Table of Contents
Encrypting sensible data with PGP
OOBD Team | S. Koehler |
Request for Comments:4 | |
Obsoletes: - | |
Category: Draft Standard | Jan 2013 |
Status of this Memo
This memo provides information about how PGP data encryption is implemented in OOBD. Distribution of this memo is unlimited.
Copyright Notice
Copyright (C) OOBD Team (2013). All Rights Reserved.
Introduction
This memo describes only the technical implementation, but it's not a introduction into PGP or into data encryption as such. For more information see the reference list
Concept
PGP is a popular and well proven system to en- and decrypt data. But use it in its normal setup, means encrypting by the originator (script developer) direct to the end user would give some disadvantages:
- Each developer would need to know each user and his user rights
- To encrypt each data file for each user separately would end up which a huge number of files (scripts x users) which would need to be maintained
- All users would need be me supplied with their files separately
To surround these limitations, OOBD uses a different approach:
- It encrypts the data not per user, but per “Usage Group” instead
- A central authority controls, which user has access to which usage group
The Three Roles in OOBD
The OOBD security concept distinguish between three different roles:
- The User: The user is one out of the many users, who want to use the OOBD files
- The Developer: The developer provides the encrypted data files
- The Key Master: The key master controls, which user is authorized to access which data
The Usage Groups
Each data file belongs to one usage group. This is realized practically by the directories in the script repository, in which the files are located, where the directory name represents the usage group
Initial Setup
User Setup
- The user generates with any PGP tool his personal key pair.
- Then he imports his secret key into his OOBD installation and sent his public key to the key master.
Key Master Initial Setup
- The key master generates a key pair for each usage group with a application specific secret pass phrase
- He provides the developers with the public key ring of the usage groups.
Key Master User Setup
For each user:
- for all user groups the user is authorized to, the key master extract the usage group secret keys into a single key ring file
- then he encrypts this key ring file with the users public key and sent it to the user
- the user than import this group file into his OOBD application
File encryption
- Files are encrypted by the developers
- The directory in which the file is in defines the usage group
- the file is encrypted with the public key of the associated usage group
File Usage (=Decryption)
When the user is going to use a file, the following process happens inside the application
- The file containing the usage groups secret keys is opened using the users secret key and his pass phrase
- Then the file to use is opened with the usage group secret key (which was made accessible in step 1) and the application specific pass phrase.
Implementation Details
Security Considerations
This RFC raises security issues. It's need to make sure that the secret key files and expecially both passphases are protected against unauthorized access and reverse engineering.
References
- What is PGP?
- Presentation about the Concept: OOBD Data Security
- The data handling, explained in a small movie: Das Datensicherheits- Konzept in OOBD
Authors' Addresses
Steffen Koehler
Phone: +49 172 410 35 98
EMail:steffen@koehlers.de
Appendix
Full Copyright Statement
Copyright (C) OOBD Team (2012). All Rights Reserved.
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the OOBD Team organizations, except as needed for the purpose of developing standards in which case the procedures for copyrights defined in the Standards process must be followed, or as required to translate it into languages other than English.
The limited permissions granted above are perpetual and will not be revoked by the OOBD Team or its successors or assigns.
This document and the information contained herein is provided on an “AS IS” basis and THE OOBD TEAM DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.“ Relation to other RFCs
Updates
Obsoletes
Obsoleted-by
Updated-by
Contact
Distribution Lists
The OOBD-RFC announcements are distributed via the oobd-commit-messages@googlegroups.com mailing list.
To join (or quit) the list goto https://groups.google.com/forum/?hl=de&fromgroups=#!forum/oobd-commit-messages