|
The ProofMark system is based on ProofSpace's transient-key technology. The ProofMark system has been designed specifically to support high volume transaction situations, using public key cryptography in an innovative way to provide irrefutable proof of the “what, when, and who” of an electronic transaction or activity. (See appendix A—cryptography primer if you are unfamiliar with applied cryptography.)
The Server Installation & Configuration Guide contains the information you need to configure all aspects of the ProofMark system to meet the needs of your organization.
creating Intervals
Intervals are created by the ProofMark system to provide transient key pairs for encrypting data. Each Interval produces one key pair, with a private key that is available only for the duration of the Interval, and a public key, which is passed on to an archive tree. The archive tree provides the redundancy and ease of access.
In addition to creating the key pair, each Interval attests to the next Interval in the Interval chain. This chain of Intervals, each signed by the previous Interval, is used to provide verifiable proof for the ProofMark certificates produced by the ProofMark system.
Intervals exist for a pre-determined length of time (defined when you configure the system). At the end of each Interval, the private key is destroyed. The private key has existed only for the duration of the Interval, and has never been written to a storage device, increasing the security of the system.
A more complete definition of an Interval is included in the Core Concepts section of this document.
issuing ProofMark certificates
A ProofMark certificate is a signed XML (eXtensible Markup Language) document, created with the Interval’s private key.
ProofMark certificates contain the data to be certified (the “what”), a time stamp from a trusted time source (the “when”), and optionally the identity information of the parties involved (the “who”). A ProofMark certificate also includes the public key of the Interval used to create it and information about where to find an archive that can be used to verify the ProofMark certificate.
verifying ProofMark certificates
A ProofMark Verification Report is issued by a ProofMark server in response to receiving a request for verification of a ProofMark certificate. There are multiple levels of verification available. These levels range from confirming that the data in the ProofMark certificate has not been tampered with (a consistency check) through a recursive validation of the Interval chain used to sign the ProofMark certificate, to checking a log for record of the creation of the ProofMark certificate being verified.
Intervals and transient-key technology
The use of transient-key technology removes the necessity of long-term protection of the private key in a public/private key pair. The private key is used for some relatively short period of time (an Interval) to generate signatures, and is then destroyed. The use of cross-certification across multiple servers provides a widely witnessed and distributed proof model that attests to the integrity of the ProofMark certificates created during the Intervals. By using transient-key technology:
- The private key exists only for a short period of time (the duration of the Interval)
- The private key is never stored on disk, transmitted over a network, or distributed or backed up in any way
- If a supported Hardware Security Module (HSM) or crypto-processor board is used, the key pair will be generated by the board and never given to the server application at all (instead, the key pair is kept in protected storage inside the crypto-processor for use in generating signatures, and then the private key is destroyed when no longer needed)
Because the private key exists in only one place and for a very short period of time, the risk of someone stealing the private key is minimal.
To strengthen the integrity of the transient key pairs, they are chained together and then cross-chained across other servers. This creates a widely witnessed web of key signatures and cross-key signatures, eliminating a single server as a point of attack. To steal the private key of an Interval would require access to all of the servers cross-certifying the Interval.
additional safeguards
The ProofMark server’s transient-key technology provides the means to issue cryptographically secure ProofMark certificates. Other security measures included in the ProofMark system further strengthen its integrity.
|
