Presentation is loading. Please wait.

Presentation is loading. Please wait.

11 Authentication Algorithm Trade Study CCSDS Security WG Fall 2005 Atlanta, GA USA Howard Weiss NASA/JPL/SPARTA +1-410-872-1515 September.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "11 Authentication Algorithm Trade Study CCSDS Security WG Fall 2005 Atlanta, GA USA Howard Weiss NASA/JPL/SPARTA +1-410-872-1515 September."— Presentation transcript:

1 11 Authentication Algorithm Trade Study CCSDS Security WG Fall 2005 Atlanta, GA USA Howard Weiss NASA/JPL/SPARTA hsw@sparta.com +1-410-872-1515 September 2005

2 22 Agenda 14 September 2005 – 0900-0915: Welcome, opening remarks, logistics, agenda bashing, 0915-0930: Review results of Spring 2005 SecWG meeting in Athens Mtg Notes Mtg Notes – 0930-1000: RASDS Review wrt Security Architecture (Kenny) – 1000-1030: coffee break – 1030-1200: Security Architecture Document Discussions (Kenny) – 1200-1330: Lunch – 1330-1400:Review CNES Mission Security Req Development using EDIOS (Pechmalbec/Belbus) – 1400-1500: Encryption Algorithm Trade Study (Weiss) – 1500-1530: coffee break – 1530-1700: Authentication/Integrity Algorithm Trade Study (Weiss) 15 September 2005 – 0900-1000: Key management discussion (Kenny) – 1000-1030: Coffee break – 1030-1100: Identity Management, Spacecraft IDs (Weiss) – 1100-1130: CNES Interconnection Rules (Pechmalbec/Belbus) – 1130-1300: Lunch – 1300-1400: CNES Security Development Process (Pechmalbec/Belbus) – 1400-1500: Security Policy Document/Common Criteria (Weiss)

3 33 Discussion Topics Standard Authentication/Integrity Algorithm adoption by CCSDS – Previous proposal submitted (Montreal, Toulouse, Athens) to adopt Digital Signature Standard (FIPS PUB 186-2). – Athens resulted in creating an action item to perform an authentication algorithm trade study.

4 44 Background Discussions As previously discussed, CCSDS does not have standards for: – Encryption – Authentication – Integrity – (or much of anything security-wise) Previous discussions in the (old) P1A (link layer) panel to create such “link-layer” standards (Spring 2002 mtg in Darmstadt) – Good discussion which didn’t lead to anything (P1A Security Briefing)P1A Security Briefing Created a “draft” P1A Security White Book to address some “strawman” proposals

5 55 Previous Encryption Algorithm Proposal: Propose FIPS PUB 186-2 – Digital Signature Standard (DSS) algorithm standard. Consensus??? Agreement??? NO AGREEMENT – perform Trade Study

6 66 Trade Study Background Proposal in Montreal was pre-mature – Digital signature is one way to provide authentication » But NOT the only way – Two other kinds of Message Authentication Codes (MAC) in use: » Hash-based MACs » Encryption-based MACs

7 77 Digital Signature Background Digital Signature – Based on public/private key (asymmetric) cryptography – Hash/CRC performed over data, check-word encrypted using sender’s private key – Receiver re-calculates check-word, verifies transmitted check-word by decrypting with sender’s public key. – Requires generation of public/private key pairs – Requires “Certificate Authority” signing of generated public keys to guarantee their authenticity – Requires a means to distribute/populate public keys for every sender at every receiver. » Public Key Infrastructure (PKI) » Pre-loaded public keys or public key certificates requiring a potentially large on-board cache

8 88 Hash-based Message Authentication Code Background Based on the concept of a keyed hash – Shared secret key Hash calculated over data and the shared secret key to create a check-word, for example: – H {0123456789 Mary had a little lamb} » where “0123456789” is the shared secret Keyed hash is authenticated by the receiver (who possesses the shared secret) by re-calculating the check-word and comparing it with the one transmitted with the data.

9 99 Encryption Based Message Authentication Code Background A hash is calculated over the raw data to create a check-word. The check-word is encrypted using a symmetric algorithm using a shared secret key. The encrypted check-word is authenticated by the receiver by recalculating the check-word, then decrypting the transmitted check-word using the symmetric algorithm and the shared secret key, and then comparing the two check-words.

