Improved Encryption Concept
Issues with implemented version
The CARA Tool supports encryption since version 1.1 this functionality works but causes some problems and security concerns:
The now implemented solution will require CBs to enter or collect passwords for reports which is not that feasible
The encryption is based on the password which will require to know the password
The entry of passwords especially for organization NC exports might be problematic if users use known passwords which are than provided to a third party. This is also problematic if provided to the CBs
Solution concept
1. General rule for all passwords
Problem: avoiding knowing the entered password for decryption
All passwords should be SHA-256 hashed.
This will provide the possibility to enter the correct password to encrypt the file if a hashing function is attached.
Knowing the hash value makes it possible for CBs to decrypt the password file without knowing the password
2. Encryption of report files
Problem: providing the CBs with the password for encryption
Limitations: The password has to be attached as secure as possible to avoid decryption and can only be attached to the content
The password hash will be set before the AES encrypted content (bas64 encoded length 344)
The password hash will be used and it will be encrypted using RSA (due to javascripts readability of code this is the only solution so the CB can decrypt that hashed password and nobody else)
Using RSA allows to provide every CB with its own secure key while attaching the public key to the CB data in CARA
RSA is efficiently secure
If the password has to be changed a new private/public key pare will be generated
New public password will be distributed by a CARA minor update
The CB will use the new private password and has a fallback for the old one (He has to test against all old passwords because of possible older files)
The public key for encrypting the password will be selected by the chosen CB for the report
The attachment of the password is only activated by request of the CB
3. Encryption of Noncomformity reports
Possible Extensions:
The hash value of the password is saved in the auditors report so on import no password has to be entered. Because the auditor works with the organization on the report attaching the password to the report is no problem.
The hash password is also part of the nc management report and set automatically for the organization.
The organization will not get the option to choose encryption and use a different password. All exports for the auditor will be automatically encrypted with the hash value of the password provided by the auditor
