1 / 49

A THREE ALGORITHM SUITE PROVIDES FLEXIBLE SECURITY

A THREE ALGORITHM SUITE PROVIDES FLEXIBLE SECURITY. A Presentation To The Joint Meeting Of Industry Canada, ANSI C12, and SCC31 by Bill Rush Institute of Gas Technology March 25, 1999 Phoenix, Arizona. A REVIEW OF PREVIOUS SECURITY STANDARDS PRESENTATIONS.

meagan
Download Presentation

A THREE ALGORITHM SUITE PROVIDES FLEXIBLE SECURITY

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. A THREE ALGORITHM SUITE PROVIDES FLEXIBLE SECURITY A Presentation To The Joint Meeting Of Industry Canada, ANSI C12, and SCC31 by Bill Rush Institute of Gas Technology March 25, 1999 Phoenix, Arizona

  2. A REVIEW OF PREVIOUS SECURITY STANDARDS PRESENTATIONS

  3. START FROM THE ASSUMPTION THAT AMR SYSTEMS SHOULD HAVE THE OPTION TO BE PROTECTED BY ENCRYPTION SCC31 Has Completed Threat Analysis Contribution

  4. GROUP ASSAILANTS INTO 4 CATEGORIES • Unstructured Threat (Hacker, Insider $2,500) • Structured Threat (Company, $250,000) • Foreign Entities (Government, $25,000,000) • Combinations (Of The First 3)

  5. ASSAILANTS HAVE A FORMIDIBLE ARRAY OF CAPABILITIES • Listen & Record • Generate Or Play Back Messages • Steal/Compromise Passwords • Remote Reprogram • Facility Access • User Friendly Hacking Tools • Reverse Engineer Security

  6. “SECURITY THROUGH OBSCURITY” PROVIDES ONLY MINIMAL PROTECTION • Guess Or Steal Passwords • Reverse Engineer Or Leak “Secret Methods” • Secret Methods Have Bad Track Records

  7. STANDARD TECHNIQUES EXIST TO SECURE COMMUNICATIONS • The Need For Secure Communication Is Old • There Is An Extensive Body Of Work • Goal: Match Options To Metering Needs “Secure” Means Hard (Not Impossible) To Read

  8. SECURITY HAS 3 ASPECTS • Privacy - You Can’t Read A Message • Integrity - You Can’t Change A Check Amount • Authenticity - You Can’t Forge A Signature

  9. ENOUGH ENCRYPTION BASICS TO GRASP THE ISSUES

  10. USE STANDARD, WELL KNOWN AND TESTED ALGORITHMS • Algorithms Are Known And Standard • Very Well Tested • Best Cryptographers Can’t Break Easily

  11. THE MECHANISM OF LOCKS IS PUBLIC KNOWLEDGE But Without The Key Or Combination - You Can’t Open A Single One !

  12. ENCRYPTION GENERATES CYPHERTEXT REVERSIBLY “Close A Valve!” “Close A Valve!” Encrypt Decrypt “^fD%b*m>s#H!j<“ Encrypted SCADA Commands Are Secure Until They Reach Their Destination

  13. Substitute One Letter For Another Rotate Letters By “N” Positions A SIMPLE ROTATION ALGORITHM ILLUSTRATES SEVERAL KEY CONCEPTS GOAL: An Algorithm Simple Enough To See, But Real Enough To Show Issues

  14. PLAINTEXT MAPS TO CYPHERTEXT PREDICTABLY - IF YOU HAVE THE KEY Key = Rotate Each Letter 3 To The Right Plaintext: A B C D E F G H …Z Cyphertext: A B C D E F G H I J K … C With Rotation Key: 3 “HAD” Becomes “KDG” 2 “HAD” Becomes “JCF”

  15. Substitute One Letter For Another Rotate Letters By “N” Positions N Is The (Shared, Secret) Key 0 < N < 25 A SIMPLE ROTATION ALGORITHM ILLUSTRATES SEVERAL KEY CONCEPTS GOAL: An Algorithm Simple Enough To See, But Real Enough To Show Issues

