Skip to content
master
Go to file
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
src
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

README.md

Open Source KeyServer

  • Download last version available: Download

Repository status:

Master Develop
Build status Build Status Build Status
Dependencies status Dependency Status Dependency Status
Code quality Codacy Badge Codacy Badge Codacy Badge Codacy Badge

Description

This software is a Key Server that implements the TLS Session Key Interface (SKI) defined in draft-cairns-tls-session-key-interface-01.

The Heartbleed attack illustrated the security problems with storing private keys in the memory of the TLS server. The TLS Session Key Interface (SKI) defined the mentioned document makes it possible to store private keys in a highly trusted key server, physically separated from client facing servers. The TLS server is split into two distinct entities called Edge Server and Key Server that communicate over an encrypted and mutually authenticated channel using e.g. TLS. This software implements the Key Server entity.

  +--------+  Handshake  +-------------+    SKI    +------------+
  | Client | <---------> | Edge Server | <-------> | Key Server |
  +--------+             +-------------+           +------------+

It is aimed at being a functional prototype to test the LURK Architecture and the proposed interface. For more reference see link URL and this.

System requirements

KeyServer has been developed using Java SE 8 and Redis as database to store the certificates private keys.

How to install?

You can download the latest KeyServer JAR version from releases section. If you prefer generate your own JAR, remember that this project is distributed with Apache Maven.

Once the JAR file is downloaded/generated, move it to the desired folder. Configure the KeyServer using the KeyServer Wiki steps before first execution. Otherwise, you'll get an error during the execution.

Watch the video

About

Key Server that implements the TLS Session Key Interface (SKI) defined in draft-cairns-tls-session-key-interface-00.

Resources

License

You can’t perform that action at this time.