1 Security Protocols Lecture 12 Cryptographic Standards Companies Developing Cryptographic Hardware Algorithms (e.g., DES, AES, RSA) Security mechanisms (e.g., digital signatures) Security protocols (e.g., S-MIME, SSL, IPSec) Secure Communication Systems (e.g., DMS) Cryptographic component Non-cryptographic component (communications, administration, OS security, database security, etc.) 100% Cost of cryptography in the layer model of the Internet Application layer http, ftp, e-mail Transport layer tcp, udp Internet protocol layer ip Network access layer ethernet, atm Physical layer S/MIME SSL IPsec Cost of adding cryptography S/MIME: Secure Electronic E-mail • work on the corresponding Internet standard started by IETF, 1997 • multiple products using S/MIME (e.g., Microsoft Outlook, Mozilla, Mail.app, Entrust/Desktop, Netscape Communicator, and many others) • enables secure communication between e-mail programs from various companies Competition: OpenPGP Cryptographic algorithms: 3DES EDE3-CBC or AES / RSA or D-H: DSS / SHA-1 • protocol developed by RSA Data Security, Inc. in cooperation with consortium of several big companies in 1995 SSL: Secure WWW • protocol developed by Netscape in 1994 • the most widely deployed security protocol Secure browsers, e.g., Internet Explorer, Mozilla Firefox, Safari, Opera, etc. Secure servers, e.g., Microsoft Server, Apache HTTP Server Competition: almost none, in the past S-HTTP, PCT • SSL v. 3.0 in use since 1996, SSL v.2.0 withdrawn Secure Sockets Layer • since 1996 work on the equivalent Internet standard IETF TLS - Transport Layer Security, TLS 1.0 = SSL 3.1 Multiple libraries: e.g., OpenSSL, GnuTLS, PolarSSL, etc. SSL: Secure WWW Cryptographic algorithms: Confidentiality: none, RC4-40, RC2-40, DES-40 RC4-128, RC2-128, DES, IDEA, 3DES EDE3, AES-128, 256 Digital signatures: RSA, DSS Hash functions: SHA-1, MD5 Key agreement: RSA, D-H, Fortezza client browser server WWW 1. Parameter negotiation 2. Server authentication 3. Client authentication (only on request) 4. Key Exchange 5. Confidential and authenticated message exchange server2 SSL: Encryption Algorithms Block cipher Stream cipher Algorithm Key size Algorithm Key size IDEA RC2-40 DES-40 DES 3DES Fortezza AES 128 40 40 56 168 80 128, 256 RC4-40 RC4-128 40 128 IPsec: Virtual Private Networks (VPN) Local network Security gateway Internet • local networks may belong to the same or different organizations • security gateways may come from different vendors Remote user Local network Local network Security gateway Security gateway IPsec: Virtual Private Networks (VPN) • S/WAN (Secure Wide Area Network) interoperability test for products developed by various vendors, 1995 • development by IETF (Internet Engineering Task Force) started in 1994, first IPSec version, RFC 1825-29, published in 1995 • IPsec required in IPv6, optional w IPv4 Algorithms: confidentiality: DES, Triple DES, AES, RC5, IDEA, CAST, Blowfish, Triple IDEA authentication: HMAC-MD5-96, HMAC-SHA-1-96 key agreement: Oakley KDP, ISAKMP Competition: SSL, PPTP (Microsoft) Follow-up Course: ISA 656 Network Security Cryptographic standards Secret-key cryptography standards NIST ANSI X3.92 DES X3.106 DES modes of operation X9.52 Modes of operation of Triple DES Federal standards Banking standards International standards ISO ISO 10116 Modes of operation of an n-bit cipher FIPS 46-1 DES FIPS 46-2 DES FIPS 81 Modes of operation FIPS 46-3 Triple DES FIPS 197 AES ISO/IEC 18033-3 – AES, Camellia, SEED, TDEA, MISTY1, CAST-128, MUGI, SNOW3 NIST FIPS National Institute of Standards and Technology Federal Information Processing Standards American Federal Standards Required in the government institutions Original algorithms developed in cooperation with the National Security Agency (NSA), and algorithms developed in the open research adapted and approved by NIST. Public-Key Cryptography Standards IEEE ANSI NIST ISO RSA Labs PKCS industry standards bank standards federal standards international standards unofficial industry standards P1363 ANSI X9 FIPS PKCS ISO PKCS Public-Key Cryptography Standards Informal Industry Standards developed by RSA Laboratories in cooperation with Apple, Digital, Lotus, Microsoft, MIT, Northern Telecom, Novell, Sun First, except PGP, formal specification of RSA and formats of messages. IEEE P1363 Working group of IEEE including representatives of major cryptographic companies and university centers from USA, Canada and other countries Part of the Microprocessors Standards Committee Quarterly meetings + multiple teleconferences + + discussion list + very informative web page with the draft versions of standards Modern, open style Combined standard including the majority of modern public key cryptography Several algorithms for implementation of the same function Tool for constructing other, more specific standards Specific applications or implementations may determine a profile (subset) of the standard IEEE P1363 ANSI X9 American National Standards Institute Work in the subcommittee X9F developing standards for financial institutions ANSI represents U.S.A. in ISO Standards for the wholesale (e.g., interbank) and retail transactions (np. bank machines, smart card readers)4 ISO International Organization for Standardization International standards Common standards with IEC - International Electrotechnical Commission ISO/IEC JTC1 SC 27 Joint Technical Committee 1, Subcommitte 27 Australia, Belgium, Brazil, Canada, China, Denmark, Finland, France, Germany, Italy, Japan , Korea, Holland , Norway , Poland, Russia , Spain, Sweden, Switzerland , UK, USA Full members: ISO: International Organization for Standardization Long and laborious process of the standard development Study period NP - New Proposal WD - Working Draft CD - Committee Draft DIS - Draft International Standard IS - International Standard Minimum 3 years Review of the standard after 5 years = ratification, corrections or revocation Public-key Cryptography Standards IEEE ANSI NIST ISO RSA Labs PKCS industry standards bank standards federal standards international standards unofficial industry
View Full Document
Unlocking...