13.3 shows the Windows Server 2003 PKI-specific information that is added to the Active Directory and where it is created. Compared to Windows 2000 PKI, AD contains two brand-new PKI-related containers: the KRA and OID containers. Also, Windows Server 2003 PKI comes out of box with more predefined certificate templates: 29 instead of 24 in Windows 2000 PKI. Table 13.4 shows when this information is added to the Active Directory.

Table 13.3: Windows Server 2003 PKI Information Stored in AD

Object Distinguished Name (DN)

Object Class

PKI-Related Attributes

CN=< CA Name>, CN=AIA,

CN=Public Key Services,

CN=Services

CertificationAuthority

AuthorirityRevocationList

CaCertificate

CaCertificateDN

CaConnect

CertificateRevocationList

CrossCertificatePair

DeltaRevocationList

CN=< CA Name>,CN=< Servername>,

CN=CDP, CN=Public Key Services,

CN=Services

CRLDistributionPoint

AuthorityRevocationList

CertificateAuthorityObject

CertificateRevocationList

DeltaRevocationList

CN=< Certificate Template Name>,

CN=Certificate Templates,

CN=Public Key Services, CN=Services)

PKICertificateTemplate

MsPKI-Certificate-Application-Policy

MsPKI-Certificate-Name-Flag

MsPKI-Certificate-Policy

MsPKI-Cert-Template-OID

MsPKI-Enrollment-Flag

MsPKI-Minimal-Key-Size

MsPKI-Private-Key-Flag

MsPKI-RA-Policies

MsPKI-RA-Signature

MsPKI-Supersede-Templates

MsPKI-Template-MinorRevision

MsPKI-Template-Schema-Version

Pkicriticalextensions

Pkidefaultcsps

Pkidefaultkeyspec

Pkienrollmentaccess

Pkiexpireationperiod

Pkiextendedkeyusage

Pkikeyusage

Pkimaxissuingdepth

Pkioverlapperiod

CN=< CA Name>,

CN=Certification Authorities,

CN=Public Key Services, CN=Services

CertificationAuthority

AuthorityRevocationList

Cacertificate

CacertificateDN

CaConnect

Certificaterevocationlist

CrossCertificatePair

DeltaRevocationList

CN=< CA Name>, CN=Enrollment Services,

CN=Public Key Services, CN=Services

PKIEnrollmentService

Cacertificate

CacertificateDN

Certificate Templates

CN=< CA Name>, CN=KRA,

CN=Public Key Services, CN=Services

msPKI-PrivateKey

RecoveryAgent

Usercertificate

CN=NTAuthCertificates,

CN=Public Key Services, CN=Services

CertificationAuthority

AuthorityRevocationList

CaCertificate

CacertificateDN

CaConnectCertificaterevocationlist

CrossCertificatePair

DeltaRevocationList

CN=< OID Name>, CN=OID,

CN=Public Key Services, CN=Services

msPKI-Enterprise-OID

MsPKI-OID-Attribute

MsPKI-OID-CPS

MsPKI-OIDLocalizedName

MsPKI-OID-User-Notice

Domain and Global Catalog

User Object

User

UserCert (single-valued attribute)

UserCertificate (multivalued attribute)

UserSMIMECertificate (multivalued

attribute)

Table 13.4: Creation of PKI-Related Information in AD

Action

Add Stand-Alone Root CA

Add Enterprise Root CA

Add Stand-Alone SubCA

Add Enterprise SubCA

Install First Enterprise CA in Forest

CA Object in AIA Container

Yes

Yes

Yes

Yes

Yes

CDP Object in CDP Container

Yes

Yes

Yes

Yes

Yes

Certificate Template Object in Certificate Templates Container

No

No

No

No

Yes

CA Object in Certification Authorities Container

Yes

Yes

No

No

Yes

Enrollment Service Object in Enrollment Services Container

Yes

Yes

Yes

Yes

Yes

KRA Object in KRA Container

Yes

Yes

Yes

Yes

Yes

CA certificate added to CACertificate Attribute of NTAuthCertificates Object

No

Yes

No

Yes

Yes

OID Object in OID Container

No

No

No

No

Yes

The official PKIX LDAP and directory schema extensions can be found in the IETF’s RFC 2587 and 2256 and the Internet draft titled “InternetX.509 Public Key Infrastructure LDAP Schema and Syntaxes for PKIs.” RFC 2587 describes some of the PKI subschema applicable to LDAPv2 servers. RFC 2256 describes some of the PKI-related subschema elements for LDAPv3 servers. The Internet draft supercedes both RFC2587 and RFC 2256 and provides the complete PKI subschema for LDAP v3 servers.

The AIA container contains a CA object for every CA (root or subordi- nate, enterprise or stand-alone CAs) that is located on a server that is a member of the Windows Server 2003 forest. Every CA object has a CaCertificate attribute holding the CA certificate and the CA certificate history. The Authority Information Access (AIA) certificate is used during certificate validation to locate CA certificates. Every certificate issued by a Windows Server 2003 enterprise CA contains an LDAP pointer to the CA object in the AD AIA container.

The CDP container is the Active Directory CRL and delta CRL Distribution Point (CDP) that allows PKI users to download the latest CRLs and delta CRLs from AD. The CDP container contains one subcontainer for every Windows Server 2003 server in the forest that has a CA installed. Every server container holds a CDP object that is named after the CA running on that server. The CDP object holds CRLs in its CertificateRevocationList attribute and delta CRLs in its DeltaRevocationList attribute. The CDP object is created independent of whether the CA is a root or a subordinate, an enterprise or a stand-alone CA. Every certificate issued by a Windows Server 2003 enterprise CA contains an LDAP CDP pointer to an AD CDP object.

The Certificate Templates container contains all certificate template definitions—both for version 1 and version 2 certificate templates. They are added to the AD’s configuration naming context when the first enterprise CA is installed in the Windows Server 2003 forest. The ACL that is set on the template objects allows or disallows a user or group to enroll and/or autoenroll for a particular certificate type. Note that because a template’s definition and ACL settings are part of the configuration naming context, they can be defined only once, for an entire forest.

