Apple's Security Architecture - The Open · PDF filealgorithms, certificate types, ... for security-related data objects ... Apple Computer, Inc. Default Data Library (DL) ¥File based

Apple Computer, Inc.

AppleÕsAppleÕsSecuritySecurityArchitectureArchitecture(ASA)(ASA)

Aram P�rezAram P�rezChief Security ArchitectChief Security Architect

[email protected]@apple.com

Apple Data Security GroupApple Data Security Group


OverviewOverview¥ Apple Data Security Group¥ Why provide a security architecture?¥ Requirements¥ Building Blocks¥ The Security Architecture¥ Restrictions, Extensions and Wishes¥ Summary¥ Q&A

¥ Apple Data Security Group¥ Why provide a security architecture?¥ Requirements¥ Building Blocks¥ The Security Architecture¥ Restrictions, Extensions and Wishes¥ Summary¥ Q&A


Apple Data Security GroupApple Data Security Group¥Mission:

Ð To make a wide range of data security protocolsand services available to developers

Ð To provide a consistent and easy to use interfacefor the user

¥Motto:ÒThink CrypticÓ

¥Mission:Ð To make a wide range of data security protocols

and services available to developersÐ To provide a consistent and easy to use interface

for the user¥Motto:

ÒThink CrypticÓ


Apple Data Security GroupApple Data Security Group¥Mission:

Ð To make a wide range of data security protocolsand services available to developers

Ð To provide a consistent and easy to use interfacefor the user

¥Motto:ÒThink CryptoÓ

¥Mission:Ð To make a wide range of data security protocols

and services available to developersÐ To provide a consistent and easy to use interface

for the user¥Motto:

ÒThink CryptoÓ


OrganizationOrganization¥Two teams

Ð Security FrameworkÐ Applied Security

¥Two teamsÐ Security FrameworkÐ Applied Security


Security FrameworkSecurity Framework¥Provide a framework to support multiple

algorithms, certificate types, trust policiesand data stores

¥Integrate new data security technologies intothe system without requiring changes tosecurity applications

¥Encourage innovative security products byproviding powerful access to low levelcryptographic functions

¥Provide a framework to support multiplealgorithms, certificate types, trust policiesand data stores

¥Integrate new data security technologies intothe system without requiring changes tosecurity applications

¥Encourage innovative security products byproviding powerful access to low levelcryptographic functions


Applied SecurityApplied Security¥Provide a consistent user experience for

handling passwords, keys and certificates¥Abstract key and certificate types for

developer through drag-and-drop and highlevel protocol toolkits

¥Automate certificate management forcreation, storage and revocation

¥Provide a consistent user experience forhandling passwords, keys and certificates

¥Abstract key and certificate types fordeveloper through drag-and-drop and highlevel protocol toolkits

¥Automate certificate management forcreation, storage and revocation


Why ProvideWhy Providea Security Architecture?a Security Architecture?

¥It is becoming a fundamentalrequirement in an operating system

¥Low barrier of entry for developers¥Ability to provide consistent user experience

for customers¥Faster time to market for providing

new security services

¥It is becoming a fundamentalrequirement in an operating system

¥Low barrier of entry for developers¥Ability to provide consistent user experience

for customers¥Faster time to market for providing

new security services


RequirementsRequirements¥Leverage industry work

Ð We did not want to re-invent the wheel¥Easily supported on all Apple OSs¥Extensible and flexible

Ð Easy to add new technologiesÐ Support software, hardware or both

¥Leverage industry workÐ We did not want to re-invent the wheel

¥Easily supported on all Apple OSs¥Extensible and flexible

Ð Easy to add new technologiesÐ Support software, hardware or both


More RequirementsMore Requirements¥A complete security model with

a good level of abstraction¥Multiple certificate models and formats

Ð X.509, PGP, etc.

¥A complete security model witha good level of abstraction

¥Multiple certificate models and formatsÐ X.509, PGP, etc.


