"We are very pleased with the way the products work - the integration of the Entrust software with the nCipher hardware went off without a hitch with the help of one employee from each vendor - just install them and they run."

Download in PDF »

German full-service IT provider is:energy develops group-wide security concepts using nShield from nCipher

E.ON Energie, the German-based utility company, has completed the installation and commissioning of a new PKI (public key infrastructure) to protect sensitive data and internal communications. At the heart of the system is nCipher’s nShield™ hardware security module (HSM) that protects the vital cryptographic keys used to authenticate users, in a secure tamper-resistant environment.

The new PKI project resulted from the mergers of VIAG and VEBA and their subsidiaries Bayernwerk and PreussenELEKTRA to form E.ON and E.ON Energie respectively. The PKI system is managed by is:energy – a joint-venture of E.ON Energie and Cap Gemini Ernst & Young. As a fullservice IT provider with around 1,100 employees, is:energy primarily offers consultation to the companies of the E.ON Energie group, but it also works with municipal utility companies and regional power companies outside of the group.

The declared aim of the Authentication project was to replace the "CA Bayernwerk“ with a new certification authority named "CA Trust4E“ using current hardware and software versions suitable for future expansions of its usage.

The original security concept

"Encryption, authentication and digital signatures are becoming increasingly important for many business procedures and processes. Only a PKI can meet these demands efficiently", says Christian Müller, head of ‘Competence Center Security’ at is:energy An intensive examination of the topics of security, access rights and authentication had already begun back in 1998/1999 with the establishment of the intranet of the former Bayernwerk. During this time the first group-wide platform was set up, over which all connected companies could communicate with each other. But not all of the information stored on the intranet could be made available to all 14,000 users because the wide area network (WAN) of the Bayernwerk group included companies that are in direct competition with one another. It was therefore necessary to implement some form of access control.

"Even then, a PKI offered the most effective solution here. The one-time registration with the certificate database of the internet browser not only made it possible to identify the user clearly, it also enabled a type of 'singlesign-on'. The password is entered only once, and then registration takes place automatically in all systems. Up to now, only Web servers with static content have supported such a 'single sign-on' - but in the future, this should also be true for the application servers that are yet to be established (the technical prerequisites already exist) and for all other applications which support certificates in connection with the Web browser," says Müller.

is:energy supports the authentication concept

The authentication project at E.ON Energie lasted nearly a year and successfully concluded in May 2002, when the Certificate Authority (CA) software had been upgraded to Entrust/Authority version 6 running on a Sun E220R machine. „CA Trust4E“ was born.

"A CA has a certificate with which it signs the user certificates it issues, these are then used to identify legitimate system users. The private key belonging to this certificate must be specially protected, because if this key were to be compromised, certificates could be forged and confidence in the Trust Center would be lost," says Müller, describing the situation.

The private key of a CA can be generated in the CA software and then stored in the CA database. However, it must be ensured that the key cannot be copied when it is generated and stored in the CA. A certain degree of residual risk can never be ruled out but a significantly more secure method, on the other hand, is to generate and manage the keys in a Hardware Security Module (HSM). This is a special hardware component that has been developed for use in security-sensitive environments. An HSM can be connected to a CA computer either via product-specific interfaces or standard interfaces (such as SCSI). The protocol used between the CA and the HSM is called "PKCS#11". This standard describes the way in which keys are generated or deleted and how data to be signed or encrypted is exchanged with the security module. It is important that the keys are never stored as plaintext, but rather in tamperproof hardware specially designed for this purpose.

"In order to remain future-proof when putting the newly established CA to further use - for certificates for e-mail and data encryption, or for digital signatures, for example - and to increase the security standard of the CA accordingly, the root key of the new 'CA Trust4E' had to be protected by an HSM," said the is:energy consultants from the authentication project, summing up the situation.

The HSM selection process

The decisive questions in the selection of an HSM for the Trust4E CA were: Does the HSM meet current security standards, such as FIPS, ITSEC or Common Criteria? Are standard interfaces (PKCS#11), standard hash, signature and encryption algorithms, key rollovers and recovery and high-availability solutions supported? Does an k-out-of-n selection exist - that is, is it possible to require multiple administrators to act together to perform particularly security sensitive operations as a way of avoiding having to place all trust in a single person? What is the overall system performance and therefore capacity (number of certificate issued or verified per second) and, last but not least: how cost-effective is it?

