CMS Interoperability Matrix Jim Schaad Soaring Hawk Security.

Slides:

Advertisements

Similar presentations

Public Key Infrastructure and Applications

Advertisements

Hash Functions A hash function takes data of arbitrary size and returns a value in a fixed range. If you compute the hash of the same data at different.

FIPS 201 Framework: Special Pubs ,76,78 Jim Dray HSPD-12 Workshop May 4/5, 2005.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

Web security: SSL and TLS

Lecture 7 Overview. Advanced Encryption Standard 10, 12, 14 rounds for 128, 192, 256 bit keys – Regular Rounds (9, 11, 13) – Final Round is different.

SSL Implementation Guide Onno W. Purbo

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Cryptography and Network Security

JOSE Open Issue Discussion Chairs Jim Schaad. Process Room vote for Closure – Three Choices for topics We adopt the change We reject the change We discuss.

Digital Signatures and Hash Functions. Digital Signatures.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

1 Information System Security AABFS-Jordan Summer 2006 Digital Signature and Hashing Functions Prepared by: Maher Abu Hamdeh & Adel Hamdan Supervised by:

Lecture 13 Message Signing

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

BR1 Protection and Security B. Ramamurthy Chapters 18 and 19.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

CN8816: Network Security1 Confidentiality, Integrity & Authentication Confidentiality - Symmetric Key Encryption Data Integrity – MD-5, SHA and HMAC Public/Private.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

1 Public-Key Cryptography and Message Authentication Ola Flygt Växjö University, Sweden

Digital Signatures Slides by Kent Seamons and Tim van der Horst Last Updated: Oct 7, 2013.

1 Workshop on algorithms and parameters for Electronic Signatures November 25, Brussels.

AQA Computing A2 © Nelson Thornes 2009 Section Unit 3 Section 6.4: Internet Security Digital Signatures and Certificates.

S/MIME Freeware Library IETF S/MIME WG 13 December 2000 Getronics Government Solutions.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.

Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.

PKCS #1 v2.1: RSA Cryptography Standard

Digital Signatures A primer 1. Why public key cryptography? With secret key algorithms Number of key pairs to be generated is extremely large If there.

Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.

Module 3 – Cryptography Cryptography basics Ciphers Symmetric Key Algorithms Public Key Algorithms Message Digests Digital Signatures.

RSA Data Security, Inc. PKCS #1 : RSA Cryptography Standard Jessica Staddon RSA Laboratories PKCS Workshop October 7, 1998.

On OAEP, PSS, and S/MIME John Linn RSA Laboratories S/MIME WG, San Diego IETF, 13 December 2000.

COSE Overview Jim Schaad August Cellars. Willing Changes No crypto compatibility Use of CBOR idioms Partial change of naming schemes.

Confidentiality Confidentiality is maintained so long as private keys are secure. Authenticity is possible via public-key encryption by encrypting messages.

1 Authentication Algorithm Document Discussions CCSDS Security Working Group Fall 2007 Meeting 3-5 October 2007 ESA/ESOC, Darmstadt Germany (Hotel am Bruchsee,

Lecture 8 Overview. Secure Hash Algorithm (SHA) SHA SHA SHA – SHA-224, SHA-256, SHA-384, SHA-512 SHA-1 A message composed of b bits.

1 Number Theory and Advanced Cryptography 6. Digital Signature Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced Cryptography.

A Quick Tour of Cryptographic Primitives Anupam Datta CMU Fall A: Foundations of Security and Privacy.

SECURITY – Chapter 15 SECURITY – Chapter 15 ….for authentication and confidentiality PGP 1.Uses best algorithms as building blocks 2.General.

PKCS #1 v2.1: RSA Cryptography Standard Burt Kaliski, RSA Laboratories PKCS Workshop, 5 October 2000.

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,

PKCS #5: Password-Based Cryptography Standard

Computer Science and Engineering Computer System Security CSE 5339/7339 Lecture 11 September 23, 2004.

Secure Multipart Internet Mail (S/MIME) Working Group Tuesday, July 24, 2007 Afternoon Session III

Allowed uses of Public Keys Jim Schaad Soaring Hawk Consulting.

ANSI X9.44 and IETF TLS Russ Housley and Burt Kaliski RSA Laboratories November 2002.