Building BlocksBuilding Blocks¥Successful concepts from PowerTalk:

Keychain and DigiSign¥License of a full featured industry

proven security API¥Provide for the most popular cryptographic

algorithms

¥Successful concepts from PowerTalk:Keychain and DigiSign

¥License of a full featured industryproven security API

¥Provide for the most popular cryptographicalgorithms


More Building BlocksMore Building Blocks¥On staff chief cryptographer: Dr. Richard

Crandall¥Apple patented encryption algorithms

Ð Fast Elliptic Encryption (FEE)¥Fastest Odd-characteristic ECC

Ð Apple Secure Compression (ASC)¥1 pass compression and encryption

Ð Chaotic Dynamic (Chad)¥On staff security architect

¥On staff chief cryptographer: Dr. RichardCrandall

¥Apple patented encryption algorithmsÐ Fast Elliptic Encryption (FEE)

¥Fastest Odd-characteristic ECCÐ Apple Secure Compression (ASC)

¥1 pass compression and encryptionÐ Chaotic Dynamic (Chad)

¥On staff security architect


What Is Our Architecture?What Is Our Architecture?¥It is based on IntelÕs ÒCommon Data Security

ArchitectureÓ or CDSA¥We have licensed CDSA source from

Intel and are porting it

¥ It is based on IntelÕs ÒCommon Data SecurityArchitectureÓ or CDSA

¥We have licensed CDSA source fromIntel and are porting it


ApplicationsApplicationsSystem Security

Services Layered Services, Middleware, etc.Layered Services, Middleware, etc.

Common SecurityServices Manager

CSSM Security APICSSM Security APICSP

ManagerCSP

ManagerTP

ManagerTP

ManagerCL

ManagerCL

ManagerDL

ManagerDL

Manager

Security Add-inModules CSP CSP TP TP CL CL DL DL

HereÕs What It Looks LikeHereÕs What It Looks Like


System Security ServicesSystem Security Services¥Secure e-mail

Ð S/MIMEÐ Open PGP (PGP/MIME)

¥Secure communicationsÐ Secure Sockets Layer (SSL)Ð Transport Layer Security (TLS)

¥Authentication Services

¥Secure e-mailÐ S/MIMEÐ Open PGP (PGP/MIME)

¥Secure communicationsÐ Secure Sockets Layer (SSL)Ð Transport Layer Security (TLS)

¥Authentication Services


More System Security ServicesMore System Security Services¥Secure payments

Ð Secure Electronic Transaction (SET)Ð Micro PaymentsÐ E-Checks

¥Certificate managementÐ CreationÐ RevocationÐ Trust models

¥Secure paymentsÐ Secure Electronic Transaction (SET)Ð Micro PaymentsÐ E-Checks

¥Certificate managementÐ CreationÐ RevocationÐ Trust models


CSP CSP TP TP CL CL DL DL

System SecurityServices

Security Add-inModules

ApplicationsApplications

Layered Services, Middleware, etc.Layered Services, Middleware, etc.



ManagerCSP

ManagerTP

ManagerTP

ManagerCL

ManagerCL

ManagerDL

ManagerDL

Manager

Common SecurityCommon SecurityServices ManagerServices Manager


CSSMCSSM¥The essential component in CDSA that

integrates and manages all categoriesof security services

¥It enables the tight integration of individualservices, while allowingthose services to be provided byinteroperable modules

¥The essential component in CDSA thatintegrates and manages all categoriesof security services

¥It enables the tight integration of individualservices, while allowingthose services to be provided byinteroperable modules


TP TP CL CL DL DL






ManagerCSP

ManagerTP

ManagerTP

ManagerCL

ManagerCL

ManagerDL

ManagerDL

Manager

Security Add-inModules CSP CSP

Cryptographic Service ProviderCryptographic Service Provider


CSPCSP¥A module that performs cryptographic

operations and securely stores cryptographickeys

¥May be software, hardware, ora combination of both

¥A module that performs cryptographicoperations and securely stores cryptographickeys

¥May be software, hardware, ora combination of both


CSP CSP CL CL DL DL






ManagerCSP

ManagerTP

ManagerTP

ManagerCL

ManagerCL

ManagerDL

ManagerDL

Manager

Security Add-inModules TP TP

Trust PolicyTrust Policy


TPTP¥ÒCertificate semanticsÓ¥A module that implements policies defined

by authorities and institutions¥Policies define the level of trust required

before certain actions can be performed

¥ÒCertificate semanticsÓ¥A module that implements policies defined

by authorities and institutions¥Policies define the level of trust required

before certain actions can be performed


CSP CSP TP TP DL DL






ManagerCSP

ManagerTP

ManagerTP

ManagerCL

ManagerCL

ManagerDL

ManagerDL

Manager

Security Add-inModules CL CL

Certificate LibraryCertificate Library


CLCL¥ÒCertificate syntaxÓ¥A module that implements syntactic

manipulation of memory-resident certificatesand certificate revocation lists

¥Each module may choose to implement onlythose operations required to manipulate aspecific certificate data format, such as X.509,SDSI, PGP, etc.