The Certification Authorities container holds a CA object for every root enterprise or stand-alone CA in the Windows Server 2003 forest. Every CA object holds the CA certificate and certificate history in its CaCertificate attribute. The Certification Authorities container holds all CAs that are considered trust anchors for all the users in a Windows Server 2003 forest. The concept of trust anchors is explained in more detail in Chapter 14.

The Enrollment Services container contains a PKIEnrollmentService object for every CA (root or subordinate, enterprise or stand-alone CAs) in the Windows Server 2003 forest. The object is named after the CA to which it is linked. Every object’s “certificate templates” attribute lists the certificate templates that a particular CA supports and for which PKI users can enroll at that CA. For a stand-alone CA this attribute is empty. The Enrollment Services container can be used by Windows PKI-enabled applications to locate a machine that is hosting a CA in a Windows Server 2003 forest. The permissions that are set on a CA’s PKIEnrollmentService object are critical in order for users or machines to be able to locate a CA. If a user or machine does not have read permission on this object, it will not be able to find the CA.

The KRA container contains an msPKI-PrivateKeyRecoveryAgent object for every CA (root or subordinate, enterprise or stand-alone CAs) in the Windows Server 2003 forest. The object is named after the CA to which it is linked. Every object holds the certificates of the key recovery agents that are defined on a particular CA in its usercertificate attribute.

The NTAuthCertificates Object is used to determine which enterprise CAs in a Windows Server 2003 forest are authorized to issue smart card logon and other logon certificates. The authorized CAs’ certificates are stored in the NTAuthCertificates object’s CaCertificate attribute.

The OID container contains all PKI-related object identifiers (OIDs) and their characteristics that are defined in a Windows Server 2003 forest. They are added to the AD’s configuration naming context when the first enterprise CA is installed in the Windows Server 2003 forest.

If a CA is removed from your Windows 2000 or Windows Server 2003 forest, the CA object in the Enrollment Services container will be removed. All of the other AD entries remain. This will make it impossible for PKI clients to request new certificates from the CA, while still giving them the ability to retrieve the CA’s certificate, CRLs, and delta CRLs. If you want to remove all AD entries related to a particular CA from the AD, use the following certutil command-line command:

certutil –delds <CAName>

User certificates that an enterprise CA automatically publishes to AD are stored in a user object’s multivalued “UserCertificate” (as specified in the PKIX LDAP schema extensions). User certificates stored in the AD affect the size of the AD database. The average size of one certificate is about 1,200 bytes.

Querying AD for PKI-related information

To look at the PKI and CA related entries in the AD configuration naming context of your Windows Server 2003 forest, you can use several tools:

Kit): This tool can retrieve the content of the AIA, CDP, KRA, Certification Authorities, Enrollment Services, and NTAuthCertificates AD containers (as illustrated in Figure 13.4).

Figure 13.4: PKIView tool.

To query AD for user certificates, you can use the Search\For People… function available from the Windows Server 2003 or Windows XP start menu. The last tab of the user object properties is named Digital IDs and contains all the user certificates that are published in AD. The same inter- face can be used to export certificates to a file; afterward you can import the certificate-file into your personal certificate store.

13.4.3 CryptoAPI and cryptographic service providers

The CryptoAPI is an Application Programming Interface (API) that comes bundled with the Windows Server 2003 and XP operating systems. It enables programmers to add cryptography-based security services, such as authentication, confidentiality, and integrity protection, relatively easily to their applications. It also enables them to interact with certificates, private keys, and their secure storage providers. What is most important is that CryptoAPI hides the implementation details of the complex cryptographic algorithms to the programmer.

Late 2003 Microsoft released the CAPImon tool. This tool can be used to capture and display the calls PKI-enabled applications make to the CryptoAPI. The tool can be very useful for PKI troubleshooting (for example, to troubleshoot certificate chain validation or revocation checking). You can download the tool for free from the Microsoft Downloads website at http:// www.microsoft.com/downloads.

CryptoAPI architecture

The CryptoAPI architecture (which is illustrated in Figure 13.5) consists of a programmatic interface, a set of software modules, and a set of pluggable Cryptographic Service Providers (CSPs). The CryptoAPI and its interfaces are fully documented in the Windows Server 2003 platform SDK.

Figure 13.5: CryptoAPI architecture.

The software modules can be categorized in software modules providing certificate-related functions and others providing message-related functions:

The CryptoAPI functions can also be called through CAPICOM. CAPICOM is a COM client that can perform cryptographic functions using ActiveX and COM objects. CAPICOM can be used from applications created in Visual Basic, Visual Basic Scripting Edition, or C++. CAPICOM version 2.0 includes support for the generation and verification of digital signatures, encryption and decryption of data, certificate store searching, hashing, and the AES algorithm. CAPICOM is not available from a default Windows Server 2003 installation. CAPICOM version 2.0.0.3 (cc2rinst.exe) can be downloaded from the Windows Platform SDK Redistributables Web site at http://www.microsoft.com/ downloads/details.aspx?displaylang=en&familyid=860ee43a-a843-462fabb5-ff88ea5896f6.

Cryptographic Service Providers (CSPs) are software libraries that contain implementations of cryptographic algorithms and ciphers. The use of libraries creates a pluggable architecture: Third-party vendors can plug their proper CSP in the OS and provide security services to applications.

CSPs can be implemented in both hardware and software. A hardware- based CSP implementation provides better security than a software-based implementation. This is because hardware security devices such as smart cards, security tokens, and hardware security modules (HSMs) typically offer better protection against tampering.

To embed a CSP into Windows Server 2003 or XP, it must be cryptographically signed by Microsoft. How to do this is described in the CSP Development Kit available from Microsoft.

A CSP does more than just providing the implementation of a cryptographic cipher. CryptoAPI also deals with sensitive key (session keys and private keys) storage. It stores them into key databases that are embedded in the CSPs. The CSP key database contains a key container for each user, named after the user’s logon name. The key containers can be stored in the registry, on the file system, or on a smart card. The key containers can never be accessed directly: They can only be accessed through the CryptoAPI and by using the appropriate CryptoAPI functions.

