Public Key Superstructure It’s PKI Jim, but not as we know it! 7 th Annual “IDtrust” Symposium 5 March 2008, Gaithersburg MD, USA Stephen Wilson Lockstep Consulting Pty Ltd

About Lockstep Consultants specialised in PKI, smartcards & privacy Developing novel de- identification and online safety solutions Consultants specialised in PKI, smartcards & privacy Developing novel de- identification and online safety solutions

About Lockstep Asia PKI Forum Gatekeeper Policy Committee Aust. Law Reform Commission Asia PKI Forum Gatekeeper Policy Committee Aust. Law Reform Commission

Historical PKI experience

The passport metaphor Non-descript applications –impossible for CAs to manage risk Stranger-to-stranger e-business –“It’s good to trust but it’s better not to” Novel TTP business models –Imposed incredible CPSs upon users Notion of a single identity –“Interoperability” = cross certification

“Cross-certification and policy mapping has been a rat hole that has sucked up vast amounts of energy better spent elsewhere” Anonymous, Feb 2008

“Fading PKI Market” June 2003 PKI thickets 1999 RSA Conference Identrus Verisign IPO 2008

PKI in practice Works best in closed communities –Automates transactions in context –This is a Good Thing Embedded keys & certificates Fits with identity plurality

PK Superstructure

CA as Security Printer Stock Exchange Listings Department Listed Company Achieve Listing Announcements Announcement Distribute bar code labels Security Printer Listing Rules Listing Rules Listing Rules Listing Rules Listing Rules Listing Rules Affix bar code Officer Fax OCR

Stock Exchange Listing Rules Listing Rules Listing Rules Listing Rules Listing Rules Listed Company Announcement Listing Rules Distribute certificates, keys Digitally sign CA Listings Department Announcements Message App Message App CA as Security Printer

Security printer implications Decouples registration from production Manages risks associated with registration & production separately No contract between Subscriber & CA No exposure of CPS to Subscriber Easier to novate CA service providers Accreditation not affected by new Policies

Context Health Organisation “Relationship Certificates” e-Prescription Patient name - - Med Dose Repeats Credentials Subject: Ext: Lic No. xyz Issuer: Health Org Policy OID: Public Key: Transaction User CertificateCA Certificate Signed: Dr Lic. xyz Health Org CA Subject: Validity: Issuer: Root CA Policy OID: Public Key: Signed: Health Root CA Signed: Health Org CA

“Relationship Certificates” Form of “Authorization PKI” Kill the holy cow of authentication being primary over authorization Preserves X.509 formats, software Not SPKI: no ‘primary’ ID certificate Not Attribute Certs: we can sign with cert Form of “Authorization PKI” Kill the holy cow of authentication being primary over authorization Preserves X.509 formats, software Not SPKI: no ‘primary’ ID certificate Not Attribute Certs: we can sign with cert

C. Vote Lockstep anonymous e-voting B. Register A. Background Roll Enrol to vote Smartcard distribution process Certificate Serial No. Poll Key Dig Sign Register smartcard CA Identify voter Generate key pair Install anon. certificate Certificate Serial No. Poll Key 2 1 Candidate 2 1 Dig Sign Signed ballot Candidate

Lockstep clinical study privacy Study sponsor Randomisation Logistics Collection Certificate Server (2) Enrol patient into study (3) Load pt smartcard with Stepwise anonymous ID Certificate Patient ID Study ID Key Dig Sign (1) Distribute investigator packs

(4) Patient presents for follow-up Tests (5) Investigations as per protocol Study sponsor Randomisation Logistics Collection Certificate Server Certificate Patient ID Study ID Key (6) De-identified secure follow up data, “sealed” with Stepwise ID Lockstep clinical study privacy

Discussion See also