¥ÒCertificate syntaxÓ¥A module that implements syntactic

manipulation of memory-resident certificatesand certificate revocation lists

¥Each module may choose to implement onlythose operations required to manipulate aspecific certificate data format, such as X.509,SDSI, PGP, etc.


CSP CSP TP TP CL CL






ManagerCSP

ManagerTP

ManagerTP

ManagerCL

ManagerCL

ManagerDL

ManagerDL

Manager

Security Add-inModules DL DL

Data LibraryData Library


DLDL¥A module that provides stable storage

for security-related data objects¥These objects can be certificates, certificate

revocation lists (CRLs), cryptographic keys,policy objectsor application-specific objects

¥A module that provides stable storagefor security-related data objects

¥These objects can be certificates, certificaterevocation lists (CRLs), cryptographic keys,policy objectsor application-specific objects




Common SecurityServices Manager CSP

ManagerCSP

Manager

CSSM Security APICSSM Security APITP

ManagerTP

ManagerCL

ManagerCL

ManagerDL

ManagerDL

Manager

Default SecurityAdd-in Modules CSP CSP TP TP CL CL DL DL

KeychainAccess

KeychainAccess

KeychainKeychain SSLSSL Cert MgtCert Mgt SignSign EncEnc ??????

What Are We Delivering?What Are We Delivering?


Default CryptographicDefault CryptographicService Provider (CSP)Service Provider (CSP)

¥Fully exportable, available world-wide¥Signatures: FEE (ECDSA), RSA, DSA (full

strength)¥Symmetric: DES, RC2, RC4, ASC

(Apple Secure Compression) (40 bits)¥Key exchange: FEE, RSA, D-H (512)¥Hashes: MD2, MD5, SHA-1

¥Fully exportable, available world-wide¥Signatures: FEE (ECDSA), RSA, DSA (full

strength)¥Symmetric: DES, RC2, RC4, ASC

(Apple Secure Compression) (40 bits)¥Key exchange: FEE, RSA, D-H (512)¥Hashes: MD2, MD5, SHA-1


Default Trust Policy (TP)Default Trust Policy (TP)¥Trust based on X.509 certificates¥Trust based on X.509 certificates


Default Certificate Library (CL)Default Certificate Library (CL)¥X.509 V3 certificates & CRLs¥X.509 V3 certificates & CRLs


Default Data Library (DL)Default Data Library (DL)¥File based¥Protected by ÒpassphraseÓ¥Will store certificates, CRLs, keys and

passwords¥The Keychain will be standard API

for accessing objects stored in DL

¥File based¥Protected by ÒpassphraseÓ¥Will store certificates, CRLs, keys and

passwords¥The Keychain will be standard API

for accessing objects stored in DL


US/Canada Only CSPUS/Canada Only CSP¥Full strength CSP, not exportable¥Signatures: FEE, RSA, DSA¥Symmetric: DES, 3DES, RC2, RC4, ASC

(Apple Secure Compression)¥Asymmetric: FEE, RSA, D-H¥Key exchange: FEE, RSA, D-H¥Hashes: MD2, MD5, SHA-1

¥Full strength CSP, not exportable¥Signatures: FEE, RSA, DSA¥Symmetric: DES, 3DES, RC2, RC4, ASC

(Apple Secure Compression)¥Asymmetric: FEE, RSA, D-H¥Key exchange: FEE, RSA, D-H¥Hashes: MD2, MD5, SHA-1


ÒFinancialÓ CSPÒFinancialÓ CSP¥Planning a CSP for financial applications¥Will provide strong cryptography for

financial transactions¥Available worldwide¥Most likely will require application to Òbe

signedÓ

¥Planning a CSP for financial applications¥Will provide strong cryptography for

financial transactions¥Available worldwide¥Most likely will require application to Òbe

signedÓ


Delivery DatesDelivery Dates¥Stand-alone Keychain

Ð 3rd Quarter 1998¥Core CDSA with default add-in modules

(including smartcard support)Ð 1st Quarter 1999

¥CDSA-based KeychainÐ 1st Quarter 1999

¥SSL v3 over CDSAÐ 2nd Quarter 1999

¥Stand-alone KeychainÐ 3rd Quarter 1998

¥Core CDSA with default add-in modules(including smartcard support)Ð 1st Quarter 1999

