Presentation is loading. Please wait.

Presentation is loading. Please wait.

Mind the Gap: Updating FIPS 140 Steve Weingart Futurex 864 Old Boerne Rd. Bulverde, TX 78163 Steve R. White IBM Thomas J. Watson Research.

Published byJodie Robinson Modified over 8 years ago

Similar presentations

Presentation on theme: "Mind the Gap: Updating FIPS 140 Steve Weingart Futurex 864 Old Boerne Rd. Bulverde, TX 78163 Steve R. White IBM Thomas J. Watson Research."— Presentation transcript:

1 Mind the Gap: Updating FIPS 140 Steve Weingart Futurex 864 Old Boerne Rd. Bulverde, TX 78163 weingart@futurex.com Steve R. White IBM Thomas J. Watson Research Center P.O. Box 704 Yorktown Heights, NY 10598 srwhite@watson.ibm.com

2 Outline  History  FED Standard 1027  FIPS 140 – 1  Levels  Changes in Technology  Changes in Standards and the Environment  Proposal: Level 3.5  Discussion/Questions

3 History  Federal Standard 1027 was primarily a hardware standard for line encryption devices using single DES  NIST developed FIPS 140 as a replacement  It is more generalized.  It accepts both hardware and software implementations  It has the 11 criteria that cover the complete design  During the development of FIPS 140 a level based system was proposed and accepted  FIPS 140-1 was made official in 1994  It became widely accepted  FIPS 140-2, the first update, was made official in 2001

4  Things have changed  Both attack and defense technologies have improved  Industry needs & requirements have changed  The standard, and its applicability, evolves History (cont)

5 Original proposed six level system LevelNameDescription 1NoneThe attack can succeed “by accident” without the attacker necessarily being aware that a defense was intended to exist. No tools or skills are needed. 2IntentThe attacker must have a clear intent in order to succeed. Universally available tools (e.g. screwdriver, nail file) and minimal skills may be used. 3Common ToolsCommonly-available tools and skills may be used (e.g. those tools available from retail department or computer stores). 4Unusual ToolsUncommon tools and skills may be used, but they must be available to a substantial population (e.g. lock pick, logic analyzer; hardware and software debugging skills, electronic design and construction skills). Typical engineers will have access to these tools and skills. 5Special ToolsHighly specialized tools and expertise may be used, as might be found in the laboratories of universities, private companies, or governmental facilities. The attack requires a significant expenditure of time and effort. 6In LaboratoryA successful attack would require a major expenditure of time and effort on the part of a number of highly qualified experts, and the resources available only in a few facilities in the world.

6 FIPS 140, 4 level system LevelPhysical SecurityDesign Assurance 1Production grade equipment.Configuration management (CM). Secure installation and generation. Design and policy correspondence. Guidance documents. 2Locks or tamper evidence.CM system. Secure distribution. Functional specification. 3Tamper detection and response for covers and doors, epoxy potting High-level language implementation. 4Tamper detection response envelope. EFP or EFT. Formal model. Detailed explanations (informal proofs). Preconditions and postconditions.

7 Changes  Attack Technologies have developed  The Internet has become a forum for development  Script Kiddies can obtain and try many software attacks beyond their skill level  Expensive tools that were difficult to obtain are now available  SEM  FIB  NC Machining  Defense technologies have held up, mostly  Not a great deal of new development  That is mostly OK, since the higher levels have held

8 Changes (cont)  The customer population has become larger and more sophisticated  Banking and Financial  USPS  In General FIPS 140 has become accepted ‘Due Diligence’ for commercial cryptographic devices  This has spotlighted some need for change in the standard

9 The Gap  FIPS 140 has 4 levels  These 4 levels correspond roughly to levels 1, 2, 3 & 6 from the originally proposed system  So, there is a large gap between level 3 and level 4  A typical level 3 device can cracked in a few hours by anyone with reasonable skills  No level 4 device has been cracked publicly  But, the level 4 requirements are so difficult that there are almost no level 4 devices