Hashes Lesson Introduction ●The birthday paradox and length of hash ●Secure hash function ●HMAC.

Public Key Infrastructure Using X.509 (PKIX) Working Group March 20,

S/MIME Working Group Status Russ Housley November 2002 PLEASE SIGN THE BLUE SHEET.

PKCS #5 v2.0: Password-Based Cryptography Standard

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC

Security. Security Needs Computers and data are used by the authorized persons Computers and their accessories, data, and information are available to.

Authenticated Identity

Dan Brown, Certicom Research November 10, 2004

Jim Schaad Soaring Hawk Security

S/MIME Working Group Agenda and Status

BPSEC Updates Edward Birrane

Draft-lamps-cms-shakes-hash-00 (was draft-dang-lamps-cms-shakes-hash-00) Q. Dang, P. Kampanakis National Institute of Standards and Technology.

One Time Signature.

Jim Schaad August Cellars

Hashing Hash are the auxiliary values that are used in cryptography.

draft-ietf-dtn-bpsec-06

Digital Signature Standard (DSS)

The devil is in the details

Presentation transcript:

CMS Interoperability Matrix Jim Schaad Soaring Hawk Security

Status for RFC 3369 Errata for ASN.1 module Report document is started Signed Data –FINISHED Encrypted Data –FINISHED

Status for RFC 3370 Key Derivation Algorithms –PBKDF2 Message Authentication Code Algorithms –HMAC with SHA-1 Need final ruling from IESG if these are blocking advancement.

Questions

RSA PSS and CMS Jim Schaad Soaring Hawk Security

Overview PSS is a “new” signature algorithm for RSA key pairs Parameters –Digest Hash Algorithm (H1) –Internal Hash Algorithm (H2) –Internal Mask Generation Function (MGF) MGF Hash Algorithm (H3) –Salt Length (should be length of H2)

Requirements H1 and H2 SHOULD be the same H2 and H3 RECOMMENDED to be the same

Resolved Issues Should key identifier and signature identifier be the same OID –Will be the case for PSS PSS Parameter comparison –MUST do comparisons if the parameters are present in the certificate.

Questions

RSA KEM Jim Schaad Soaring Hawk Security for Burt Kaliski

Algorithm Review Generate random value z range 0…n-1 Encrypt z with recip. pub. key c=E(z) Derive a KEK k = KDF(z) Encrypt CEK with KEK wk = KEK k (cek) EncryptedKeyValue c || wk

CMS Details Use key transport option id-kts2-basic OID ::= { x9-44 schemes(2) kts2-basic(7) } KTS2-Parms ::= SEQUENCE { kas [0] KTS2-KeyAgreementScheme, kws [1] KTS2-SymmetricKeyWrappingScheme, labelMethod [2] KTS2-LabelMethod }

id-kas1-basic OID ::= { x9-44 schemes(2) kas1-basic(1) } KAS1-Parms ::= SEQUENCE { sves [0] KAS1- SecretValueEncapsulationScheme, kdf [1] KAS1-KeyDerivationFunction, otherInfoMethod [2] KAS1-OtherInfoMethod }

Open Issues Matching rules on usage SMimeCapabilities Single ASN.1 module

Questions

ESSbis Jim Schaad Soaring Hawk Security

Changes Separate the functions of –Receipt Behavior id-aa-receiptPolicy –ML Loop Detection id-aa-mlExpandHistory Rewrite processing rules Move id-aa-contentIdentifier and id-aa- contentReference to section 4

ReceiptPolicy ReceiptPolicy ::= CHOICE { none [0] NULL, insteadOf [1] SEQUENCE SIZE (1..MAX) OF GeneralNames, inAdditionTo [2] SEQUENCE SIZE (1..MAX) OF GeneralNames } id-aa-receiptPolicy OBJECT IDENTIFIER ::= {id-aa XX}

MLAExpandHistory MLAExpandHistory ::= SEQUENCE SIZE (1..ub-ml-expansion-history) OF MLAData id-aa-mlExpandHistory OBJECT IDENTIFIER ::= {id-aa(2) XX} ub-ml-expansion-history INTEGER ::= 64 MLAData ::= SEQUENCE { mailListIdentifier EntityIdentifier, expansionTime GeneralizedTime }

Status First draft to be published next week Open questions on some nested cases for receipt processing behavior Open questions on MLA attribute propigations

Questions