Brian Tokuyoshi - Product Marketing Manager
The PGP® Universal Server delivers the administrative functions for the PGP Encryption Platform. It’s the console that’s used by our largest customers to keep tabs on their applications, enforce policy, and provide logging capabilities without having to deploy multiple consoles. PGP uses this platform, as well as 3rd parties who develop applications that support PGP Universal Server so that they do not have to write their own management console. While the administrative functions for PGP Universal Server are well understood, what’s not so commonly known is that PGP Universal Server’s flexibility for how enterprises manage keys and the different ways that it can be deployed to satisfy particular requirements.
One of the most critical issues to any encryption application is the location of the keys. In asymmetrical encryption such as used for encrypted email, it’s the location of the private key. Not every company is the same, and the security policies for one company wouldn’t necessarily work at another. There are design considerations with the private key location that affect whether or not an administrator can see the unencrypted content of the email, the extent of non-repudiation functionality available for a transaction conducted via email, and how to support the security functions in a smart card. For example, some companies deploy email encryption in a gateway configuration, so that email encryption/decryption happens at the server automatically. Deployed in this manner, the encryption keys (both the public and the private key) are also managed at the gateway and there’s no need to deploy any client software. PGP Universal Server supports this configuration through what’s called Server Key Mode.
For companies that want true end-to-end encryption, where encryption/decryption occurs on the user’s computer, PGP Universal Server supports a number of different modes. For true non-repudiation (with the email signature generated by the private key that only exists on the user’s machine), administrators can enable Client Key Mode that keeps the private key only on the user’s computer. It’s also the mode used for smart cards where the private key is generated on the smart chip and never leaves its protected environment.
When using Client Key Mode, the user is the sole owner of the private key, thus requiring the user to perform backup operations. Some enterprises prefer to use a more managed model when using end-to-end encryption, and that’s why PGP Universal Server also supports Guarded Key Mode and Server Client Key Mode. The former offers a way to use client-generated private keys and store an encrypted copy on the server, thus making recovery possible. The latter provides a way to do end-to-end encryption with a private key generated on the server and synchronize the key back to the client.
Of course, no matter what management mode is used, the real benefit is the broad interoperability with encrypted email on the web, because OpenPGP and X.509 are supported by businesses large & small, as well as by individuals. It doesn’t require the recipient to have their key on a PGP Universal Server, because email can be encrypted using keys published by another installation of PGP Universal Server, the PGP Global Directory, the MIT Key Server, or keys that are part of the circle of trust relationship. Compared to other solutions that require both the sender and the recipient to have their keys stored in the same place, it becomes clear that there are real advantages to choosing a solution that gives you flexibility to choose where the keys are stored for the keys you manage, and let the recipients manage their keys in the way they see fit without creating a lock in to one way or another. It’s why open standards exist in the first place.
This is just one of many topics related to key management and PGP technology, so if you’re interested in learning more, subscribe to the RSS feed and look forward to new articles to come.