CSPs located on different machines cannot directly communicate. It happens though that keys need to be exchanged between different CSPs. CryptoAPI allows sensitive keys to be exported from a CSP’s key container and transported in a secure way to another CSP. You can, for example, export and import certificates and private keys between different CSP key containers using a PKCS12-formatted file. When exporting a private key to a PKCS12 file, CryptoAPI forces you to protect it using a password. This password functions as a symmetric key and provides confidentiality protection for the exported private key.

Cryptographic service providers

Table 13.4 gives an overview of the CSPs that come preinstalled with Windows Server 2003 and Windows XP. To get an overview of all CSPs available on your machine, query the following registry folder: HKEY_LOCAL_ MACHINE\Software\Microsoft\Cryptography\Defaults\Provider.

Windows Server 2003 and Windows XP come preinstalled with the enhanced CSPs. The Enhanced CSPs include support for 56-bit DES, 3 DES (112-bit 2key and 168-bit 3key), 16,384-bit RSA, 128-bit RC2, and RC4. The Base CSPs only support 512-bit RSA, 40-bit RC2, and RC4. In Windows 2000, users had to install the High Encryption Pack to get access to these CSPs. These enhanced CSPs are only available to users living in countries to which the export of strong crypto from the United States is permitted and to organizations that are on the exception list of the U.S. crypto export regulations. If you still have Windows 2000 clients, the High Encryption Pack for Windows 2000 can be downloaded from http://windowsupdate.microsoft.com. In Windows Server 2003 and XP, Microsoft also added a new CSP implementing the AES algorithm, the new U.S. standard for symmetric encryption.

Table 13.5 shows that Windows Server 2003 and XP contain both hardware and software implementations of CSPs. So far, Windows Server 2003 and XP include by default three smart card vendors’ CSPs: Infineon, Gem- plus, and Schlumberger.

Table 13.5: Windows Server 2003 and XP Cryptographic Service Providers (CSPs)

CSP Name

Description

MS Base Cryptographic Provider v1.0

Base CSP

MS Base DSS Cryptographic Provider\

Superset of the CSP in the previous row, including support for DSA and SHA

MS Base DSS and Diffie-Hellman Cryptographic Provider

Superset of the CSP in the previous row, including support for the Diffie-Hellman key agreement protocol

MS Diffie-Hellman SChannel Cryptographic Provider

MS RSA SChannel Cryptographic Provider

SChannel CSP: used for secure Web communications using SSL/TLS

MS Enhanced Cryptographic Provider v1.0

Enhanced version of base provider: supports longer key lengths. FIPS 140-1 Level 1 compliant.

MS Enhanced DSS and Diffie-Hellman Cryptographic Provider

Enhanced version of base provider: supports longer key lengths. FIPS 140-1 Level 1 compliant.

MS Enhanced RSA and AES Cryptographic Provider

Enhanced version of base provider: supports longer key lengths and the AES algorithm for symmetric encryption. FIPS 140-1 Level 1 compliant.

MS Exchange Cryptographic Provider v1.0

Exchange-specific CSP

MS Strong Cryptographic Provider

Microsoft Strong Cryptographic Provider

Infineon SiCrypt Base Smart Card CSP

Infineon hardware CSP for smart card support

Gemplus GemSAFE Card CSP v1.0

Gemplus hardware CSP for smart card support

Schlumberger Cryptographic Service Provider

Schlumberger hardware CSP for smart card support

Microsoft received a FIPS 140-1 Level 1 security certification for the following CSPs:[2] the MS Enhanced Cryptographic Provider, the MS Enhanced DSS and Diffie-Hellman Cryptographic Provider, and the MS Enhanced RSA and AES Cryptographic Provider. If your IT environment requires a higher level of FIPS 140-1 compliance, have a look at the hardware-based private key storage solutions discussed at the end of this chapter.

13.4.4 Certificates

In this section we focus on the characteristics of the certificates that are generated by Windows Server 2003 Certification Authorities. Critical to understanding the Windows Server 2003 and XP certificate layout are certificate templates. We also look in detail at how certificates are stored on the Windows Server 2003 and XP OS platforms.

Certificate layout and viewer

A certificate’s format is defined in the ITU-T X.509 version 3 standard. This standard was later adopted by the IETF in RFC 2459. A copy of the ITU standard can be downloaded from the ITU-T Web site at http:// www.itu.int/ITU-T/. The RFC is available from http://www.ietf.org. Appendix 1 contains an overview of the X.509 certificate version 3 and certificate revocation list (CRL) version 2 format.

Three key tools when dealing with certificates in Windows Server 2003 and XP are the certificate viewer and the Certificate Templates and Certificates MMC snap-ins. The latter two are covered in detail in the following sections. The certificate viewer displays a certificate’s content (as illustrated in Figure 13.6). The Windows default certificate viewer is automatically started when you double-click a certificate file. The first tab of the viewer shows general information such as the applications for which the certificate can be used, the subject name, the issuer name, the validity period of the certificate, and whether the certificate has a corresponding private key stored in the user’s profile. The second tab shows all X.509 certificate entries: the standard fields and the critical and noncritical certificate extensions. The third tab shows the certification path and the certificate status.

Figure 13.6: The Windows certificate viewer.

Certificate templates

To let a CA cope with different certificate types, Microsoft has chosen to implement a flexible and modular architecture. The characteristics of a certificate—including the applications for which it can be used—are defined in a certificate template that is stored in the AD. Windows Server 2003 comes with support for version 2 certificate templates. The key difference between V1 and V2 templates is that V2 templates can be modified. Thanks to the support for V2 templates, a CA administrator can now also create its own templates, reflecting the certificate needs of the organization.

Certificate templates can also be used to define an enterprise CA’s certificate issuance policy.

Because Windows stand-alone CAs lack AD integration, you cannot use certificate templates to customize a stand-alone CA’s issuance policy.

To administer certificate templates in Windows Server 2003 you must be a member of the Enterprise Admins group or the Domain Admins group of the forest root domain. In Windows 2000 only members of the Domain Admins group of the root domain can administer certificate templates.

