Securing Credential Delivery

Initially, some crypto systems relied on a single piece of information for user authentication (such as a passphrase provided out of band). As Public Key Infrastructures matured, this type of system became unacceptable because of the potential for compromise through a single point of failure. Today's baseline for user authentication is provided by the CA generating two disparate pieces of information, both of which are required during certificate generation. In Entrust's product line, these are known as the Reference Number (eight digits), and the Authorization Code (three alphanumeric quartets).

Delivery of these credentials to the intended user (and only the intended user) can be difficult to achieve, due to many factors. The obvious complexity is that the credentials must be delivered not just by separate means, but by dissimilar means. For example, delivering the Reference Number through the web and the Authorization Code by e-mail can be risky. If there's an intruder on your network, they're likely to catch both pieces in a snooping attack.

The trick then, is to increase the effort required to illegitimately obtain both halves of the credential pair, while introducing as little inconvenience as possible to the end user. This is done by increasing the cost of compromising either piece, and removing any relationship between them. Compromise of one piece is certainly not desirable, but in a well designed delivery system, does not result in a compromise of the certificate. (There are rumors of a system where the user could obtain their Authorization Code by providing their Reference Number. This system is obviously flawed due to the direct nature of the relationship between the credentials).

Since the credentials turn from sensitive information to nearly useless after initialization, it is also in the best interest of security to minimize the time between generation of the credentials, and generation of the certificate.

With these principles in mind, several options may be considered for credential delivery.

Paper Form - The use of a carbon form or heat-sealed envelope system often requires a relatively expensive start-up, and hardware maintenance becomes an additional burden. If you are dealing with a large organization, or one that is geographically dispersed, this system may be slow and ineffective. The benefit to this type of delivery is that you can generally tell if envelopes have been tampered with. In addition, it is usually easier to use policy or local law to take punitive action against someone who has opened mail not addressed to them.

E-Mail - Electronic mail delivery is often a preferred method for half of the credentials. It is fast, reliable and easy to set-up. Unfortunately, e-mail is easily read as it passes through the network, and in almost all cases, the actual recipient has no idea an attack has taken place.

The Web - The web is an acceptable means of delivery, and becomes more reliable when SSL is introduced. In most cases, unilateral SSL will be the only option, which provides encryption, but no authentication. This prevents network snooping but does nothing for proving that the user requesting the credential is who they say they are. Additional measures must be taken to cover off authentication.

Telephone Based - Delivery of credentials over the telephone is often not an option because it is time consuming and error prone. Authorization codes are particularly ill suited for verbal delivery due to their alphanumeric makeup (despite measures such as the absence of zeros).

ID Based - This is potentially the most secure method, as it involves visual verification of the user based on provided identification. Policies should dictate what ID is acceptable. Like the paper form, this scenario is also difficult to co-ordinate in physically widespread organization.

Call Centre - The idea behind a call centre is that a user will call a designated number when they are ready to initialize. A support person on the line will verify they are who they say they are by means of some questions, provide the user with their credentials, and walk them through the initialization process. This is an excellent set-up for convenience, but the cost of supporting a call centre is often prohibitive, and it can be difficult to achieve user authentication over the telephone.

The above list is covers only a handful of the delivery methods available. There is no "one size fits all" solution for credential delivery. Factors such as organization size, available resources, geographic location and acceptable delivery time all impact the methods that will be considered viable.

Putting forth the additional effort in the design phase will often result in much safer, more efficient delivery, and avoid potentially embarrassing situations in the event of an attack.