[cryptography] airgaps in CAs
thierry.moreau at connotech.com
Sun Jan 8 10:50:55 EST 2012
Florian Weimer wrote:
> * Eugen Leitl:
>> Is anyone aware of a CA that actually maintains its signing
>> secrets on secured, airgapped machines, with transfers batched and
>> done purely by sneakernet?
> Does airgapping provide significant security benefits these days,
> compared to its costs?
> File systems are generally less robust than network stacks. USB
> auto-detection is somewhat difficult to control on COTS systems. So
> unless you build your own transfer mechanism, a single TCP port
> exposes less code, and code which has received more scrutiny.
> cryptography mailing list
> cryptography at randombit.net
About the same scrutiny that you need to make sure a single IP port
would be listening can be applied to preventing USB port leaks.
In practice, I had to configure a Linux kernel devoid of USB support as
a first motivation but it provided assurance about IP potential
vulnerabilities (I don't recall the details). Thereafter, the selection
of software packages was required for IP port restriction, but it also
provided assurance about file system leaks.
I guess you can not equate high security (whether is labeled "air gap"
or "IP port restricted") with any segment of the COTS system market.
With respect to the costs, both "air gap" and "IP port restricted" imply
higher operational costs: they require more direct physical contact with
the physical object (at least if you request *a*single*TCP* port, in
which case you don't get SSH).
Overall, "air gap" (and certified HSM) are public relations security
slogans. The real challenge in security encompasses key management and
authentication/authorization management, but you seldom see them
addressed in public records of secure operations (the ICANN DNSSEC root
KSK management is the exception).
- Thierry Moreau
CONNOTECH Experts-conseils inc.
9130 Place de Montgolfier
Montreal, QC, Canada H2M 2A1
More information about the cryptography