![Page 1: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/1.jpg)
Technology OverviewTechnology Overviewforfor
FPKI TWGFPKI TWGMay 2, 2002May 2, 2002
![Page 2: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/2.jpg)
2NOVOMODO Inc.
AgendaAgenda Company Introduction
NOVOMODO Basics
Advanced Features
Application Examples
Summary
![Page 3: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/3.jpg)
3NOVOMODO Inc.
About NOVOMODOAbout NOVOMODO
Software product company focused on validation
security and privilege management
Founded by Dr. Silvio Micali in 2001 to bring
about a “new way” of approaching business
problems associated with validation & privileges
Validation technology in production use at MIT –
160,000 certs issued over 18 months
“Alpha” product release available for evaluation
![Page 4: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/4.jpg)
4NOVOMODO Inc.
NOVOMODONOVOMODO Executive Team
Silvio Micali – Founder and Chief ScientistProfessor of Computer Science at MIT
Peter Hussey – CEOFormer President of CyberTrust and Baltimore Americas
Robert Dulude – SVP and Chief Security OfficerFormer VP at CyberTrust and Baltimore
William Ang – VP EngineeringPartner at TechSquare, Inc.
TBA – CFOCo-founder of two successful financial services firms, COO and EVP of several firms
TBA - VP Sales and MarketingVP sales positions at Lotus and others
![Page 5: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/5.jpg)
5NOVOMODO Inc.
NOVOMODO AdvisorsNOVOMODO AdvisorsAllan Borodin, University of Toronto
Manuel Blum, Carnegie Mellon University
Mihir Bellare, University of California - San Diego
David Campbell, Director, Innovation Advisors
Steve Cohn, COO Nevo Technologies
Shafi Goldwasser, MIT
Mike Kaplan, CTO SafeNet
Charles Rackoff, University of Toronto
Ronald Rivest, MIT
Phil Rogaway, University of California – Davis
Jeff Schiller, MIT & IETF
![Page 6: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/6.jpg)
6NOVOMODO Inc.
NOVOMODO Missionbecome the global leader in
Certificate Validationand
Dynamic Privilege Management
![Page 7: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/7.jpg)
7NOVOMODO Inc.
Some DefinitionsSome Definitions
Authentication is proving your claimed identity
The picture on your driver’s license
Authorization is granting privileges (user/process)
Privilege to drive
Validation is verifying your privileges and attributes
Your privilege to drive has not been revoked
Your address on your license is current
![Page 8: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/8.jpg)
8NOVOMODO Inc.
eSecurity SolutioneSecurity Solution
NOVOMODO technology provides:
Validation that is simple, secure, cost effective and truly scales Scalable = no degradation in performance or cost
effectiveness as move to 10s millions
Two-party validation for off-line situations Dynamic privilege management
Multiple privileges using a single certificate
![Page 9: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/9.jpg)
Expires7/31/2002
Sally Student
909090909VALID4.26.02
20-byte
Validation
Token• Unforgeable
– Works only with proper document and date• Simple
– 20 bytes• Fast
– A few hashes (10,000 times faster than one digital signature)• Public
– Can post on the Web!
PROOF
NOVOMODO Validation
![Page 10: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/10.jpg)
NOVOMODO Validation
Expires7/31/2002
Sally Student
909090909VALID4.26.02
20-byte
Validation
Token PROOF
Validation Authority
909090909VALID4.27.02
day 2 909090909VALID4.28.02
day 3909090909REVOKED
day 4 909090909VALID4.26.02
day 1
Basics
![Page 11: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/11.jpg)
NOVOMODO Basics
ValidationAuthority
Single Vault
NO Vaults!
Validation Responders
*** PCCell phoneSmartcardPDALaptop
Web MerchantFinancial Service ProviderCorporate NetworkHealth Care Data RecordsGovernmental IDs/Access802.11 “hot-spots”
SubscriberRelying Party
OKS #
OCSP
SecureScalableCost effectiveEasily managed
![Page 12: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/12.jpg)
NOVOMODO Basics
ValidationAuthority
Single Vault
NO Vaults!