10 10 Candidate Algorithms Digital Signature candidates: – Digital Signature Algorithm (DSA) – RSA – Elliptic Curve Digital Signature (ECDSA) Hash-based MAC – HMAC-SHA1-96 – HMAC-MD5-96 » Hashing algorithms SHA (1,256,384,512) MD5 UMAC RIPEMD-160 TIGER Encryption-based MAC – DES-CBC-MAC – CMAC – CCM

11 11 Digital Signature Algorithms NameTypeCharacteristicsMin. Key Size Digital Signature Standard (DSS) FIPS 186-2 digital signature Digital signature based on SHA1 hash, un-encumbered (no patents, no licenses) 1024 bits RSA Digital Signature RSA digital signature (FIPS approved) Previously patented digital signature (expired 2000) 1024 bits Elliptic Curve Digital Signature (ECDSA) Elliptic curve digital signature Digital signature based on elliptic curve key technology which uses smaller keys than other public key technologies but may be encumbered by various Cirticom intellectual property, licenses, and patents. Apparently, ECDSA is not covered by any Certicom patents and there are open source ECC libraries, but Certicom does have over 300 patents on various aspects of ECC including “efficient implementations of ECC in hardware and software,” key agreements, etc. 160 bits

12 12 Hash Based MACs NameTypeCharacteristicsOutput Hash Size Secure Hash Algorithm 1 (SHA1) Hash algorithmFIPS approved – other versions (SHA256, SHA384, SHA512) provide longer outputs 160 bits Message Digest 5 (MD5)Hash algorithmPotential weaknesses – can be used as a keyed hash 128 bits Universal Message Authentication Code (UMAC) Hash AlgorithmDesigned to be the fastest hash algorithm ever 32, 64, or 96 bits (64 bits recommended) RACE Integrity Primitives Evaluation Message Digest 160 (RIPEMD-160) Hash AlgorithmDeveloped as part of the EC’s Research and Development in Advanced Communications Technologies in Europe (RACE) 160 bits TIGERHash AlgorithmDesigned for efficient operation on 64-bit platforms 192 bits HMAC-SHA1-96Hash-based MAC Uses SHA-1 for hash96 bits – truncates SHA1 160 bit output HMAC-MD5-96Hash-based MAC Uses MD5 for hash96 bits – truncates MD5 128 bit output

13 13 Encryption Based MACs NameTypeCharacteristicsKey Size DES-CBC- MAC Cryptographic MAC DES-based (FIPS PUB 113 dated 30 May 1985 64-bits CMACCryptographic MAC Encrypted-based MAC using any symmetric key block cipher algorithm 64, 128, 192, 256 (depending on block cipher algorithm used) CCMCryptographic MAC Uses cipher-block-chaining (CBC) with counter mode encryption to provide both authentication and confidentiality using a block cipher algorithm with 128- bit key or greater) 128, 192, 256

14 14 Conclusions and Recommendations Digital signature authentication might not be the universal, fit-all-missions solution – PKI and/or distribution, public/private key generation, key size, CPU intensive Shared secret key technology might be more suitable – Small(er) key size, less CPU intensive, shared secret used many times requiring less caching and less lookups Adopt dual standards: – DSA (FIPS PUB 186) – HMAC w/SHA1 (FIPS PUB 198)

15 15 Discussion Is digital signature the only right answer? Should there be multiple “right answers” because of mission constraints? – For example, shared symmetric keys will be smaller, and may be easier to deal with than public keys. Should CCSDS adopt both a digital signature AND a symmetric technology authentication algorithm?

Download ppt "11 Authentication Algorithm Trade Study CCSDS Security WG Fall 2005 Atlanta, GA USA Howard Weiss NASA/JPL/SPARTA +1-410-872-1515 September."

Similar presentations

Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.

EEC 693/793 Special Topics in Electrical Engineering Secure and Dependable Computing Lecture 6 Wenbing Zhao Department of Electrical and Computer Engineering.
Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:

Dr Alejandra Flores-Mosri Message Authentication Internet Management & Security 06 Learning outcomes At the end of this session, you should be able to:
Cryptography Basic (cont)

Cryptography Basic (cont)
Chapter 5 Cryptography Protecting principals communication in systems.

Chapter 5 Cryptography Protecting principals communication in systems.
BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.

BY MUKTADIUR RAHMAN MAY 06, 2010 INTERODUCTION TO CRYPTOGRAPHY.
Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.
Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden

Henric Johnson1 Chapter3 Public-Key Cryptography and Message Authentication Henric Johnson Blekinge Institute of Technology, Sweden
Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.

Secure Hashing and DSS Sultan Almuhammadi ICS 454 Principles of Cryptography.
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.

August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University Motivation.
Cryptography April 20, 2010 MIS 4600 – MBA 5880 - © Abdou Illia.

Cryptography April 20, 2010 MIS 4600 – MBA © Abdou Illia.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
TrustPort Public Key Infrastructure. WWW.TRUSTPORT.COM Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.

TrustPort Public Key Infrastructure. Keep It Secure Table of contents  Security of electronic communications  Using asymmetric cryptography.
CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.

CSE 597E Fall 2001 PennState University1 Digital Signature Schemes Presented By: Munaiza Matin.
CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS

CRYPTOGRAPHIC DATA INTEGRITY ALGORITHMS
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Similar presentations

Ads by Google