Integrating n-of-m threshold scheme
andreas.schwier.ml at cardcontact.de
Sat Sep 5 19:47:37 CEST 2015
as an alternative authentication mechanism for access to sensitive keys,
we've implemented a public key authentication mechanism with an n-of-m
threshold scheme for the SmartCard-HSM.
Now I'm looking for ideas how this scheme could be integrated with
scdaemon. As of today scdaemon supports an user PIN for authentication
towards a SmartCard-HSM.
Public key authentication uses a challenge response mechanism where the
user seeking access signs a challenge generated by the target device
with a private key on his own device. If access to the device is shared,
multiple user must authenticate in order to enable access to keys. In
the n-of-m threshold scheme, m keys are configured for authentication,
while at least n keys must authenticate for access. Main purpose of the
scheme is to ensure better control over very sensitive keys on the device.
One idea is to provide an additional set of commands in scdaemon that
allow a secondary application to perform authentication. The other idea
is to provide a separate tool like pinentry that performs the
authentication steps. Ideally the scheme should allow remote
authentication, e.g. where key custodians can connect over the Internet
to authenticate toward the device.
--------- CardContact Software & System Consulting
|.##> <##.| Andreas Schwier
|# #| Schülerweg 38
|# #| 32429 Minden, Germany
|'##> <##'| Phone +49 571 56149
More information about the Gnupg-devel