Validation Responders
*** PCCell phoneSmartcardPDALaptop
Web MerchantFinancial Service ProviderCorporate NetworkHealth Care Data RecordsGovernmental IDs/Access802.11 “hot-spots”
SubscriberRelying Party
OKS #
SecureScalableCost effectiveEasily managed
![Page 13: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/13.jpg)
No connecting infrastructure required!
NOVOMODO 2-PARTY Validation
Network Gateway & Responder
ValidationAuthority
Cell PhonePDABluetooth deviceSmartcardSubway ticketsTollbooth
Wireless Platform
Val. Token “Push”(e.g., silent SMS)
OKOK
Wireless,
Physical Access Control,
…
Offline Validation!NO 3rd Party Call!
Unique to NOVOMODO Relying PartyLogical or Physical Access
![Page 14: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/14.jpg)
Dynamic Privilege Management
NOVOMODO
![Page 15: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/15.jpg)
Low-levelclearance
Medium-levelclearance
High-levelclearance
PurchasingPower
Database Access
Dynamic Privilege Management: Example
909090909VALID4.26.02
909090909VALID4.26.02
On The CertOn The Cert
PKI EnabledApplication
Access
![Page 16: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/16.jpg)
Low-levelclearance
Medium-levelclearance
High-levelclearance
PurchasingPower
Database Access
PKI EnabledApplication
Access
Dynamic Privilege Management
909090909VALID4.26.02
909090909VALID4.26.02
On The CertOn The Cert
![Page 17: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/17.jpg)
Low-levelclearance
Medium-levelclearance
High-levelclearance
PurchasingPower
Database Access
Dynamic Privilege Management
On The CertOn The Cert
909090909VALID4.27.02
909090909VALID4.27.02
PKI EnabledApplication
Access
![Page 18: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/18.jpg)
Low-levelclearance
Medium-levelclearance
High-levelclearance
PurchasingPower
Database Access
Dynamic Privilege Management
On The CertOn The Cert
909090909VALID4.27.02
909090909VALID4.27.02
PKI EnabledApplication
Access
![Page 19: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/19.jpg)
Low-levelclearance
Medium-levelclearance
High-levelclearance
PurchasingPower
Database Access
Dynamic Privilege Management
On The CertOn The Cert
909090909VALID4.28.02
909090909VALID4.28.02
909090909VALID4.28.02
PKI EnabledApplication
Access
![Page 20: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/20.jpg)
Dynamic Privilege Management
Unique ToUnique ToNOVOMODO !NOVOMODO !
• Revocation + Reissuance
• Same Certificate, multiple privileges, multiple authorities
• Low-cost independent control
Tenants
![Page 21: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/21.jpg)
Dynamic Privilege Management
Unique ToUnique ToNOVOMODO !NOVOMODO !
• Revocation + Reissuance
• Same Certificate, multiple privileges, multiple authorities
• Low-cost independent control
![Page 22: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/22.jpg)
Smart Access Card
Validation Responders
***
IndependentValidation Authorities
Smart Card with Single Certificate but
Dynamic Cert Management
Share Card, Cert, Infrastructure, …
RETAIN CONTROL !
NAVY
ROOSEVELT
NAVY
Department of Defense
RSVT
OK
OK
Donald Rumsfeld
Secretary of Defense
Pentagon
Washington, DC
#1234567
Department of Defense
NAVY
Department of Defense
RSVT
![Page 23: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/23.jpg)
![Page 24: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/24.jpg)
24
Simple DeploymentFunctional Block Diagram
NovomodoValidationAuthority
SUBSCRIBER
NovomodoResponders
CA
RADPM
Relying PartyApplication
LDAP
![Page 25: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/25.jpg)
25NOVOMODO Inc.
Enabling FlexibilityEnabling FlexibilityArchitecture OptionsArchitecture Options
VA VA VA
CA
Rsp Rsp
Rsp Rsp
CA
VA
CA CA
Rsp Rsp
Rsp Rsp
VA VA VA
CA
Rsp Rsp
Rsp Rsp
CA CA
![Page 26: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/26.jpg)
26NOVOMODO Inc.
