A Vulnerability Assessment of Roaming Soft Certificate PKI Solutions

In the past two or three years most major PKI technology vendors have released products which allow digital certificate holders with 'soft certificates' to have their private keys stored at a central server and uploaded when needed to their local machine. This allows users to 'roam' from one machine to another without having to manually manage the export and import of their keys onto temporary media like diskettes. Thus users gain much of the portability and usability advantages of hardware key media like smartcards and USB dongles but without the associated cost. However significant security compromises are entailed in any roaming soft certificate solution since fundamentally the key material is susceptible to sniffing or eavesdropping for at least some of the time. Careful security engineering and product deployment is needed to strike the right balance between cost/convenience and protection against identity theft. To date little analysis of this balance appears in the public domain and the relative strengths and weaknesses of commercial solutions is difficult for users to determine. This paper highlights the security engineering and deployment considerations by presenting a systematic vulnerability assessment of the common roaming architecture.