  16. THE ROTATION ALGORITHM HAS GENERAL CHARACTERISTICS • Algorithm Is Known, Key Provides Security • Unique Mapping Of Plaintext To Cyphertext • Coding/Decoding Easy With The Key • Decoding Hard Without The Key • Can Be Broken By Guessing • Longer Keys Harder To Break

  17. THE ILLUSTRATION ILLUSTRATES GENERAL CHARACTERISTICS (Cont.) • “Symmetric Key” Means Both Keys The Same • Both Parties Have Common, SECRET Key • If One Key For Many Parties, Getting 1 Gets All • “Symmetric Key” Management An Issue • Changing Keys Adds Security • Never Use A Code To Send Its Own Key

  18. THERE ARE THREE KINDS OF ALGORITHM • Symmetric Key - Same, Secret Key • Public Key - Publish Half Of A Key • Common Number - Parties Get Same Number

  19. SYMMETRIC KEYS ARE THE SAME FOR BOTH PARTIES • Must Be Secret • One Key For All Raises Risk • One Key For Each Is Hard On A Big Network

  20. PUBLIC KEY ALGORITHMS HAVE SPECIAL PROPERTIES • Part Of Key Is Public • Encrypted Messages Are Hard To Read • New Keys Can Be Generated AND NOT SENT • No Key Transmission Risks • Broadcast Needs Special Key

  21. THERE ARE SEVERAL CRITERIA TO SELECT ALGORITHMS • Publicly Available • Keys Can Be Changed Faster Than Broken • Cracking Time > Useful Life Of Message • Assure Message Is Unaltered (Integrity) • Physical Access To Unit Still Possible • Verifies Originator (Authenticates) • Permits Broadcast/Multicast

  22. PROTOCOLS REQUIRE WORK • Key Management Compatible With System • Time Stamp/Message Counter • Source & Destination Addresses • Generate / Distribute / Store Required Keys • Minimal Sending Time (Bandwidth) Increase

  23. BENCHMARKING WORK IS UNDER WAY AT IGT • Clear/Encrypted Length Impacts Bandwidth • Protocol Overhead Adds Comm. Time • “Time Slicing” OS Slows Functions • Must Recognize Memory Limitations

  24. IMPLEMENTATION CRITERIA • Hardware Implementation Desirable (1 Chip) • Short Communication Turnaround Needed • Small Impact On Device Function • Small Code Size • Low Cost (Licensing, O&M, Purchase) • Scale To Various Size Equipment/Needs

  25. DES Diffie-Hellman RSA (PGP) IDEA CAST Skipjack Blowfish SAFER RC5 ODS Rabin ElGamal SEVERAL AVAILABLE ALGORITHMS WERE CONSIDERED No Single Algorithm Met All Criteria, So A Suite Was Needed

  26. A THREE ALGORITHM SUITE COULD SECURE COMMUNICATIONS • RSA (Session Key Exchange) • DES (Communication “Workhorse”) • Diffie-Hellman (RSA/DES Key Exchange) • Protocols Require “Salting” And “Chaining” This Is Similar to System Securing Electronic Banking Transactions

  27. ALGORITHM CLASSES REQUIRE DIFFERENT RESOURCES • Public Code Length 3 Times Symmetric • Public Key Is 10 Times Symmetric Key • Public Key Execution = 100 Symmetric Assumes Same Security, (128 Bit Symmetric Key, 1024 Public Key)

  28. RSA SENDS SESSION KEYS AND AUTHENTICATES • Public Key • 1024 Bit Key • Relatively Slow • Authentic Signature (With Valid Public Key)

  29. RSA USES A PUBLIC AND A PRIVATE KEY • Public Key Is 2 Numbers, N And E • N Is A Modulus • E Is A Large Number Used To Encrypt • D Is A Large Number Used To Decode

  30. RSA IS EASY IN PRINCIPLE • Message Is Called M • Encrypt Message With RECIPIENT’S (N, E) • C = Cyphertext = (M)E Mod N • Mod N = Remainder After Dividing By N • Recipient Decrypts With Private Half Of Key • P = Plaintext = (C)D Mod N

