The recently completed Exploring Windows 2003 Security series details many of the security-related improvements built into the Windows Server 2003 platform. However, the topics covered there did not exhaust all capabilities associated with the new operating system. This article revisits the challenge of securing Windows Server 2003 -- this time from a hardware perspective, with a focus on hardware-based cryptography.
While cryptography can be, and frequently is, implemented exclusively in software, such an approach is often inefficient, especially when dealing with larger amounts of data, asymmetric algorithms, and long encryption keys (i.e., those more than 1024 bits), even on 64-bit servers. In addition, in sensitive environments, the possibility of compromising software-based keys is an issue, since they remain in the server's memory even after they are no longer used (of course, such an exploit would require the attacker have the ability to analyze memory contents).
An increasing need for secure communication, especially in the e-commerce area, raised interest in alternative methods of implementing encryption, which would eliminate the performance and vulnerability issues described above. The new solution comes in the form of hardware security modules (HSMs). In addition to serving as a storage for private keys, HSMs provide a number of standard cryptography-related features, such as secure authentication and communication sessions via Secure Sockets Layer (SSL), by offloading the setup of computational-intensive SSL connections from Web servers to tamper-resistant hardware modules, and protecting access to Web services and custom applications.
Two vendors that currently offer such products for Windows Server 2003 are nCipher and Rainbow-Chrysalis.
Rainbow-Chrysalis, headquartered in Ottawa, Canada, makes the Luna CA3 HSM. Luna CA3 integrates with Windows 2000 and Windows 2003 via the custom Cryptographic Service Provider. It supports every commonly used cryptographic algorithm and key length, and is based on WHQL-compliant hardware. The hardware consists of several components: a token, a token reader, a PED authentication keypad (PIN Entry Device), a set of color-coded PED keys, and a PCI token reader card. The combination of an authentication keypad and keys allows for three-factor authentication (independent of the server to which the device is attached). The first factor involves using a PED key, the second a personal PIN assigned to each administrator, and the third (and optional) invokes the key-splitting feature. Note, however, that three-factor encryption requires the simultaneous presence of several administrators to perform a cryptography-related task.
The advantage of a separate keypad is that keystrokes cannot be captured by the operating system of the server to which the device is attached. The token reader contains two slots to allow secure copying of keys stored on one token to another. To get Luna CA3 operational, install Luna Cryptographic Services on the Windows server. The software setup must be followed: Install the PCI card with appropriate drivers and attach the reader with the PED authentication keypad. Next, initialize and activate the cryptographic token. Finally, configure the server to use Luna Cryptographic Services as the Cryptographic Service Provider.
A more detailed description of Luna CA3 module, its installation procedures, and its integration with Windows Public Key Infrastructure (PKI) can be found in a white paper published on Microsoft's Web site.
nShield HSM from nCipher offers similar capabilities. Based in Cambridge, England, the company has its U.S. headquarters in Woburn, Massachusetts. nShield provides the same degree of integration with Windows 2000 and Windows 2003 PKI as Rainbow-Chrysalis, including support for cryptographic algorithms and hardware compatibility. Its hardware is also similar, with the token reader card available in both PCI and SCSI factors. In addition, nShield has several additional features worth noting.
nShield employs nCipher proprietary Security World key management technology, providing such functionality as key storage, backup, and recovery. It also allows the implementation of security policies across HSM infrastructure and simplifies key transfer, which was one of the critical problems traditionally associated with hardware cryptography modules (and one of the factors hindering their broader acceptance on the market). nCipher's technology offers practically unlimited key storage because keys are stored in the form of encrypted files, external to the HSM (which also makes backup and restore procedures easier to implement).
Among the other features nShield supports are elaborate access control methods, which consist of granular Access Control Lists and management via split responsibility smart cards, where simultaneous permissions from several administrators are required for performing specific secured operations (basically the equivalent of Luna CA3's key-splitting feature described earlier), as well as key policies (linking key usage to factors such as time limits or the presence of token cards in the reader). Multiple modules installed on the same server can operate in a load-balanced or high availability configuration. Additional details about the nShield and its integration with Windows 2003 PKI, are available in a whitepaper published on nCipher's Web site.