10 The Gap

11  There are 179 level 1 validations, 247 level 2 validations, 120 level 3 validations & 11 level 4 validations (557 total)  Of the level 4 devices, about half are unique, the rest are delta/re-validations.  Level 4 is too difficult develop, and too expensive to manufacture for most vendors  But industry requirements need more than level 3  USPS and ANSI both require tamper detection, UPSP requires EFT/EFP  We need something new

12 The Proposal  Level 3.5  Essentially level 3 plus:  Tamper detection required  1 – 1.25 mm max undetected hole  Same as level 4 for single chip  EFT/EFP  Informal modeling

13  Meet new & emerging requirements for security that is stronger than level 3  Avoid the most difficult requirements of level 4:  Formal modeling  Any/All tamper detection envelope  This level of security is reasonable to develop and manufacture The Advantages

14 Questions?

15 Thank You! Steve Weingart weingart@futurex.com eingart@futurex.com Steve R. White srwhite@watson.ibm.com

Download ppt "Mind the Gap: Updating FIPS 140 Steve Weingart Futurex 864 Old Boerne Rd. Bulverde, TX 78163 Steve R. White IBM Thomas J. Watson Research."

Similar presentations

Yuma Pacific-Southwest Section, AIHA

Yuma Pacific-Southwest Section, AIHA
Configuration management

Configuration management
Configuration management

Configuration management
PRINCIPLES OF A CALIBRATION MANAGEMENT SYSTEM

PRINCIPLES OF A CALIBRATION MANAGEMENT SYSTEM
Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.

Security Issues in Mobile Code Systems David M.Chess, High Integrity Computing Lab, IBM T.J. Watson Research Center Hawthorne, NY, USA Mobile code systems.
Software Quality Assurance Plan

Software Quality Assurance Plan
Overview of IS Controls, Auditing, and Security Fall 2005.

Overview of IS Controls, Auditing, and Security Fall 2005.
Larry Wagner Sr. Director of Engineering

Larry Wagner Sr. Director of Engineering
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
Audit of IT Systems SARQA / DKG Scandinavian Conference, October 2002, Copenhagen Sue Gregory.

Audit of IT Systems SARQA / DKG Scandinavian Conference, October 2002, Copenhagen Sue Gregory.
Block Ciphers and the Data Encryption Standard

Block Ciphers and the Data Encryption Standard
Software Hardening & FIPS 140 Eugen Bacic & Gary Maxwell September 27th, 2005.

Software Hardening & FIPS 140 Eugen Bacic & Gary Maxwell September 27th, 2005.
FIPS 140-3 Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005.

FIPS Section 5 – Physical Security Randall J. Easter Director, NIST CMVP Ken Lu CSE CMVP September 28, 2005.
1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.

1Copyright © 2005 InfoGard Laboratories Proprietary 2005 Physical Security Conference Physical Security 101 Tom Caddy September 26, 2005.
Case Tools Trisha Cummings. Our Definition of CASE  CASE is the use of computer-based support in the software development process.  A CASE tool is a.

Case Tools Trisha Cummings. Our Definition of CASE  CASE is the use of computer-based support in the software development process.  A CASE tool is a.
©1999 Addison Wesley Longman Slide 13.1 Information System Security and Control 13.

©1999 Addison Wesley Longman Slide 13.1 Information System Security and Control 13.
Training Activity. The recent and significant technological evolution in the field of petroleum industry, has made it possible that many industrial installations.

Training Activity. The recent and significant technological evolution in the field of petroleum industry, has made it possible that many industrial installations.
First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.

First Edition by William Stallings and Lawrie Brown Lecture slides by Lawrie Brown and edited by Archana Chidanandan Cryptographic Tools.
IS112 – Chapter 1 Notes Computer Organization and Programming Professor Catherine Dwyer Fall 2004.

IS112 – Chapter 1 Notes Computer Organization and Programming Professor Catherine Dwyer Fall 2004.
January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS 4600 - © Abdou Illia.

January 14, 2010 Introduction to Ethical Hacking and Network Defense MIS © Abdou Illia.

Similar presentations

Ads by Google