4. Encryption of Backup Data
Apart from using the the hash key of the password for the encryption the backup data encryption won’t be changed further.
RSA Example
public key
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu+7EwbQeUW040jXoVWtka+z0ixUIBuygmlN7JvdyFIyhmYE9tk+d1A8gdeitfsU+UMuPML6YfFrqgmKKSQfCUzvb/2KrQ6bsYAp1uR60UM9VJrQkvEEVCqaMEEw7skGYaUd/Fpv+W3xxk3jrxa/5DapApooc+DR4UEWhZPd/aHYUqguKqBYxpvC/HuAWI54sEUrhS0PtL0IkRA7va/R9GwPdE4B6rv9/abQbvx3faW6UvF/dJgHBAlZC2jb5iyGBYHI0Xv7YTOiBK0Dv3OpxkzMNSTQ9CO5qpGBfILPULs2mlbrOFCF2dZpjiSC8DZMMQd0zELdYFYcGSgY+1UXuWwIDAQAB
private key
MIIEvgIBADANBgkqhkiG9w0BAQEFAASCBKgwggSkAgEAAoIBAQC77sTBtB5RbTjSNehVa2Rr7PSLFQgG7KCaU3sm93IUjKGZgT22T53UDyB16K1+xT5Qy48wvph8WuqCYopJB8JTO9v/YqtDpuxgCnW5HrRQz1UmtCS8QRUKpowQTDuyQZhpR38Wm/5bfHGTeOvFr/kNqkCmihz4NHhQRaFk939odhSqC4qoFjGm8L8e4BYjniwRSuFLQ+0vQiREDu9r9H0bA90TgHqu/39ptBu/Hd9pbpS8X90mAcECVkLaNvmLIYFgcjRe/thM6IErQO/c6nGTMw1JND0I7mqkYF8gs9QuzaaVus4UIXZ1mmOJILwNkwxB3TMQt1gVhwZKBj7VRe5bAgMBAAECggEBALRWIqhd1tn8HRJaeF+/ddW6w87Sl6lNV6+/e+WgfPALIubShg1zyNe8zEFYzWNgkrOlIfp8aoaqF26WcGwz7d1BC5K9c+qvOxPN9bl2JUGGMwe4xaeALFjUCIN7I62iFEayPNnNRv8zIymIV3aTrkHWpcMptTLX5rvglUb12GS7hXTA659QyZt38yOgawysP4ohDdN0xVuiH1pNfZRA4892MJGo6AzWDW6gucvgCKF2n1pKv6GAzjFdYVbBwCY4N2Cz2FMIKKY9jgofM2QNk+VxQ/uT9uxr4ZHCa5fKIakpTWsWN0JPHRuthJ+SGH0wrbLoD+qdumQ3dUb0WRFNJ0ECgYEA4KRQRSNY94/fjYmwRnnmjLy5BSYCwJMCw6gJh8XNoxXVWhkQM1J9qIvKSfL8Z27hTGLiwc0btTbpGCsTeVhSl7zsoSrbOwE4IdMD3fcJxQ73Z1LLEkuZMKLdRHR4RVprCAJ3F9RLqlnGJ0ZmsMNB9gy5j12En68Ol/Ovc+4TWQ0CgYEA1iqiniER3JvdQcDgKRm/IMDp82ERREBhqDQmIk8stpZRx8IHT+cddlKars2OYg5KMZUTW5UUGGvdHfd0bmrq7dYErN6/4gQd12I3BdXZ7tdBPmqCGil4/fbQdXUTTPfWXTr2t3wWq7oWmnPwXRk8O5xyeEdh2vHYO80ynKL6uwcCgYBbccfTPR5cOE7yWNhO+BRnufM/K0f3iGCZsO+gO18IQj0FXiqAGdZZI/6Gt8kTeclwxNg1t/7Nd7rPQcm9nbyRVDCnMsDndgmZi0KJuqRZeUww3T0ZB3kmmUWlNhw3byUer5I3Ow5KHB1To47t6a4SMP/gYls4fZRdOq9za7ioiQKBgB5B2cWzcF2Vm7XNdR35aDpNZwAeh5z355QnAfg47V1CcX1iWTwdr9jmpLnriqEp2auVny2CK1uj6ZJxQn7TFivR38k4ky1wXXLvikyFwQtwV+Rkkcr2bwSaWSsvBjIKlbuIOBEGNAHBAa6CkMPma88UNEvv8dBH+L/CJtNgZ0IDAoGBANhpzASkTZwzSEK7tLy8nEpRc1JC1YPYzdA09z+v+3Q6wpylNin3bHskmxPp5kr51LGU1DL09E6bmI02XAL6uyy7TRuOEcu6i2750TFRUMTLxlr2Xu9vg8pdQ9AK55fxOsxe8iY5f+k2hrxTZQJzwjxJTgssmUq4Jx3Nv/I7sDRN
password
secure-password
Sha256
3885c3c07cfdd4bc7d08ded0f4e39b7300b2ae872d18e3c8c192926c9d6e6636
Encrypted key (length : 344)
SAffeiZwkP98BYOqkDRJAaK7RiwDD44Hg8M89+YnB0+fQS1C0wX7KRx+xAPHoAW1dUpZ2bDO3lzEl1FVqWQbIriiH/lQTXGGUNWzfigLL0NTcOoRnLz5LYtrQrX2myHRCJG6hOxzwToN/kHwtZrDsgB9CntK/dFsqV/jYvGdf02+OFkkdyr64fwUz2XQG06nJHqEuUWMqS0vPUk34NE1h9zQEmC79GRfDamM/mDkmbAlINBlHhaqLMb9JZ+Tbb0GW+bJMg6pCoHFQINZZpdzUplIRYxz7cHf45GriOJMvn+AGz9CcwGou/PqugIkmWnlEguf+Pj9wHbkb9Zy6gDB7Q==