Certificate templates are stored together with their properties in the system registry of servers hosting a Windows Server 2003 CA (HKLM\Software\Microsoft\Cryptography\Certificatetemplatecache) and in the Active Directory configuration naming context (cn=certificate templates, cn=public key services, cn=services, cn=configuration).

To administer version 2 certificate templates, use the Certificate Templates MMC snap-in (illustrated in Figure 13.7). You can invoke the Certificate Templates snap-in from the Certification Authority MMC snap-in by selecting the Certificate Templates folder, right-clicking it and selecting Manage. A subset of a certificate template’s definition is displayed in the MMC Certification Authority snap-in: Right-click a template in the Certificate Templates container and select properties.

Figure 13.7: The Windows Server 2003 Certificate Templates MMC snap-in.

Support for version 2 certificate templates requires specific AD schema extensions. This is not a problem in a native Windows Server 2003 environment where all Domain Controllers (DCs) are running the Windows Server 2003 Enterprise Server OS. If you have a mixed Windows Server 2003–Windows 2000 domain controller environment, you can extend the AD schema using the adprep.exe utility (use the /forestprep switch), which is available from the Windows Server 2003 CD. Also, in this case at least, Windows 2000 Service Pack 3 will be required on the Windows 2000 DCs. Certificates that are rooted on version 2 certificate templates can also only be issued from a Windows Server 2003 Enterprise or Datacenter edition CA installation.

From a PKI client point of view, all clients can enroll for certificates that are based on V2 templates from a CA’s Web enrollment interface. Enrollment for a certificate that is based on a V2 template from the Certificates MMC snap-in can only be done from a Windows XP or Windows Server 2003 OS platform. A user running the Windows 2000 OS can only request certificates that are based on V1 templates from the Certificates MMC snap-in.

Default certificate templates

Table 13.6 lists the default certificate templates that are loaded to AD when you install the first Windows Server 2003 enterprise CA in your AD forest. For every template it lists the supported applications (in the EKU/Application Policies column), the OIDs corresponding to the different applications (in the Corresponding OIDs column), whether the corresponding certificates are automatically published in Active Directory (in the AD? column), and the certificate template version (1 or 2) (in the Version column). The names between brackets in the first column are the templates’ registry names: This name sometimes differs from the template name and is interesting to know when you are requesting certificates using the certreq command-line utility.[4]

The certificate templates that are marked as offline are certificates for which the CA will not retrieve user information from the Active Directory at certificate request time. This means that the requestor has to provide the information himself. Offline templates are used for non-Windows PKI clients, like non-Microsoft IPsec clients or non-AD integrated Web servers. Because these entities do not have an AD object entry, their information cannot be retrieved from AD. Offline templates can also be very useful to deploy IPsec machine certificates to clients that are not part of a Windows domain.

Table 13.6 also shows that Windows Server 2003 supports both single- use (having a single OID) and multiple-use certificates (having multiple OIDs).

Table 13.6: Windows Server 2003 Certificate Templates

Template Name ( Registry Name)

EKU/Application Policies*

Corresponding OIDs

AD?

Version

Administrator ( Administrator)

MS Trust List Signing Encrypting File System Secure E-mail

Client Authentication

1.3.6.1.4.1.311.10.3.1 1.3.6.1.4.1.311.10.3.4 1.3.6.1.5.5.7.3.4 1.3.6.1.5.5.7.3.2

Y

1

Authenticated Session (ClientAuth)

Client Authentication

1.3.6.1.5.5.7.3.2

N

1

Basic EFS (EFS)

Encrypting File System

1.3.6.1.4.1.311.10.3.4

Y

1

CA Exchange (CAExchange)

Private Key Archival

1.3.6.1.4.1.311.21.5

N

2

CEPEncryption (CEPEncryption)

Certificate Request Agent

1.3.6.1.4.1.311.20.2.1

N

1

CodeSigning (CodeSigning)

Code Signing

1.3.6.1.5.5.7.3.3

N

1

Computer (Machine)

Client Authentication Server Authentication

1.3.6.1.5.5.7.3.2 1.3.6.1.5.5.7.3.1

N

1

Cross Certification Authority (CrossCA)

Y2

Directory E-mail Replication (DirectoryEmailReplication)

Directory Service Email Replication

1.3.6.1.4.1.311.21.19

Y

2

DomainController (DomainController)

Client Authentication Server Authentication

1.3.6.1.5.5.7.3.2 1.3.6.1.5.5.7.3.1

Y

1

Domain Controller Authentication (DomainControllerAuthentication)

Client Authentication Server Authentication Smart Card Logon

1.3.6.1.5.5.7.3.2 1.3.6.1.5.5.7.3.1 1.3.6.1.4.1.311.20.2.2

N

2

EFS Recovery Agent (EFSRecovery)

File Recovery

1.3.6.1.4.1.311.10.3.4.1

Y

1

Enrollment Agent (EnrollmentAgent)

Certificate Request Agent

1.3.6.1.4.1.311.20.2.1

N

1

Enrollment Agent (Computer) (MachineEnrollmentAgent)

Certificate Request Agent

1.3.6.1.4.1.311.20.2.1

N

1

Exchange Enrollment Agent (Offline Request) (EnrollmentAgentOffline)

Certificate Request Agent

1.3.6.1.4.1.311.20.2.1

N

1

Exchange Signature Only (ExchangeUserSignature)

Secure E-mail

1.3.6.1.5.5.7.3.4

N

1

ExchangeUser (ExchangeUser)

Secure E-mail

1.3.6.1.5.5.7.3.4

N

1

IPSec (IPSECIntermediateOnline)

IP security IKE Intermediate

1.3.6.1.5.5.8.2.2

N

1

IPSec (Offline Request) (IPSECIntermediateOffline)

Certificate Request Agent

1.3.6.1.5.5.8.2.2

N

1

Key Recovery Agent (KeyRecoveryAgent)

Key Recovery Agent

1.3.6.1.4.1.311.21.6

N

2

RAS and IAS Server (RASAndIASServer)

Client Authentication Server Authentication

1.3.6.1.5.5.7.3.2 1.3.6.1.5.5.7.3.1

N

2

Root Certification Authority (CA)

