You are developing a client/server-based application in which the client shall communicate with the server through a trusted channel supported by symmetric encryption. Secret keys shall be generated and changed periodically to secure communication. Which of the following is the best design to generate secret keys in terms of scalability and the work factor? (Source: Wentz QOTD)
A. The client using a pseudorandom number generator (PRNG)
B. The client employing the onboard crypto processor
C. The server invoking the operating system’s API
D. The server utilizing the hardware security module
Kindly be reminded that the suggested answer is for your reference only. It doesn’t matter whether you have the right or wrong answer. What really matters is your reasoning process and justifications.
My suggested answer is B. The client employing the onboard cryptoprocessor.
It improves scalability when the client generates keys to offload the server. A hardware-based key generation solution provides a stronger work factor than a software-based one.
Implementation concerns are not considered in this question. In practice, not every client has the required hardware, but the question is asking about the best design. If you can justify your answer in terms of implementation constraints, cost/benefit, and any other concerns, I think you have the right answer no matter you choose hardware- or software-based key generation solution.
The number of clients or requests a system can serve is one of the best measures for scalability. One of the advantages of the client/server architecture is the distribution of workload between clients and the server, compared with the mainframe with dumb terminals that assumes all the computation work.
If the server assumes more work, it may become the bottleneck and hinder the scalability. It improves scalability to shift the workload from the server to clients. The key generation consumes computing resources. Even though both clients or the server can generate keys technically, it’s not a good design to employ a centralized approach for the server to do so if scalability is a concern. As a result, it addresses the concern of scalability that clients generate secret keys and offload the server.
Strategies, such as “stateless” or “fire-and-forget” are common to release the workload of the server.
The work factor of the secret key depends on the unpredictability, which implies randomness and uniqueness. A secret key is typically calculated or derived from the random number. If the random number is not truly random, it’s more predictable.
A random number generator (RNG), as its name suggests, generates random numbers. Hardware-based RNG can be close to being truly random. TPM (Trusted Platform Module) and HSM (Hardware Security Module) are hardware-based solutions.
A pseudorandom number generator (PRNG) is not a real RNG. It’s a “pseudo” RNG, typically a software-based solution. It generates random numbers but not truly random.
The operating system (OS) provides service to applications through a predefined specification, contract, or the so-called API (Application Programming Interface). The OS provides the key generation services to applications as well, but it may generate random numbers based on RNG or PRNG. It depends on the hardware and software configuration and context in which an application resides.
- Crypto Processors
- Secure cryptoprocessor
- Pseudo Random Number Generator (PRNG)
- Trusted Platform Module
- Hardware security module
- TLS Security 5: Establishing a TLS Connection
- Transport Layer Security (TLS)
- TLS Handshake : Under The Hood
您正在開發一個主從架構的應用程式，其中客戶端應通過對稱加密支持的可信通道與伺服器進行通訊。 密鑰應定期生成和更改，以確保通信安全。 從規模度及破密工作因子的角度來看，以下哪項是產生密鑰的最佳設計？
A BLUEPRINT FOR YOUR SUCCESS IN CISSP
My new book, The Effective CISSP: Security and Risk Management, helps CISSP aspirants build a solid conceptual security model. It is not only a tutorial for information security but also a study guide for the CISSP exam and informative reference for security professionals.
- It is available on Amazon.
- Readers from countries or regions not supported by Amazon can get your copy from the author’s web site.