NCipher Takes Hardware Security To Network Level

[Peter Gutmann]

>In fact, if you're clever, you can manage to not trouble yourself to get the
>key-management, etc. certified, getting only the simple, symmetric-cipher
>stuff run through the process.  The government will still buy your
>"encryption devices" (FIPS-140 certified) and will conveniently ignore the
>lack of certification on your "management device", even though it acts as an
>administrative user towards the "encryption device".  It's somewhat scary that
>this sort of skulduggery is possible, but it's also not really anything new
>or exciting.

If you think that's scary, look at Microsoft's CryptoAPI for Windows XP FIPS
140 certification.  As with physical security certifications like BS 7799, you
start by defining your security perimeter, defining everything inside it to be
SECURE, and ignoring everything outside it.  Microsoft defined their perimeter
as "the case of the PC".  Everything inside the PC is defined to be SECURE.
Everything outside is ignored.

FIPS 140 requires role-based access control (RBAC).  Microsoft enforces this.
There's a single role, "everyone that uses the machine".

After that, it gets a bit dodgy, and the credibility of the certification
process might be called into question by some of the more sceptical readers.
OTOH it does show that Microsoft has a good grasp of the value of the
certification system.

Note that you could probably get a system running MSDOS FIPS 140 certified
following this methodology, provided that you enable the BIOS password to meet
the access control requirements.

Peter ("I define myself to be A BIT CYNICAL about all this").

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com