N1

Router (Offline Request) (OfflineRouter)

Client Authentication

1.3.6.1.5.5.7.3.2

N

1

SmartCardLogon (SmartcardLogon)

Client Authentication Smart Card Logon

1.3.6.1.5.5.7.3.2 1.3.6.1.4.1.311.20.2.2

N

1

SmartCardUser (SmartcardUser)

Secure E-mail Client Authentication Smart Card Logon

1.3.6.1.5.5.7.3.4 1.3.6.1.5.5.7.3.2 1.3.6.1.4.1.311.20.2.2

Y

1

Subordinate Certification Authority (SubCA)

N1

Trust List Signing (CTLSigning)

Microsoft Trust List Signing

1.3.6.1.4.1.311.10.3.1

N

1

User (User)

Encrypting File System Secure E-mail Client Authentication

1.3.6.1.4.1.311.10.3.4 1.3.6.1.5.5.7.3.4 1.3.6.1.5.5.7.3.2

Y

1

User Signature Only (UserSignature)

Secure E-mail Client Authentication

1.3.6.1.5.5.7.3.4 1.3.6.1.5.5.7.3.2

Y

1

Web Server (WebServer)

Server Authentication

1.3.6.1.5.5.7.3.1

N

1

Workstation Authentication (Workstation)

Client Authentication

1.3.6.1.5.5.7.3.2

N

2

* The applications that a certificate supports are kept in the Extended Key Usage (EKU) certificate extension (for certificates based on V1 templates) or in the Application Policies certificate extension (for certificates based on V2 templates).

Certificate template properties

Table 13.7 provides an overview of the certificate template properties that can be administered from a template’s properties dialog box in the Certificate Templates MMC snap-in. The properties dialog box is illustrated in Figure 13.8: It shows the General tab in the cross-certification authority certificate template’s properties. Note that you can only modify version 2 certificate template properties. The properties of version 1 certificate templates can be viewed from the MMC snap-in, but they cannot be changed.

Table 13.7: Certificate Template Properties

Certificate Template Properties Tab

Parameter

Comments

General

Template Display Name

Cannot be modified after template creation

Minimum Supported CAs

“Windows 2000” or “Windows Server 2003, Enterprise Edition”—Cannot be modified after template creation

Template Name

Cannot be modified after template creation

Validity Period

Specified in years

Renewal Period

Specified in weeks

Publish Certificate in AD

Checkbox

Do not automatically reenroll if a duplicate certificate exists in AD

Checkbox

Request Handling

Purpose

“Encryption,” “Signature,” or “Signature and encryption”

Archive subject’s encryption private key

Checkbox

Include symmetric algorithms allowed by the subject

Checkbox

Delete revoked or expired certificates (do not archive)

Checkbox (grayed out)

Minimum key size

512, 1024, 2048, 4096, 8192 or 16384

Allow private key to be exported

Checkbox

Do the following when the subject is enrolled and when the private key associated with this certificate is used

“Enroll subject without requiring any user input,” “Prompt the user during enrollment,” or “Prompt the user during enrollment and require user input when the private key is used”

CSPs to be used

“Request can use any CSP available on the subject’s computer” or “Request must use one of the following CSPs”

Subject Name

“Supply in the Request” or “Build from AD information”

Subject Name format

Only available if subject name is build from AD information: “Fully distinguished name” or “Common name”

Subject Name (cont’d.)

Include E-mail name, DNS name, UPN, SPN

Only available if subject name is build from AD information: checkboxes

Issuance Requirements

Require CA certificate manager approval for enrollment

Checkbox

Require a number of authorized signatures for enrollment

Checkbox

Policy type required in signature

“Application policy,” “Issuance policy,” or “Both application and issuance policy”

Application Policy

Select Application Policy

Issuance Policy

Select Issuance Policy

Reenrollment Criteria

“Same criteria as for enrollment” or “Valid existing certificate”

Superseded templates

Certificate templates

Select superseded templates

Extensions

Application Policies

Select Application Policy—mark extension as critical or noncritical (checkbox)

Basic Constraints

“Do Not Allow subject to issue certificates to other CAs”—mark extension as critical or noncritical (checkbox)

Certificate Template Information

Cannot be changed

Enhanced Key Usage

Cannot be modified (only appears on V1 templates)

Issuance Policies

Select Application Policy—mark extension as critical or noncritical (checkbox)

Key Usage

Set “Encryption” or “Signature” key usages—mark extension as critical or noncritical (checkbox)

Security

Set full control, read, write, enroll and autoenroll permissions for individual users or groups

Figure 13.8: General tab in the cross-certification authority certificate template’s properties.

The meaning of the different certificate template permissions (configurable from the security tab in a template’s properties) can be summarized as follows:

Certificate storage

In Windows, certificates are stored in a PKI entity’s personal certificate store. In the following section we go more in detail on architecture of the Windows Server 2003 and XP certificate stores. Besides certificates, an entity’s certificate store can also contain Certificate Trust Lists (CTLs), Certificate Revocation Lists (CRLs), and delta CRLs. Each Windows Server 2003 and XP user, machine, and service has its proper certificate store.

Figure 13.9 illustrates the certificate store architecture. As mentioned in Section 13.4.3, one of the CryptoAPI’s tasks is certificate management. CryptoAPI provides tools to attach certificates to messages and to store, retrieve, delete, list, and verify certificates.

Figure 13.9: Windows Server 2003 and XP physical and logical certificate stores.

The Windows Server 2003 and XP certificate store is divided into two abstraction layers: the logical certificate store and the physical certificate store. The purpose of this architecture is to abstract physical certificate storage from logical certificate categories. A Windows PKI user should not bother about where a certificate is stored physically but rather about what he or she can do with it and to what category of PKI entity it belongs. The Windows certificate store architecture provides ways to make the content of multiple physical stores visible in one logical store or, the other way around, to provide content inheritance from one physical store to multiple logical stores.

Table 13.8 and Figure 13.9 show the different logical and physical certificate containers available in Windows Server 2003 and XP. Table 13.8 also shows in which PKI entities’ certificate stores these containers are available: user, machine, or service entities. The name in parentheses in the first column is the corresponding registry name for the logical store containers.

