Cylink builds PKI for USPS secure postage
- By Colleen O'Hara
- Aug 16, 1998
Cylink Corp. announced last week that it has developed a public-key infrastructure (PKI) for the U.S. Postal Service's program that secures communications for users downloading and printing postage from their PCs.
Under USPS' Information Based Indicia Program (IBIP), which is in pilot testing now, users will log on to a secure server, order and pay for postage, download the postage, store it in a secure device attached to the PC and print it directly onto an envelope. The goal of the program, which is targeted at small office/home office users, is to provide a secure way of delivering postage via PCs rather than mechanical postage meters.
PC postage products such as E-Stamp Corp.'s Internet Postage software, which was announced in April, actually generate the stamp that is printed on an envelope. The stamp includes a 2-D bar code, called an information-based indicia, which contains the postage, a date stamp, destination and tracking data, and a digital signature that makes the indicia difficult to counterfeit.
The PKI developed by Cylink for the IBIP program will use digital signatures to authenticate the postage device and secure any postage transaction that enters it. "We don't need encryption for IBIP because we only care that the transactions are digitally signed so we know the source and know that [the device] hasn't been tampered with," said Andrew Morbitzer, director of market development at Cylink. "Digitally signing does that."
The motivation behind the IBIP program is security and user convenience, according to USPS. "We've provided secure correspondence for years, and we are always looking to use new technology to serve our customers," a USPS spokes-man said. "PKI is one tool we use to enhance service." USPS plans to authorize other vendors in addition to E-Stamp to participate in the IBIP test, the spokesman said, but he would not say when this might happen.
Under its PKI contract, Cylink will provide a device manufacturer, such as E-Stamp, with a master certificate. E-Stamp would create a unique certificate by signing the public key of each device; this would be done by using the device's master public-/private-key pair. The signed public-key copy would be held by USPS, which would act as the certificate authority, but the matching private key would be kept secret.
The intention of the IBIP program is to prevent meter fraud, so strong cryptography is essential to prevent someone from stealing the private key, taking the software and printing an indicia, said Santosh Chokhani, chief executive officer of CygnaCom Solutions Inc.
Cylink's certificate authority is based on the Public Key Information standard proposed by the Internet Engineering Task Force, which calls for support of X.509 certificates. The system is designed so that other certificate authorities can understand and read one another's certificates.
Cylink used Sun Microsystems Inc.'s SPARC-based server, which offers auditing and accountability of transactions as well as the ability to recover interrupted transactions.
Eventually, USPS will take over the operation and administration of the PKI and will be able to use the PKI to support other programs, Morbitzer said. "The PKI we delivered is a general-purpose PKI certificate authority. That means the Postal Service now owns a complete PKI that it can use for many applications," he said. "IBIP can run on this PKI, as can four other unrelated programs." Cylink's PKI can scale to millions of certificates, he added.
The IBIP pilot is scheduled to run through year's end, and if all goes well, it will go live next year. Now limited to the Washington, D.C., and Northern Virginia area, the pilot will expand to the San Francisco area next month.