From May 17th to 19th, I had the pleasure of attending the Fifth International Cryptographic Module Conference (ICMC 2017) with my colleague, Alexander Mazuruc. Alex usually attends this conference which focuses on cryptographic modules and FIPS 140 type issues, but this year there were 8 tracks on related subjects such as Quantum-safe crypto (yes, that is a thing), and Common Criteria. The conference had about 35 different sponsors including the Trusted Commuting Group. Overall I found the conference very informative and a good place to network in the community.
The reason I attended this year was to give a presentation on the development of the Common Criteria collaborative protection profiles (cPP) for Full Drive Encryption (FDE). Common Criteria is an international standard for computer security, and is much more widely recognized than FIPS. Also, it applies to whole products or systems, not just the cryptographic module. Historically, the major drawback of Common Criteria is the “Security Target – EAL (Evaluation Assurance Level)” method with which it was applied. FDE product vendors would write a Security Target document describing the security functionality of the product, and then submit it to a lab to have its implementation verified to a certain level of assurance (EAL). EAL could range from 1 to 7, with 7 providing the most assurance. The problem with this approach is that since every FDE Product’s security target would be different, it was hard for customers to compare them. Also, the EAL could vary from product to product, and the uniqueness of each evaluation made assessments time consuming and very expensive for the vendor.
The old assurance methods just don’t cut it, so a new approach was needed. To that end, International Technical Community (iTC) work groups were formed to create a collaborative Protection Profiles (cPP) for FDE. The idea is that experts in Common Criteria and subject matter experts from the labs, academia, industry and governments would work together to create protection profiles. The cPP defines the security requirements that a product must meet, and the accompanying documentation describes the evaluation activities a lab must perform to verify that these functions exist and are operating properly. There is no EAL level with cPPs, and unlike the Security Target method, no missing security features.
The two base cPPs for FDE were last updated in Sept of 2016:
- cPP EE – Encryption Engine,
- cPP AA – Authorization Acquisition,
And now, the latest cPP, EM for “Enterprise Management” was just out for public comment until May 26th.
cPP EM describes the requirements for the enterprise management from a server of the end point consisting of an AA and EE. Paraphrasing from the cPP, the purpose of the Enterprise Management (EM) cPP is to provide security critical requirements for Enterprise Management software that is used to manage systems in an enterprise that contains FDE solutions. Such software is used to provision and administer such solutions and maintain backup means of authorizing the systems, should a primary authorization be lost or forgotten.
This addition to the FDE cPP – Authorization Acquisition addresses the following scenarios over and above what was addressed in the first release of the cPP:
- Managing the encryption keys and encryption policy from a Management Server
- Providing for multi-user access to an endpoint protected by a compliant FDE solution
- Providing for remote authentication of the user
- Providing for user recovery scenarios when a user’s credential is lost or forgotten:
(i.e., Challenge/Response, Recovery PIN)
- Cryptographic wiping
It also specifies that the security related data that traverses the network from a centralized management server to one or more AA instances needs to be protected with SSH, TLS, IPSEC, HTTPS, etc.
In short cPP EM completes the set of FDE cPPs, making it possible to manage an entire network of full drive encrypted devices with centralized enterprise management, and obtain government backed third party assurance that the security features are present and implemented according to the standard.
A PDF of my presentation on the “Development of cPPs for Full Disk Encryption” can be found here.