Table 13.8: Logical and Physical Certificate Store Containers for User, Machine, and Service Principals

Logical Store Containers (Registry Name)

Physical Store Containers

User (U), Machine (M), Service (S)

Personal (MY)

Registry

U, M, S

Trusted Root Certification Authorities (ROOT) (also known as the Root Store)

Registry

Local Computer

Enterprise

U, M, S

U, S

M

Enterprise Trust (TRUST)

Registry

Group Policy

Local Computer

Enterprise

U, M, S

U, M

U, S

M

Intermediate Certification Authorities (CA)

Registry

Group Policy

Local Computer

Enterprise

U, M, S

U, M

U, S

M

Active Directory User Object (USERDS)

User Certificate

U

Trusted Publishers (TRUSTEDPUBLISHER)

Registry

Group Policy

Local Computer

Enterprise

U, M, S

U, M

U, S

M

Untrusted Certificates (DISALLOWED)

Registry

Group Policy

Local Computer

Enterprise

U, M, S

U, M

U, S

M

Third-Party Root Certification Authorities (AUTHROOT)

Registry

Group Policy

Local Computer

Enterprise

U, M, S

U, M

U, S

M

Trusted People (TRUSTEDPEOPLE)

Registry

Group Policy

Local Computer

Enterprise

U, M, S

U, M

U, S

M

Certificate Enrollment Request (REQUEST)

Registry

U, M, S

SPC (SPC)

Registry

Group Policy

Enterprise

M

M

M

To look at the content of a user, machine, or service certificate store and its different containers, use the MMC Certificates snap-in. A user can also use the Lightweight certificate viewer. The latter is accessible from the Internet Options/Content/Certificates menu in Internet Explorer.

By default, the MMC snap-in only shows the logical certificate containers. If you want, you can also see the physical certificate containers. To do this, select Options in the MMC View menu, and select the Physical certificate stores checkbox. To look at the user or machine certificate store from the command prompt, you can use the certutil command-line utility: Use it with the -store switch to display the machine certificate store; with the -user -store switches to display the user certificate store; and replace the -store with –verifystore switch if you not only want to list but also to verify the certificates in a store. Certutil is only available on Windows Server 2003 platforms.

Windows Server 2003 and XP automatically archive expired and renewed certificates and their private keys in the certificate store. This happens as part of the autoenrollment process. Archiving enables a user to decrypt old documents, even if the original certificate has expired or been renewed. To look at the archived certificates that are part of an entity’s certificate store, select Archived certificates in the view options of the MMC certificates snap-in. The same menu contains a checkbox to look at the certificates in an entity’s certificate store, based on the purpose or application for which they can be used (as illustrated in Figure 13.10).

Figure 13.10: Classifying certificates in a certificate store based on certificate purpose.

In the following sections we look in more detail at the physical and logical certificate store layers.

Logical certificate stores

Figure 13.11 shows the logical certificate store layer as you can view it from the Certificates MMC snap-in. Let’s run through the different default[5] containers and look at their content:

Knowing all this, you can perform the following operations on the level of the MMC Certificates snap-in:

New to Windows Server 2003 is that in a domain environment the user’s ability to make his or her proper root CA trust decisions can be controlled by the domain administrator: The latter is controlled using a GPO setting and is explained in more detail in Chapter 14.

Physical certificate stores

Figure 13.12 shows the physical certificate store layer as you can view it from the MMC Certificates snap-in. Let’s run through the different containers and look at their content:

Figure 13.12: Viewing physical certificates stores from theCertificates MMC snap-in.

Table 13.9 shows where the physical stores’ content is originally located, where it is stored on the client side, and when it is copied from its original location to the PKI client certificate store.

Table 13.9: Physical Store Details

Physical Store

Original Location

Physical Location on PKI-Client Side

Copied When?

Registry

N/A

For users: File system (user profile):

%SystemDrive%\Documents and Settings\<usename>\ApplicationData\Microsoft\SystemCertificates\My\Certificates

For machines and services, see “Local Computer” row below

N/A

Local Computer

Machine Registry

File System (machine profile):

%SystemDrive%\\Documents And Settings\All Users\Application Data\Microsoft\RSA\MachineKeys

Machine Registry:

HKLM\software\Microsoft\systemcertificates\my

PKI client performs logon from local computer

Group Policy

Sysvol and AD

Machine Registry:

HKLM\software\policies\Microsoft\systemcertificates

User Registry:

HKCU\software\policies\Microsoft\usercertificates

GPO application event

User Certificate

N/A

Not physically stored on the PKI client: the certificate store contains an LDAP pointer to the certificates that are stored in AD

As part of a certificate enrollment

Enterprise

AD configuration naming context:

CN=Certification Authority,

CN=Public Key Services,

CN=NTAuthTemplates,

CN=Public Key Services

Machine Registry:

HKLM\software\Microsoft\enterprisecertificates

During the autoenrollment event

Knowing all this, you can perform the following operation on the level of the MMC Certificates snap-in. You can make a CA certificate available to every user logging on to the machine. To do so, drag the certificate from the registry\certificates to the local computer\certificates physical container in the Trusted Root Certification Authorities logical container. Doing this will bring up a dialog box requesting whether you really want to add or delete a certificate to or from the Root store.

13.4.5 Private key storage

In asymmetric cryptography—on which both PKI and PKI-enabled applications (PKA) are built—access to and secure storage of the private key are critical. Because public keys are public entities, we should not bother about secure public key storage. (This does not mean you should not worry about the authenticity of the public key.) Let’s look at some examples of how you could misuse someone else’s private key.

Physical private key storage options

Private keys can be stored in different places. There are two main approaches to storing private keys: You can either place them on dedicated hardware devices or use software to hide them.

Software-based storage

The bulk of today’s operating systems—including Windows Server 2003 and XP—and PKI-enabled applications store private key material in an encrypted format on the file system. Windows stores private keys or point- ers to them (in case a hardware storage device is used) in the user’s profile. They are stored in the subdirectory %UserProfile%\Application Data\ Microsoft\Crypto\RSA. The security of Microsoft’s private key storage on the file system is rooted on what Microsoft calls the Data Protection API (DPAPI). More details on DPAPI are provided later.