"There were originally six products in the running, although four were ruled out rather quickly because they did not adequately support the more recent Entrust software. Ultimately, the decision between the two remaining providers fell in favour of nCipher's nShield F3 SCSI on the basis of performance, price and flexibility of the underlying architecture and management capabilities," summarizes Müller.

is:energy selects nShield from nCipher

The HSM being used ensures the secure management of sensitive key data from E.ON Energie so certificates are more trustworthy and therefore signatures and encryption such as email are more secure and offers a powerful processing function which provides the capability to issue up to 150 certificates per second, a twenty-fold increase over the typical performance of servers performing these functions purely in software. To provide this enhanced level of security, it is important to protect against physical attacks, attempts to steal the secret keys by actually breaking into the device and probing the internal components. To achieve this, the electronic components of nShield are coated in a special epoxy resin, and the external casing is made of tamper-resistant tempered steel and is additionally protected by holographic seals that visually indicate that the device has been attacked. With this level of protection, it is practically impossible to successfully attack the device within a reasonable period of time. As stipulated, nShield meets the FIPS 140-1 Level 3 security standard (Federal Information Processing Standard), which, among other things, is mandatory for security-critical applications in the financial services sector, for certificate authorities and for certain government institutions. The FIPS standard not only defines the physical security requirements of HSMs but also the logical security requirements. These logical requirements describe the measures that protect against electronic attacks, often referred to as hacking, where the equipment is never touched by the attacker. In the case of electronic systems, and in particular computer based systems, it is often possible to corrupt operating system software (for example with viruses), circumvent service and administration procedures to access secret or confidential information. This threat directly relates to cryptographic keys which, in this CA application, if stolen have the potential to compromise the security of the entire network.

nShield has a highly secure software architecture and provides a number of capabilities to help ensure that, even as hacking tools become more sophisticated, illegitimate access to the device is prevented and that the keys remain safe. As such, nShield is particularly suited to the establishment of an infrastructure in security-critical areas and can be securely managed through the KeySafeTM key management user interface. The user-friendly graphic interface of KeySafe guides administrators through the entire key management life cycle.

The integration of the HSM

At E.ON Energie, one 'nShield F3 SCSI' HSM works in the production system of the Trust4E CA. At the start of 2002, the installation and commissioning of the nCipher module together with the Entrust/Authority software on a Sun E220R server running Solaris 8 utilising a local DLT tape drive for backup purposes was successfully concluded. For testing/development purposes a Sun Blade 100 system with identical software installation and a nCipher nForce 150 PCI card is used. "We are very pleased with the way the products work - the integration of the Entrust software with the nCipher hardware went off without a hitch with the help of one employee from each vendor - just install them and they run," says Müller happily. The devices are managed internally in day-to-day operations, but external support is called in if necessary. "The support from nCipher over e-mail is exemplary in its speed and competence. A Germanspeaking specialist is also available if necessary. So far, the cooperation with nCipher has been outstanding and to our complete and utter satisfaction," Christian Müller says.

The next steps

Now that the foundation for a comprehensive PKI solution has been laid with the establishment of the Trust4E CA for authentication of employees on the E.ON Energie intranet, it is time to expand the Trust4E Trust Center to cover the issuing of certificates for encrypting and signing data. Planning for this expansion of the E.ON Energie system to enable a wider scope of capabilities for users is now well underway.

is:energy GmbH
Information Services for the Energy Industry

is:energy is the leading full IT service provider for the energy industry in Germany. A joint -venture of E.ON Energie and Cap Gemini Enst & Young, is:energy has approximately 1,000 employees in Germany serving more than 70 utilities. The company has an international presence with an office in Vienna, Austria, and national affiliates in Hungary and the Czech Republic. The range of services offered by is:energy includes strategic consulting, the development, implementation, customization and operation of IT solutions and on-site user support at the workplace.