Manualshelf

HP-UX Trusted Computing Services A.02.00 Administrator's Guide

ManualsBrandsHP ManualsSoftwareHP-UX Trusted Computing Services (TCS) Software
61626364656667686970
7 Protecting EVFS Keys with TCS
This chapter describes how to use TCS to protect HP-UX Encrypted Volume and File System
(EVFS) private keys. This chapter addresses the following topics:
“Overview” (page 61)
“Configuring EVFS to Use TCS ” (page 62)
“Backing Up and Migrating Keys” (page 64)
“Configuring EVFS with TCS for Serviceguard Clusters” (page 64)
Overview
You can use TCS to protect EVFS private keys. EVFS private keys are required to enable and
decrypt data stored in EVFS volumes and are passphrase protected by default. Using TCS to
protect EVFS private keys provides the following benefits:
Hardware-based encryption for EVFS private keys.
EVFS private keys are required to enable EVFS volumes and decrypt data stored in EVFS
volumes, and are passphrase protected by default. Protecting EVFS private keys with TCS
increases EVFS security by requiring administrators to have physical access to the TPM to
use EVFS private keys, in addition to EVFS passphrase information.
Transparent usage for EVFS administrators.
There is no change to the EVFS user interface, and a passphrase is still required to access
the EVFS private key.
CAUTION: EVFS v1.0 does not support the use of multiple key protection mechanisms
simultaneously. If you configure EVFS v1.0 for TCS protection, the default EVFS software key
protection is disabled, making any existing EVFS software keys unusable.
TCS Protection for EVFS Keys
EVFS encrypts volume data with symmetric keys, referred to as volume encryption keys. EVFS
creates a volume encryption key for each EVFS volume and stores it with the volume. To keep
the volume encryption key secret, EVFS encrypts it with a private key of an asymmetric key pair.
When TCS is not used with EVFS, EVFS protects the private key using a password-based
encryption (PBE) mechanism, where it uses a user-entered password or passphrase to encrypt
and decrypt the private key.
When TCS is used with EVFS, there is no change to the EVFS user interface; a passphrase is still
required to access the EVFS private key. When a user creates an EVFS user key with the evfspkey
command, the user establishes a passphrase as he would when using EVFS without TCS, and
EVFS creates an asymmetric key pair. However, instead of using the passphrase directly, EVFS
forwards the passphrase and the private key in cleartext to TCS. TCS creates a TCS EVFS
asymmetric key pair and binds the EVFS private key to the TCS EVFS private key using the
passphrase as authorization data. TCS returns the encrypted EVFS private key to EVFS. EVFS
stores the encrypted EVFS private key the EVFS key hierarchy using the same naming convention
that it would for a private key file. (By default, this is
/etc/evfs/pkey/user_name/key_name.priv.)
The relationship between EVFS keys and TPM is illustrated in Figure 7-1.
Overview 61