Dedicated hardware device storage

Examples of dedicated hardware devices used for private key storage are smart cards, USB tokens, and Hardware Security Modules (HSM). A smart card or USB token is used to store the private key of a user. HSMs are used to store the private keys belonging to services or machines. A good example of HSM usage is for secure CA private key storage. Table 13.10 lists some popular vendors of these hardware devices (this list does not provide a complete overview).

Table 13.10: Hardware Devices for Private Key Storage: Solution and Vendor Overview

Vendors

URL

Smart Card Vendors

Gemplus

http://www.gemplus.com

Schlumberger

http://www.schlumberger.com

Oberthur

http://www.oberthurcs.com

Datakey

http://www.datakey.com

ActivCard

http://www.activcard.com

Spyrus

http://www.spyrus.com

USB Token Vendors

eAlladin (eToken)

http://www.esafe.com

Rainbow Technologies (IKey)

http://www.rainbow.com

Spyrus

http://www.spyrus.com

Hardware Security Module Vendors

nCipher (nShield)

http://www.ncipher.com

Rainbow Chrysalis (Luna CA)

http://www.chrysalis-its.com

Rainbow Chrysalis (Luna RA)

http://www.chrysalis-its.com

Spyrus (Lynks)

http://www.spyrus.com

Eracom (ProtectHost)

http://www.eracom-tech.com

Most dedicated hardware devices serve more goals than just secure private key storage. They can also provide secure onboard key-generation capabilities and cryptographic processing capabilities to accelerate digital signing and other cryptographic operations. A key advantage of using external devices to store encryption and signing algorithms is that the private key never makes it to the user’s PC.

Neither smart cards nor USB tokens are perfect, although they have an excellent reputation for providing secure private key storage. Over the past few years, several researchers conducted successful private key chases on both types of devices. Two important details are: (1) To conduct an attack on such a device, you need very expensive and highly specialized hardware; (2) most attacks require that you uncover the chip in the device. This means that usually you cannot perform an attack without physically damaging the device. A couple of successful USB token attacks are explained in detail at http:// www.atstake.com/research/reports/usb_hardware_token.pdf. For an over- view of possible smart card attacks, see the Cryptography Research Web site at http://www.cryptography.com/dpa/technical/index.htm.

To protect against physical tampering with a device, there is only one better category of solutions available on the market: Hardware Security Modules (HSMs). HSMs are extremely expensive devices; that is why they are only used to protect very important keys such as Certificate Authority (CA) private keys.

When evaluating hardware devices for secure private key storage, make sure that you check compliance with important security standards such as the Common Criteria (http://www.commoncriteria.org), the U.S. govern- ment’s FIPS 140-1 (http://csrc.nist.gov/cryptval/), and the U.K. govern- ment’s ITsec (http://www.cesg.gov.uk/assurance/iacs/itsec/index.htm). Next we will pay special attention to the FIPS 140-1 compliance of HSM devices.

We return to smart card integration in Windows Server 2003 and XP in Chapter 17. In the following sections we look in more detail at some of the security technologies behind the HSMs supported in Windows Server 2003. The goal is not to make a competitive comparison between different HSMs but rather to facilitate understanding of the security technologies they use. We use the examples of the nCipher and Chrysalis HSM.

The nCipher Hardware Security Module The nCipher’s HSM is called nShield. It can be used from many different operating systems (including NT, Windows 2000, Solaris, AIX, and HP-UX) and can protect the cryptographic keys used by a variety of applications, including Microsoft Certificate Server, the Apache Web server, Netscape’s Certificate Management Server, Enterprise Server, and many others. The nShield device is available with a PCI, internal, or external SCSI connector. Figure 13.13 shows the internal SCSI connector model. nShield’s front panel contains a smart card reader.

Figure 13.13: nShield device with internal SCSI connector.

nShield’s advanced key protection is built around the concept of a “security world,” which provides a multilayered, secure approach to managing HSMs, valuable application keys, and backup and disaster recovery processes.

From a high-level point of view, a security world (as illustrated in Figure13.14) is made up of one or more nShield HSM modules, a set of data (cryptographic keys) maintained in the secure memory of the HSM, and a set of encrypted data stored on the hard disk of the host machine.

Figure 13.14: An nShield security world and its different components.

An nShield module and its security world’s primary reason for existence are protecting cryptographic keys. This includes making sure that only the legitimate users and applications are authorized to access and use the keys.

Let’s first look at how a cryptographic key that is used by a particular application is securely stored in a module’s security world. Such a key is referred to in the nShield documentation as an “application key.” A good example of an application key would be the private key used by a Windows Certification Authority. Application keys can be stored securely in two different ways: They can be encrypted using the security world key or additionally using an operator key. This brings up two other key types: a security world key (also known as the “module key”) and an operator key (this type of key is also referred to as an “operator logical token”).

An operator key is not stored on the nShield module but is shared over a set of operator smart cards—also known as an operator card set (OCS). An OCS stores an operator key in a very special way: The key is never stored entirely on a single smart card (unless you have only a single card in your OCS) but in fragments that are spread across several different cards. In order to restore the operator key and thus to enable the decryption of application keys, one needs access to a predefined number of operator key fragments, each of which is stored on another operator smart card. The reason why nCipher splits operator keys is to let the access to an application key depend on the decision of more than one different person. In military terms this is known as the “missile silo” principle: A general can never decide all by himself to launch a nuclear missile; before he can do so, he needs—for example—the approval of at least one another general, the minister of defense, and the president.

nCipher calls this key fragmentation mechanism the k-of-n mechanism. The number k defines the number of cards that is needed to gain access to the operator key. The number n defines the total number of cards in the OCS. Coming back to the military example, you can look at the number k as the number defining how many cards are needed to authorize the decryption of an application key.

A security world may contain many different OCSs. This allows an nShield module to be shared between different applications that have different administration needs. The security world in Figure 13.2, for example, contains two OCSs. Application keys 2 and 3 are both protected by the operator key linked to OCS number 1. Application key 4 is protected by the operator key linked to OCS number 2.

