Be careful where you leave your keys


The internet now has 1.07 billion users worldwide and more people buy online than ever before. But this growth in ecommerce has also created a fertile environment for fraud and security threats.

The stakes for online shopping are high. In 2005, 84 percent of respondents to a Forrester Research study said they don't think retailers are doing enough to protect their customers online and 24 percent did not make purchases online due to security concerns.

As a direct response to these concerns and rise in internet fraud, the latest generation of browsers have been developed to provide added security features. They are designed to give users confidence that a site is legitimate and is deploying strong enough encryption to protect their private information. These new browsers include Firefox, Opera and the biggest of them all, Microsoft Internet Explorer 7.0, currently in beta and due to be shipped at the end of the year.

A central feature of these browsers is the added prominence given to a new class of SSL Certificates. These High Assurance SSL Certificates visually distinguish sites that have been subject to a more rigorous identity validation process. For example, if you use Internet Explorer 7.0 to access a website secured with an SSL Certificate that meets the High Assurance Standard, the URL window will turn from white to green. Whereas known fraudulent sites will display a red or pink address bar. To qualify for a High Assurance SSL Certificate, an organization has to go through a validation process established by the CA/Browser Forum - a group of leading Certificate Authorities and browser vendors along with the American Bar Association Information Security Committee.

This procedure is a good first step and will help to establish a tangible security benchmark that will allow these additional security measures to be used as a differentiator and not just as an insurance policy. But validating an organization's identity is only half the battle. Once a site has been approved, to carry the High Assurance Certificate it will need to take even tougher measures to ensure that no-one can steal it. As users place more trust in the new credential any suggestion that someone could be impersonating the legitimate web site or be eavesdropping on ‘secure' traffic could have disastrous implications on brand and customer perception. After all if you're going to make claims about having superior security you'd better be able to back them up. Failure to understand this could easily result in these new browser facilities actually providing a false sense of security?

In reality, stringent checks behind the High Assurance Standard are potentially meaningless if the organization does not also protect the cryptographic keys around which the certificate is constructed. These credentials are the foundation stones of SSL security. Of the two keys associated will each SSL certificate one is publicly available and need not be protected. However, if an attacker manages to steal the certificate's corresponding private or secret key, then - even with the new generation of secure browsers - they can effectively reuse that certificate to create a spoof of the original site and the private key to decrypt any traffic to or from the original site.

Most sites still generate and store their cryptographic keys in software making them vulnerable to attack. A quick scan of the memory will easily identify where they are. The most effective means of protecting private keys is to store and process them in a secure hardware device known as a Hardware Security Module or HSM.

The author is a vice president of marketing at nCipher.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.