Presentation on theme: "Real Privacy Management (RPM) Overview Presentation April 2011."— Presentation transcript:
Real Privacy Management (RPM) Overview Presentation April 2011
Why RPM? What is it? What’s standard about it? What’s novel? (Features) What does novel give you? (Benefits) Is it proven? Practical proof of the features and benefits Example Technology: SSLX Reference Implementation RPM’s application to Financial Services Next steps RPM Technology Review
Real world, human networks have continuous, mutual authentication in all secure interactions, regardless of risk level. Electronic networks don’t. Why not? Because it’s too slow, effort-laden, complex. So it just isn’t done. Who cares? Tomorrow does. Horses -> cars. Fire -> electricity. Earth -> Star Wars The network will never be trusted until it’s just like humanity Why RPM?
Real Privacy Management (RPM) is a patented collection of cryptographic authentication and data security methods; as well as a distributed architecture that integrates RPM-enabled technology components providing end-to-end security services to any network. Using RPM, network participants are assured that every transmission is uniquely authenticated and encrypted in real-time. What is Real Privacy Management (RPM)?
IPSec, the complete security protocol for Next Generation Internet (IPv6), was developed as a framework for authenticated and encrypted IP traffic RPM can be thought of as an IPSec implementation; specifically, as IPSec ESP + Auth in tunnel mode (essentially, an IPSec VPN) RPM is IPSec. Features: Symmetric, one-pass, key establishment, key transport, key exchange, key management methods/system delivering authentication and data security (encryption) In this regard, RPM is best-practice ‘standard’ network security What’s Standard About RPM?
Cryptography New primitives, based on Underdetermined equation sets (provable security, both cryptographic and mathematic) Unique, random encryption message key per transmission (packet) Key sizing – Moore’s Law upkeep: add a byte, doubles key space Bandwidth (less overhead, no latency), Trust scaling and distribution Size Full RPM support library < 10KB Flexibility Federated Trust Model support – global network definition Full OSI ‘any-level’ support (network, transport, session, application) Full Standards support for ‘pieces’ (e.g., authentication, IKE, etc. – all/parts of RPM fulfills Standards calls in financial, HIPPA, etc.) What’s Novel About RPM?
Power Primitives, full operation optimized at machine level: registry-based computational effort (lowest possible) Performance Optimized computation delivers real time instantiation: 5 microseconds [CEBundle at Nanoseconds for 1,000,000 RPM Iterations including: 1. RNG creation, 2. Authentication credential update with associated output, and 3. Unique message key creation for presentation to a cipher] Application Design brings suitability for FGPA/ASIC (chip level) Math delivers RFID, key manipulation/tagging (doc management), Identifiers application (Credit Card numbers, SSNs, PINs, etc.) Size/low power brings sensors, drones, pacemakers – HW/SW Speed delivers real-time, especially where real-time security doesn’t exist What’s Novel About RPM?
Aside from the standard benefits of confidentiality, integrity, secrecy, privacy and authentication in any public/private network, RPM delivers several benefits because of its novel features: RPM fits where other protocols can’t RPM can operate where other protocols can’t RPM has less transmissions, sends less data than other protocols RPM can operate in real-time within the tolerances of most unsecured networks Novel RPM Benefits
The core technology of the RPM System is a new method for generating a sequence of master keys, with derived session and child keys, for use in encryption and authentication. This core technology is based on sound principles of randomization, derived keys, and presenting the adversary under certain attacks with underdetermined equations. –By Dr. Alan T. Sherman, May 27, 2005, An Initial Assessment of the RPM Authentication and Key-Management System: Highlights Is RPM Secure?
The realized security is sharing a pair of common-credentials, sharing a common-key, secrecy of messages, sender authentication, common-key authentication, message authentication, common-key renewal, renewal of a pair of common-credentials, etc. Such a security-function integrated simple communication system will be useful for the future wireless communication system such as handy phones and ubiquitous networks. – By Dr. Hatsukazu Tanaka, SCIS 2006 The 2006 Symposium on Cryptography and Information Security Hiroshima, Japan, Jan , 2006, The Institute of Electronics, Information and Communication Engineers Is RPM Secure?
Telcordia believes that the combination of all these paradigms and solutions in the RPM technology and system is a top-level, state-of-the-art, solution to the problem of designing an end-to-end multi-party security system. Overall, the RPM technology and system can certainly be considered as the result of sound, ingenious and novel thinking, targeting the most appropriate goals for the security properties of any system of this kind. More specifically, RPM has addressed essentially all major cryptographic and security attacks known in the related literature, and used essentially all necessary state-of-the-art cryptographic and security algorithms, protocols and techniques that are applicable to systems of this type. Additionally, RPM has proposed novel technology to solve the following problems: generation of a stream of pseudo-random values with special security guarantees, efficiently and securely encrypting data, continuously authenticating sender and receiver during an encryption session, protecting stored data or cryptographic keys, and providing communication security between any two parties. The RPM end-to-end security system reaches a level of content security that is comparable to the state of the art in this research direction, and, in fact, surpasses the state of the art by novel paradigms and solutions. –By Dr. Giovanni Di Crescenzo, Telcordia, March 2011, Cryptography Assessment of Real Privacy Management TM (RPM) System : Extended Summary Is RPM Secure?
10,000 RPM sessions in less than 100 seconds. DH takes longer than actual transmission Practical Proof of RPM Benefits
RPM has application across a wide spectrum of industries, including Financial, Wireless, Computing and Telecommunications, Entertainment, etc. In order to demonstrate RPM’s flexible application, it has been the core security protocol inside: TCP2 – a new secure version of TCP (Japan) Network Appliances – 10Mbps/100Mbps/1GB Secure Sockets Layer eXtended (SSLX) Noxx, Catalogs, bPositive Practical Proof of RPM Features
RPM in SSL Replacement - SSLX Governing body awards and monitors Public Directory Services Trusted third-party installs DS application and database Available: Windows server SSLX-VPN closed-community secure communication package/device Available: Windows server Web Browser Server SSLX Public Administrator Directory Service Private Directory Service User updates browser with Add-on for Firefox Site admin upgrades server. Available module: Apache mod_sslx
As another example of how RPM fits within an industry, here are some applications within Financial Services: Credit Card processing, payment gateways, POS, ATM, etc. Financial NFC systems (Active/Passive/BAP RFID, cellular, etc.) EMV Chip Card, POS and ATM systems (US rollout) RPM Application for Financial