A security world key (also known as the module key) is a cryptographic key that is created when the security world is created. It is stored securely on the nShield module and is used to encrypt application keys that must be available to several applications at all times—this means without needing multiple smart cards.

By default, any nShield device is FIPS 140-1 Level 2 compliant. FIPS 140-1 Level 3 compliance requires the use of a specific device type (nC4032W-xxx or nC3031S-xxx modules). It also requires you to set a configuration option during the initialization of the nShield security world. One of the most visible changes when an nShield device is FIPS 140-1 Level 3 compliant is the requirement to have an extra authorization (which can come from a card in the ACS or any OCS) before an OCS can be created or erased.

The Chrysalis Hardware Security Module Chrysalis has two HSM models that can be used in a Windows Server 2003 PKI environment: the Luna CA and Luna RA. The CA model targets advanced CA security, and the RA model targets advanced RA security. Like the nCipher nShield HSM, both of the Chrysalis models can be used from many different operating systems (including NT, Windows 2000, Solaris, Redhat Linux AIX, and HP-UX) and can protect the cryptographic keys used by a variety of applications. The Luna CA HSM requires a PCI connector. The Luna RA HSM requires a PCMCIA Type II slot. The CA device is FIPS 140-1 Level 3 compliant; the RA device is only Level 2 compliant.

In the following section we focus on the Luna CA device (illustrated in Figure 13.15). Figure 13.15 shows clockwise from the top the Luna DOCK token reader, the Luna CA cryptographic token, the color-coded PED keys, and the Luna PED authentication device. The Luna CA securely stores the cryptographic keys on the cryptographic token.

Figure 13.15: The Luna CA HSM.

The security model used by the Luna CA is very similar to the one used by the nCipher nShield device (use of a multilayered security model, support for a k-of-n key splitting mechanism, and so forth) with the following exceptions:

The Windows private key storage architecture

Windows 2000, Windows Server 2003, and Windows XP are using an architecture called the Data Protection API (DPAPI) to securely store private keys on a Windows computer system. In previous operating system releases, Microsoft used a technology known as the protected store. The DPAPI is explained next.

The data protection API

The DPAPI provides a password-based data protection service. In this context, data protection means that DPAPI provides data confidentiality and integrity protection services. DPAPI is bundled with the kernel of the Windows OS (its public interfaces are part of the crypt32.dll). DPAPI data decryption and encryption occur in the security context of a Windows system’s local system account. Figure 13.16 shows the DPAPI key protection architecture.

Figure 13.16: DPAPI key protection architecture.

The data encryption key that the DPAPI uses to securely store data is called the symmetric encryption key. The symmetric encryption key is never stored on a system—it is derived from the encryption key and the master key.

That is why the master key is the most important key in the DPAPI. The master key is securely stored in the protect folder of a user’s profile (file system path: %UserProfile%\Application Data\Microsoft\ Protect\<UserSID>).

Figure 13.16 shows how the master key is protected using the master key encryption key. The latter is cryptographically derived from a user’s password credentials. The cryptographic algorithms involved in this protection scheme are the 3DES (CBC mode) encryption algorithm, the SHA-1 hash function, and the Password-based Key Derivation Function (PBKDF2). The latter is described as part of the PKCS#5 standard.

DPAPI provides the following master key backup and recovery mechanisms:

An important drawback of using a user’s password to secure access to its protected data is that all the applications that are running in the user’s security context can access all of a user’s protected data. To counteract this, DPAPI allows an application to use an additional secret to protect the data.

The additional secret is then required to unprotect the data. In PKI terminology, this feature is referred to as strong private key protection (which is explained in a following section).

Important private key properties

Two private key properties that impact the key’s security level and that are both driven by the DPAPI are whether the key is exportable and whether it has strong private key protection enabled.

Private key exportability To enable all-time data recovery and to protect against cracking attacks, private keys used for recovery of encrypted data should be backed up or exported from the Windows system and stored on some other secure medium. To make the private key exportable, the user should check Mark keys as exportable in the Advanced Certificate Request options on the Web enrollment pages. This option is only available if the certificate will be used for key exchange only. A key can also be made exportable programmatically, by setting the CRYPT_EXPORTABLE property. How to do this is explained in detail in the platform SDK. If you want more than just backup and you really want to delete the local private key (to protect against cracking attacks), don’t forget to check the option to delete the private key if the export succeeds. The DPAPI also defines a CRYPT_ARCHIVABLE flag to allow a one-time export during a key archival operation.

Private key exportability is a predefined property that is set in the certificate templates that are used when requesting certificates to an Enterprise CA. The private keys of certificates for user signature, user, CTL signing, smart card user, smart card logon, enrollment agent, code signing, client authentication, and administrator are, by default, marked as nonexportable. Windows private signing keys are always marked as nonexportable. Signing keys should never be copied or stored on a medium different from the one that was used to store the private key when it was generated. This could be a serious security risk: A malicious person could export another person’s private key and impersonate him or her. The private keys of EFS and EFS recovery certificates are by default exportable for data recovery reasons.

Strong private key protection In both the Web enrollment pages and the Certificate Request Wizard, a user can choose to enable strong private key protection. Strong private key protection means that the user will be prompted every time the private key is used by an application. Two levels of strong private key protection can be set: high and medium (this is the default). High means that the user will, besides being prompted, also be asked to enter a password. The password is used by the DPAPI to add another security level for private key storage. Figure 13.17 shows the dialog box that pops up when you select strong private key protection.

Figure 13.17: Setting strong private key protection.

[2]More information is available at http://csrc.nist.gov/cryptval/140-1/1401val2002.htm.

[3]Certificate template ACLs can also be set from the AD Sites and Services MMC snap-in: The templates are available from the Certificate Templates container in the Public Key Services container. I recommend, however, using the Certificate Templates MMC snap-in.

[4]When using the certreq command line you can reference the certificate template that must be used with the –attrib switch. For example: certreq –attrib “CertificateTemplate:CrossCA”

[5]PKI-enabled applications may create application-specific logical certificate containers.

Категории