In today's business world, cyber security is crucial for companies to thrive and adapt, especially in remote connectivity solutions like Ewon's. This article explores advanced cyber security concepts such as secrets, vaults, and key ceremonies. Join us as we break down these essentials for a strong cyber security posture.
Hardware based security raises the bar of confidentiality, authenticity, and integrity capabilities at a new level by immutably storing keys used in hardware root of trust, secure boot and code signing.
Three new challenges must be handled for strong cyber security measures:
Indeed, if these secrets are leaked, the entire solution falls.
First of all, the needed keys used by the device to operate must be created during the development phase. Best type of cryptography and keys size are selected according to the usage of each key. In a zero-trust security environment, the creation of these secrets cannot be entrusted to a human but are rather centrally created and stored in an electronic vault according to the specification chosen.
If this vault and the secrets it contains are so sensitive, how can we be sure that its configuration and access cannot be altered, and that the secrets have been produced in accordance with the chosen specifications? How can we be sure that the secrets have not been made visible for a single second before being locked in the safe? This is the purpose of a key ceremony.
In cryptography, the key ceremony is a session that oversees the modalities of generation and preservation of the secrecy of cryptographic objects.
In a key ceremony, a quorum of selected actors, let us call them "keys masters", have, jointly, the possibility to open the safe, change its configuration or its content. No single actor can do these operations without the help of the minimum threshold of keys masters. Indeed, you would not let the "key to the kingdom" to a single person.
A key ceremony follows a bullet proof scenario, has witnesses, and is documented. Secrets are created inside the vault and are never revealed publicly even to the keys masters. The smallest incident during a key ceremony (something not planned by the scenario) would lead to a doubt about the confidentiality or integrity of secrets. It therefore invalidates the whole ceremony, that must be restarted.
The vault tightly controls access to secrets and only identified processes or applications can request tokens, passwords, certificates, and encryption keys. It can also perform cryptographic operations.
As an example of kept secrets in the vault, we mentioned in a previous post that on the Cosy+, every firmware update was signed before being released. It is of the utmost importance to ensure that firmware updates are signed at Ewon before being publicly released and authenticated by the device before being installed.
We know that a signature process involves the usage of a private key. This private key is typically one of the secrets kept in our vaults and not know by anyone but that can be accessed by the firmware signature process. The device itself holds the public key used to confirm the signature.
Secrets generated during development phase must be implemented in the devices during manufacturing, while ensuring the chain of trust is not broken.
This is usually done by dedicated partners with strong security maturity and quality insurance whose task is to pre-provision secrets in the secured locations of the device. Once again, transmission of secrets from one secure safe to another one without exposing it at any moment is made through a key ceremony.
All the cryptographic security measures described above are meticulously implemented for Ewon Cosy+, the remote access gateway from HMS Networks. It is clearly one of the most robust cyber security solutions on the market.