1. Introduction

The Fisherman Key Management Center System is a well-functioning, stable and reliable key management infrastructure product independently developed by Shandong Fisherman Information Technology Co., Ltd., which complies with the “Certificate Certification System Cryptography and Related Security Technical Specifications”,” certificate authentication system cryptographic protocol specification”, and other relevant technical specification issued by the State Cryptography Administration.

The Fisherman Key Management Center System consists of two major modules: key service model and system management model. It provides full lifecycle management, such as asymmetric key pair and symmetric key generation, storage, protection, distribution, log out, archiving and recovery. It also supports key recovery, key management auditing, and system access control functions. It supports SM2 key pair and RSA key pair. The product adopts JAVA language development, B/S architecture, has good platform compatibility and it is easy to operate. It supports AIX, Solaris, HP Unix, Linux, Windows, and other mainstream operating platforms, supports domestic Jincang, Nanda database and Oracle, MSSQL SQL Server and other mainstream databases. It can be widely used in the construction of key management systems in e-government and e-commerce fields such as administration, finance, telecommunications, electric power, and enterprise groups.

Commercial cryptographic product model: SYT1107.

2.Features:

The system implemented the generation, storage, protection, distribution, log out, archiving and recovery of asymmetric key pairs and symmetric keys, as well as authorization and verification of key applications, recovery of archive keys, auditing and tracking of key management, key management system access control, and other functions. Effectively improved the security, effectiveness, and confidentiality of the key management system.

3. Features:

The system from the underlying cryptographic equipment to the upper layer software is developed independently by Fisherman, it has good overall compatibility and high stability.

It is completely based on PKI standard, conforms to the national cryptographic management policy, and compliant with the international standards.

It supports RSA and SM2 key pair management;

Supports the escrow and management of the user's encryption key.

The management interface is based on the B/S structure and uses the http secure remote management mechanism for secure login.

Supports fast audit and can quickly locate the illegal operation of modifying and deleting logs.

The communication channel of the Certificate Authority (CA) adopts a secure encrypted channel based on the national cryptographic algorithm, and uses the digital certificate as the unique identifier for both sides of the communication, ensuring the integrity and confidentiality of the communication data;

4.product value

Implemented the management of CA system keys and provide key-related support for user CA systems

Solve key management difficulty problem for users and improve the efficiency of user services

5.KMC Key Management System Security Design

The key management system should apply the following principles:

Meet the principles of standardization and modular design.

There should be relatively no connection between the function modules, and each function should be implemented by a secure connection between the modules.

Communication between modules should be achieved through a secure communication protocol based on an authentication mechanism

The cryptographic operations used by each module must be implemented in the cryptographic device.

The audit logs obtained by each module must be transmitted and stored in a unified format.

The system must have access control.

The system must fully consider the security of the system itself while achieving the key management function.

systems should be able to provide key management services for multiple CAs. When a plurality of CA keys is served, the superior CA should issue a certificate for the key management system.

Key generation module

The module should have the following features

The module should be capable of generating asymmetric keys and saving them in an alternate keystore. The module should be able to automatically replenish the key when the number of keys in the alternate keystore is insufficient.

This module should be capable of generating symmetric keys

The module should be able to generate random numbers

Key management model

The module should have the following features

The module should be able to receive and audit the CA's key request.

The module should have the privilege to call the key pairs in the alternate keystore.

This module should be able to send key pairs to CA.

The module should be able to process the key pair in the called alternate keystore and transfer the alternate key pair to the in-use keystore.

The module should be able to periodically check the key in the in-use keystore and transfer the expired or revoked key to the historical keystore.

The module should be able to manage the keys in the historical keystore and move the keys that have passed the retention period to the specified carrier.

The module should be able to receive and review applications for recovery keys and process them in accordance with security policies.

This module should be capable of certifying the operation of the system and the person performing the operation.

Keystore management module

The keystore management module is used to store the management key, based on the different key storage state, the keystore management module consists of alternate keystore, in-use keystore, and history keystore. The key data in the keystore must be encrypted.

alternate keystore

The key pairs stored in the alternate keystore is the key pairs to be used. The key generation module first generates a batch of key pairs and stores them in the alternate keystore. When the CA requests the key, the alternate keystore promptly calls out the key and sends it to the CA and then transfers it to the in-use Keystore.

The alternate keystore should store a certain number of standby key pairs. The number of keys stored in the keystore should be determined by the number of users in the system. If it is less than the specified minimum number, then the key pairs in the keystore should be automatically added to the specified number.

in-use keystore

What is stored in the in-use keystore is the key pair currently in use. The key data in the keystore includes the serial number of the user certificate, ID number and valid time.

Historical keystore

Historical keystore contains the expired or revoked key pairs. The key data in the history keystore contains the serial number of the user certificate, the ID number, valid time, and the invalidation time.

Authentication management module

Authentication management module should be capable of certifying the operation of the system and the person performing the operation.

Security audit module

The security audit module should be able to check the statistics of events such as event records, analysis data, and application keys for each functional module. The audit features mainly include: running event records, server status records, and important system policy settings. Audit records should be unable to be modified.

Key recovery module

The key recovery module can recover the user's encrypted private key for users and the judicial department. The private key should be securely downloaded to the key carrier.

Key recovery for users

The user requests a key recovery through the RA. After the application is reviewed, the CA issues a key recovery request, and the restored user's key is returned to the RA by the CA, and then it should be downloaded to the user’s certificate carrier.

Key recovery for judicial forensic purpose

The judicial forensic officer needs to go to KMC to apply for the key recovery for the purpose of judicial forensics. KMC should first authenticate the identity of the forensic personnel. After the certification, the recovery module recovers the key and then downloads it to a specific carrier.

Cryptographic Service Module

The cryptographic service module provides cryptographic support to business units of the key management system.

The module is configured with asymmetric key cryptography algorithms, symmetric key cryptographic algorithms, and data digest algorithms. All of these algorithms are approved by the cryptographic authority.

The cryptographic algorithm must be run in a hardware cryptographic device.

Audit Model

The KMC key management system contains a log audit module, which has full audit function and event audit function. The auditor can periodically transfer the audit records and create a statistical analysis form. Audit data can be processed but cannot be modified.

The main contents of the log record are: operator name, operation item, start and end time, certificate serial number and operation result.

The main contents of log management include:

Log parameter settings. Set the maximum size of the log to save and the directory to back up.

Log query. Mainly to query the operating events information of the operator and the certification body.

Log backup. When the saved log reaches the maximum size of the parameter settings, the existing log need to be backed up.

Log processing. Classify the normal business traffic and various types of events that are logged.

Evidence management. Audit, statistics and record evidence data.