nCipher Security Blog

Certificates in SPACE!

Soumit Chatterjee More About This Author >

Certificates in SPACE!

Certificates in SPACE!What exists beyond our world? Is there life beyond planet Earth? These are all questions we’ve pondered for centuries – and questions that have fueled exploration and research for decades.

The laboratory on board the European Space Agency’s Columbus Module of the International Space Station (ISS) offers extensive scientific research capabilities. Earth-based researchers, together with the station crew, conduct thousands of experiments throughout the year, with the aim of filling the black holes in our knowledge about the world beyond our own.

But the interaction between National Space Agencies’ researchers from countries involved in the ISS program requires sharing of sensitive information that needs to be protected. For this purpose, PKI technology from our partner Safelayer, together with nCipher nShield hardware security modules (HSMs), has been deployed to implement digital signature technology for specific business processes to enable strong authentication and secure data exchange.

Public key cryptography is a well-known underpinning technology to protect users, networks, data, and mission critical applications. PKIs provide a framework that enables cryptographic data security technologies – such as digital certificates and signatures – to be effectively deployed on a mass scale. Using the principles of asymmetric cryptography, PKIs facilitate the establishment of a secure exchange of data between users – ensuring authenticity, confidentiality, integrity of transactions

At the heart of every strong PKI must be high assurance cryptography technology. When you add hardware security modules (HSMs) to PKIs, you are deploying independently certified, tamper-resistant devices that are used to secure some of the most sensitive keys – including root and issuing CA private keys -- and business processes in mission critical situations. Not only this, HSMs also help overcome these three other challenges faced by organizations when deploying secure PKI based applications:

  1. Knowing the origin and quality of your keys: HSMs offer an environment where keys are generated using a certified key generation process and mechanisms tested to deliver the appropriate key quality.
  2. Knowing exactly where your keys are: When using HSMs you ensure your policies are precisely implemented, and that keys do not proliferate beyond specified secure primary and backup key locations – which is a pitfall of software-based key handling.
  3. Ensuring keys are used for one purpose only: Strong control of keys ensures strong control of certificate issuance. HSMs are designed precisely to deliver these important services that facilitate the enforcement of the organizational security policy.

In the current threat landscape, security solutions for strong authentication and the associated protection of mission critical data is of paramount importance. We are honored to be part of this ground-breaking work with the ISS – a large step for both PKI and for scientific research!