Kaizar
Páginas: 16 (3860 palabras)
Publicado: 15 de mayo de 2012
Keyczar: A Cryptographic Toolkit
Arkajit Dey1 and Stephen Weis2
1
Massachusetts Institute of Technology, Cambridge, MA, USA 02139 2 Google Inc., Mountain View, CA, USA 94043
Abstract. Keyczar’s goal is to make it easier for application developers to safely use cryptography. Keyczar defaults to safe algorithms, key lengths, and modes, and prevents developers from inadvertently exposing keymaterial. It uses a simple, extensible key versioning system that allows developers to easily rotate and retire keys.
1
Introduction and Philosophy
The motivation for Keyczar grew out of a need to make cryptography easier to use for developers. Developers improperly using cryptography can create serious security vulnerabilities. For instance, developers may use obsolete algorithms, weakkey lengths, improper cipher modes, or unsafely compose cryptographic operations. Another common developer mistake is to fail to provision for key rotation or even to hard-code keys in source code. Keyczar’s goal is to address these issues by providing a simple application programming interface (API) for developers that handles basic cryptographic details. Keyczar also provides a simple keyversioning and management system based on directories of human-readable flat files, which will be refered to as keysets. More information about Keyczar is available from http://keyczar.org.
2
Using KeyczarTool
All Keyczar keys are generated with the stand-alone KeyczarTool utility. Two implementations of KeyczarTool are available under org.keyczar.KeyczarTool in Java and keyczar.keyczart inPython.
2.1
KeyczarTool create
KeyczarTool must first create a new keyset using the create command. A newly created keyset will initially contain just a metadata file, described in section 5.2. KeyczarTool create requires location and purpose command-line flags that specify the location of the key set and its purpose. Valid purposes are currently crypt and sign. The create command may also takean optional name flag to give a newly created keyset a name. If the asymmetric flag is specified, the newly created set will contain asymmetric keys of the specified algorithm. Currently DSA is supported for keysets with a sign purpose. RSA is supported for both crypting and signing keysets. Some example create commands: • Create a symmetric signing (HMAC) keyset: KeyczarTool create--location=/path/to/keyset --purpose=sign • Create a symmetric crypting (AES) keyset named “Test”: KeyczarTool create --location=/path/to/keyset --purpose=crypt --name=Test • Create an asymmetric signing (DSA) keyset: KeyczarTool create --location=/path/to/keyset --purpose=sign --asymmetric=dsa
2.2
KeyczarTool addkey
All Keyczar keys are created using the addkey command. This command requires a keysetlocation flag and may optionally have status, crypter and size flags. Section 5.1 describes the meaning of the status values, but briefly they are primary, active, and inactive. The default status is active. User-specified key sizes are supported, although it is recommended that only default or larger key sizes are used. The addkey command will create a new file in the keyset directory with an integerversion number that is one greater than the currently largest version. Version numbers start from 1 and are described in Section 5.3. For example, if the current keyset contains the key file 1, a new key version will be created in the file 2. Some example addkey commands: • Create a new KeyczarTool • Create a new KeyczarTool primary key: addkey --location=/path/to/keyset --status=primary active key:addkey --location=/path/to/keyset
Keyczar supports encrypted keysets. The crypter flag may be used to encrypt a key set when adding a new key. It will specify the location of an existing keyset which will be used to encrypt a newly generated key: • Create a new active key and encrypt it with another keyset: KeyczarTool addkey --location=/path/to/keyset --crypter=/path/to/crypting/keys
2.3...
Arkajit Dey1 and Stephen Weis2
1
Massachusetts Institute of Technology, Cambridge, MA, USA 02139 2 Google Inc., Mountain View, CA, USA 94043
Abstract. Keyczar’s goal is to make it easier for application developers to safely use cryptography. Keyczar defaults to safe algorithms, key lengths, and modes, and prevents developers from inadvertently exposing keymaterial. It uses a simple, extensible key versioning system that allows developers to easily rotate and retire keys.
1
Introduction and Philosophy
The motivation for Keyczar grew out of a need to make cryptography easier to use for developers. Developers improperly using cryptography can create serious security vulnerabilities. For instance, developers may use obsolete algorithms, weakkey lengths, improper cipher modes, or unsafely compose cryptographic operations. Another common developer mistake is to fail to provision for key rotation or even to hard-code keys in source code. Keyczar’s goal is to address these issues by providing a simple application programming interface (API) for developers that handles basic cryptographic details. Keyczar also provides a simple keyversioning and management system based on directories of human-readable flat files, which will be refered to as keysets. More information about Keyczar is available from http://keyczar.org.
2
Using KeyczarTool
All Keyczar keys are generated with the stand-alone KeyczarTool utility. Two implementations of KeyczarTool are available under org.keyczar.KeyczarTool in Java and keyczar.keyczart inPython.
2.1
KeyczarTool create
KeyczarTool must first create a new keyset using the create command. A newly created keyset will initially contain just a metadata file, described in section 5.2. KeyczarTool create requires location and purpose command-line flags that specify the location of the key set and its purpose. Valid purposes are currently crypt and sign. The create command may also takean optional name flag to give a newly created keyset a name. If the asymmetric flag is specified, the newly created set will contain asymmetric keys of the specified algorithm. Currently DSA is supported for keysets with a sign purpose. RSA is supported for both crypting and signing keysets. Some example create commands: • Create a symmetric signing (HMAC) keyset: KeyczarTool create--location=/path/to/keyset --purpose=sign • Create a symmetric crypting (AES) keyset named “Test”: KeyczarTool create --location=/path/to/keyset --purpose=crypt --name=Test • Create an asymmetric signing (DSA) keyset: KeyczarTool create --location=/path/to/keyset --purpose=sign --asymmetric=dsa
2.2
KeyczarTool addkey
All Keyczar keys are created using the addkey command. This command requires a keysetlocation flag and may optionally have status, crypter and size flags. Section 5.1 describes the meaning of the status values, but briefly they are primary, active, and inactive. The default status is active. User-specified key sizes are supported, although it is recommended that only default or larger key sizes are used. The addkey command will create a new file in the keyset directory with an integerversion number that is one greater than the currently largest version. Version numbers start from 1 and are described in Section 5.3. For example, if the current keyset contains the key file 1, a new key version will be created in the file 2. Some example addkey commands: • Create a new KeyczarTool • Create a new KeyczarTool primary key: addkey --location=/path/to/keyset --status=primary active key:addkey --location=/path/to/keyset
Keyczar supports encrypted keysets. The crypter flag may be used to encrypt a key set when adding a new key. It will specify the location of an existing keyset which will be used to encrypt a newly generated key: • Create a new active key and encrypt it with another keyset: KeyczarTool addkey --location=/path/to/keyset --crypter=/path/to/crypting/keys
2.3...
Leer documento completo
Regístrate para leer el documento completo.