¥CDSA-based KeychainÐ 1st Quarter 1999

¥SSL v3 over CDSAÐ 2nd Quarter 1999


More DatesMore Dates¥CDSA 2.0

Ð 3-4 months after release of reference code¥CDSA 2.0

Ð 3-4 months after release of reference code


CDSA RestrictionsCDSA Restrictions¥Only CSP/DL multi-service modules allowed

Ð CSPs have minimum key management API:¥Generate¥Find private key by public key

Ð DLs have a ÒfullerÓ object management APIÐ Easier for Keychain and other applications

¥Only ÒoneÓ APIÐ Easier for supporting smartcards

¥Only CSP/DL multi-service modules allowedÐ CSPs have minimum key management API:

¥Generate¥Find private key by public key

Ð DLs have a ÒfullerÓ object management APIÐ Easier for Keychain and other applications

¥Only ÒoneÓ APIÐ Easier for supporting smartcards


More RestrictionsMore Restrictions¥Keys have a single use

Ð Good security practiceÐ Easier export/import compliance

¥Only key references allowed, no raw key bitsÐ Exception for public keys

¥Keys have a well known set of attributesÐ Based on the CSSM_KEY structure

¥Keys have a single useÐ Good security practiceÐ Easier export/import compliance

¥Only key references allowed, no raw key bitsÐ Exception for public keys

¥Keys have a well known set of attributesÐ Based on the CSSM_KEY structure


CDSA ExtensionsCDSA Extensions¥Conversion functions between DL keys and

CSP keysÐ ASA_DBRecordToKeyÐ ASA_FreeKey

¥Conversion functions between DL keys andCSP keysÐ ASA_DBRecordToKeyÐ ASA_FreeKey


CDSA 2.0 Wish ListCDSA 2.0 Wish List¥More object definition

Ð Currently applications are tied to a particular DLbecause they have to know the attributessupported by the DL

¥A better key management APIÐ Currently applications are tied to a particular CSP

because there is no standard key management API

¥More object definitionÐ Currently applications are tied to a particular DL

because they have to know the attributessupported by the DL

¥A better key management APIÐ Currently applications are tied to a particular CSP

because there is no standard key management API


More WishesMore Wishes¥Conversion functions between DL and CSP

Ð Currently there is no way to use a key from a DLwith a CSP

¥Clearer support for smartcards¥Work on system security services APIs that

are based on CDSAÐ SSL/TLSÐ Secure E-mail

¥Conversion functions between DL and CSPÐ Currently there is no way to use a key from a DL

with a CSP¥Clearer support for smartcards¥Work on system security services APIs that

are based on CDSAÐ SSL/TLSÐ Secure E-mail


SummarySummary¥Apple has a Security Architecture

Ð Based on CDSAÐ Will be integrated with the operating systemÐ Will be delivered with every Apple computer

¥Our focus is the System Security Services andthe User experienceÐ CDSA is an enabling technology for usÐ Developers are interested in security functionality

not security APIs

¥Apple has a Security ArchitectureÐ Based on CDSAÐ Will be integrated with the operating systemÐ Will be delivered with every Apple computer

¥Our focus is the System Security Services andthe User experienceÐ CDSA is an enabling technology for usÐ Developers are interested in security functionality

not security APIs


For More InformationFor More Information¥This presentation

Ð http://arcanum.apple.com¥Intel:

Ð http://www.intel.se/ial/security/CDSAÐ Has documentation for Version 1.2

¥The Open Group:Ð http://www.opengroup.org/security/cdsaÐ Has documentation for Version 2.0

¥This presentationÐ http://arcanum.apple.com

¥Intel:Ð http://www.intel.se/ial/security/CDSAÐ Has documentation for Version 1.2

¥The Open Group:Ð http://www.opengroup.org/security/cdsaÐ Has documentation for Version 2.0


Think Crypto

Questions & AnswersQuestions & Answers

Documents

Apple's Security Architecture - The Open · PDF filealgorithms, certificate types, ... for security-related data objects ... Apple Computer, Inc. Default Data Library (DL) ¥File based