SummarySummary Technology is simple, secure and scales
Attractive alternative to OCSP Near real time off-line validation
Ideal for wireless platforms Ideal for physical access via smartcards & biometrics
Dynamic privilege management – for 1st time: Multiple privileges on single certificate Multiple privileges independently controlled Privileges can be pre-positioned for future use Replaces unworkable attribute certificates
Unique to Novomodo
![Page 28: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/28.jpg)
28
Background on one-way hashing• H is easy to compute (10,000 times faster than signature)• H is hard to invert (e.g., SHA-1)
• If X is 20 bytes = 160 bits, then there are 2160 possible X’s– even at 1 trillion hashes/sec, it takes 1028 years to try them all
>> than the lifetime of the universe
X H(X)
EASY
HARD
![Page 29: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/29.jpg)
29
NOVOMODO Validation
VA generates a secret random 20-byte value X0
VA computes X1 = H(X0) X1
H
X364
X365
VA computes X364 = H(X363)H
H
VA computes X365 = H(X364)
...
VA computes X363 = H(X362) X363
H
H...
![Page 30: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/30.jpg)
30X0
X1
X364
...
X365
X363
H
H
H
H
H
secr
et
added to certificate
NOVOMODO Validation
![Page 31: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/31.jpg)
31X0
X1
...
X365
X363
H
H
H
H
H
X364
C =SIGCA(serial number,PKU, U, issue date, exp. date, , ...)
if C is valid the next day, VA reveals X364
if C is valid 1 day after next, VA reveals X363
if C is valid D days before expiration,VA reveals XD
Cost of validity proof to VA: table lookup
Cost of verification: a few hashes
X364
X363
C is valid on issue dateNOVOMODO Validation
![Page 32: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/32.jpg)
32
NOVOMODO Revocation
C =SIGCA(serial number,PKU, U, issue date, exp. date,
VA generates a secret random 20-byte value Y0
VA computes Y1 = H(Y0) H
To prove that C is revoked: reveal Y0
,.)
NOVOMODO: definitive, fast proofs of either validity or revocation!
Token
X0
X1
...
X363
H
H
H
H
H
X364X364
X363Y0
Y0
Y0
Y1X365 ,
![Page 33: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/33.jpg)
33
Separation of CA from VAC =SIGCA
, ...)
CA
Makes Cert
VA Manages the Cert
VA
(serial number,PKU, , issue date, exp. date,
X0
X1
X364
...
X363
H
H
H
H
H
X365
Authenticates User
RA
Only VA can release tokens! X100
Signs Cert
U
![Page 34: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/34.jpg)
34
(sn, PKU, U, i.d., e.d., , ,…, )
Multiple Privileges in One Cert
C =SIGCA
Z1
HA1
H
B1
H
...H
...H
...H
Z365
H
A365
H
B365
HZ364
HA364
H
B364
HZ363
HA363
H
B363
H
Z0B0A0 …
CA
VASecLev 1 SecLev 2 SecLev n
RA
A364
A362
B363
Validator releases the 20-byte proof for the right Sec Lev for that day KEEP SAME CERT!!
![Page 35: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/35.jpg)
35
(sn, PKU, U, i.d., e.d., , ,…, )
NOVOMODO: Independent Validators
C =SIGCAZ365A365 B365
Z1
Z364
...
Z363
H
H
H
H
H
A1
A364
...
A363
H
H
H
H
H
B1
B364
...
B363
H
H
H
H
H
Z0B0A0 …VA VB
VZ
CA
“Landlord” CA
Independent VAs:
Each VA manages
“own privileges”!
A364
Return
B363
Z364
Z271
![Page 36: Technology Overview for FPKI TWG May 2, 2002. 2NOVOMODO Inc. Agenda Company Introduction NOVOMODO Basics Advanced Features Application Examples Summary](https://reader036.vdocuments.us/reader036/viewer/2022062515/56649d2a5503460f949ffc23/html5/thumbnails/36.jpg)
OCSPOCSP
serial #
SubscriberE-BusinessRelying Party
Dig. Sig.
yes/noSK
***
SK
Secure Vaults(to protect secret signing key SK)
digital signature
costly to compute
costly to check
OC
SP
Single privilege
Doesn’t scale
Vaults vulnerable
Costly deployment
Return