  31. RSA USES OVERFLOW IN MODULAR ARITHMETIC • Cyphertext = C = (M)E Mod N • Plaintext = P = (C)D Mod N • P = (C)D Mod N = (ME)D Mod N = (MED) Mod N E And D Are Chosen So Raising M To The ED Power Is M1

  32. RSA IS EASY TO DEMONSTRATE BY EXAMPLE • Take (E,N) As (7, 33) • Take D = 3 • Take M = 15 • C = (15)7 Mod 33 = 27 (Transmit This) • P = (27)3 Mod 33 = 15 (Original Message, M) The Security Comes From How Hard It Is To Find D, Given (E, N)

  33. DES IS THE WORKHORSE • Digital Encryption Standard • 56 Bit Key for DES • $250k Computer Cracked In 48 Hrs • Good Enough For Many Applications

  34. TRIPLE DES FOR HIGH SECURITY USES • DES Algorithm • Two 56 Bit Keys • Use DES 3 Times

  35. DES SHUFFLES AND CHANGES BITS ACCORDING TO A KEY 0 1 0 0 0 1 0 1 0 1 0 0 1 1 0 1 Move Change 0 1 1 0 1 1 1 0

  36. DIFFIE-HELLMAN IS USED ONLY FOR SESSION KEY GENERATION • Two Users Separately Generate Same Key • Use For DES Session To Change RSA Key

  37. THESE ALGORITHMS ARE FLEXIBLE • Replace DES With AES When Available • Plaintext Communication Option Exists • Public Key Request • Unimportant Messages • Triple DES, 1024 Bit RSA Export Issues • Code Book Chaining Avoids Repetition

  38. THIS IS A FLEXIBLE SUITE • Just DES A Fast Option • Just RSA A Secure Option • Full Suite For Full Security

  39. A COMPLETE SECURITY SYSTEM REQUIRES • Algorithms (Recommended) • Protocols (Need Development) • Code (C Language Code Will Be Provided)

  40. CONSIDER THIS SUITE FOR FLEXIBLE ENCRYPTION • RSA Public Key • DES / Triple DES Symmetric Key • Diffie-Hellman SCC31 Contribution Is Being Submitted

  41. ALGORITHMS OFFER HIGH SECURITY • 2 Days To 400,000,000 Years • Secure Key Change Is Possible • We Will Benchmark Shortly For Time, Code • Standard Code Should Outlast AMR Units

  42. THIS IS A FLEXIBLE SUITE • Just DES A Fast Option • Just RSA A Secure Option • Full Suite For Full Security IGT Will Provide The C Language Code For Free

  43. MESSAGE LENGHTS INCREASE TO 8 BYTE BLOCK MULTIPLES • Messages Must Be As Long As The Key • Pack Unneeded Bytes

  44. DES ENCRYPTION SPEED IS PROBABLY ACCEPTABLE ProcessorDES Blocks/Second 80188 4* (current imp) 8088 370 (optimized) 6811 10-50 90 MHz Pentium 275,000 * Using 10% Of The Resources On A Time-Sliced Platform

  45. OTHERS ARE SLOW IN SOFTWARE Short RSA Key Generation. Time . 80188 35 minutes* 300 MHz Pentium II 4 seconds Crypto i-button < 1 second * Using 10% Of The Resources On A Time-Sliced Platform

  46. SPACE IS NOT EXCESSIVE Function Size DES 6k RSA key generation 12k* * Includes Math Library Also Used By RSA Encryption/Decryption & Diffie-Hellman Symmetric Key Generation

  47. DES CAN RUN IN SOFTWARE; OTHERS NEED HARDWARE IMPLEMENTATIONS • DES Software Implementation Is Fast Enough • RSA Ecryption/Decryption, RSA & Diffie-Hellman Key Generation Are Slow • Hardware Implementation Reduce Time To Seconds

  48. ENCRYPTION WILL REQUIRE MORE RAM • Software Approach Will Probably Require More RAM • Hardware Implementation Can Reduce Software Modifications To Calling Functions On Chip & Retrieving Results

  49. THE ALGORITHM SUITE SECURITY LEVEL CAN BE “ADJUSTED” • DES, No Key Change • DES, 3DES For New Key • Full Suite

More Related