Public Key SuperstructureIt’s PKI Jim, but not as we know it!

7th Annual “IDtrust” Symposium5 March 2008, Gaithersburg MD, USA

Stephen WilsonLockstep Consulting Pty Ltd

About Lockstep

• Consultants specialised in PKI, smartcards & privacy

• Developing novel de-identification and online safety solutions

• Consultants specialised in PKI, smartcards & privacy

• Developing novel de-identification and online safety solutions

About Lockstep

• Asia PKI Forum• Gatekeeper Policy Committee• Aust. Law Reform Commission

• Asia PKI Forum• Gatekeeper Policy Committee• Aust. Law Reform Commission

Historical PKI experience

The passport metaphor

• Non-descript applications– impossible for CAs to manage risk

• Stranger-to-stranger e-business– “It’s good to trust but it’s better not

to”• Novel TTP business models

– Imposed incredible CPSs upon users• Notion of a single identity

– “Interoperability” = cross certification

“Cross-certification and policy mapping has been a rat hole that has sucked up vast amounts of energy better spent elsewhere” Anonymous, Feb 2008

“Fading PKI Market” June 2003

PKI thickets

1999 RSA Conference

Identrus

1999 2002 2005

Verisign IPO

2008

PKI in practice

• Works best in closed communities– Automates transactions in context – This is a Good Thing

• Embedded keys & certificates• Fits with identity plurality

PK Superstructure

CA as Security Printer

Stock Exchange

ListingsDepartment

Listed CompanyAchieve Listing

Announcements Announcement

Distribute bar code labelsSecurityPrinter

ListingRules

ListingRules

ListingRules

ListingRules

ListingRules

ListingRules

Affix bar code

Off

ice

r

FaxOCR

Stock Exchange

ListingRules

ListingRules

ListingRules

ListingRules

ListingRules

Listed Company

Announcement

ListingRules

Distribute certificates, keys

Digitally sign

CA

ListingsDepartment

Announcements

Message AppMessage

App

CA as Security Printer

Security printer implications

• Decouples registration from production • Manages risks associated with

registration & production separately

• No contract between Subscriber & CA• No exposure of CPS to Subscriber• Easier to novate CA service providers • Accreditation not affected by new

Policies

ContextContext

HealthOrganisation

“Relationship Certificates”

e-Prescription

Patient name - - Med - - -Dose - - -Repeats - - -

Credentials

Subject: - - - Ext: Lic No. xyzIssuer: Health OrgPolicy OID: - - -

Public Key: - - -

Transaction User Certificate CA Certificate

Sig

ned:

Dr

Lic.

xyz Health Org CA

Subject: - - - Validity: - - - Issuer: Root CAPolicy OID: - - -

Public Key: - - - Sig

ned:

Hea

lth R

oot

CA

Sig

ned:

Hea

lth O

rg C

A

“Relationship Certificates”• Form of “Authorization PKI” • Kill the holy cow of authentication being

primary over authorization

• Preserves X.509 formats, software

• Not SPKI: no ‘primary’ ID certificate • Not Attribute Certs: we can sign with

cert

• Form of “Authorization PKI” • Kill the holy cow of authentication being

primary over authorization

• Preserves X.509 formats, software

• Not SPKI: no ‘primary’ ID certificate • Not Attribute Certs: we can sign with

cert

C. Vote

Lockstep anonymous e-voting

B. RegisterA. Background

Roll Enrol to vote

Smartcard distribution process

CertificateSerial No.PollKey

Dig SignRegister

smartcard

CA

Ide

ntif

y vo

ter

Ge

ne

rate

ke

y p

air

Inst

all

an

on

. ce

rtifi

cate

CertificateSerial No.PollKey

2

1

Candidate

Candidate

Candidate

2

1

Candidate

Candidate

CandidateDig Sign Signedballot

Candidate

Candidate

Candidate

Lockstep clinical study privacy

Study sponsor

Randomisation

Logistics

Collection

Certificate Server

(2) Enrol patient into study

(3) Load pt smartcard with Stepwise anonymous ID

CertificatePatient IDStudy IDKey

Dig Sign

(1) Distribute investigator packs

(4) Patient presents for follow-up

Tests

(5) Investigations as per protocol

Study sponsor

Randomisation

Logistics

Collection

Certificate Server

CertificatePatient IDStudy IDKey(6) De-identified secure

follow up data, “sealed” with Stepwise ID

Lockstep clinical study privacy

swilson@lockstep.com.au

Discussion

See also www.lockstep.com.au/technologies