1999 Conferences

4th CACR Information Security Workshop

Marc Laroche, Entrust Technologies

Trusted Public Key Infrastructures

The notion of trust is fundamental in public-key infrastructures (PKIs). For PKIs to be valuable, users must be assured that the parties they communicate with are safe, i.e. their identities and keys are valid and trustworthy. To provide this assurance, it is essential that the technology involved in binding the names of users to their public keys is trusted. The technology used to create these bindings includes security mechanisms and services that provide the secure generation, destruction, and distribution of cryptographic keys, cryptographic operations, complete access control, management of security functions and services, roles and separation of duties, audit of security critical events, secure communications, data protection, and more. These mechanisms and services contribute jointly in allowing the Certification Authority (CA) to securely bind together the user identities and public keys in a digital format known as a public-key certificate. In creating these certificates, CAs act as trusted third parties in a PKI. As long as users trust the CA and its business policies for issuing and managing certificates, they can trust the public-key certificates issued by the CA.

Trust can be defined as the degree to which one believes another will behave in a predictable or favorable manner. Trusting a CA implies that the people, processes and tools involved in the creation and management of public-key certificates can be trusted to make it so that the binding between users identities and public keys can always be relied upon. Thus there must be confidence that the technology involved in creating the public-key certificates can be trusted to operate with an appropriate level of security.

Security evaluations performed by certified third party evaluation facilities against recognized security criteria are instrumental in establishing trust in PKI technology. They allow unbiased security experts to analyze the security functions, interface specifications, guidance documentation and design of the product. The Common Criteria, which was newly adopted as ISO standard 15408, presents a suitable set of security functional and assurance requirements which can be used to evaluate Certificate Authority products. Such criteria also allow the security community to share a common understanding and interpretation of what PKI and CA security requirements are, and what "trusted PKI and trusted CA" really means.

For Entrust PKIs, the Common Criteria Evaluation of Entrust/Authority and Entrust/Admin serves as a fundamental extension to the FIPS 140-1 process in that it extends the security assurance to the services involved in issuing and managing the life cycle of public-key certificates. The certification of these products confirms that these products have met the specified Common Criteria Part 3 Evaluation Assurance Level (EAL) 3 augmented requirements, and can be trusted to reliably and securely deliver CA services.

The presentation will discuss on the Entrust's experience and approach with FIPS 140-1 validation and CC evaluation.

Speaker Bio
Marc Laroche, Manager Product Evaluation at Entrust Technologies Limited is responsible for the security evaluation of Entrust products, including Common Criteria evaluations, FIPS 140-1 validations, and other government security endorsements. Marc joined Entrust Technologies from the Communications Security Establishment (CSE), a Canadian federal agency. As the System Security Engineering unit head, Marc provided security engineering support services to the Canadian Federal Government Departments, prepared IT security technical reports and guidance documents, developed and delivered network security courses and training sessions. Prior to joining CSE, he served as a Communications and Electronic Engineer Officer in the Canadian Forces. Marc has a bachelor's degree in electrical engineering from Laval University, Quebec City, Canada.