Study Group 7/17 ASN.1 ASN.1: Past uses, new developments, and future prospects in security and e-commerce applications John Larmouth Note, for best viewing, this presentation needs the Dom Casual and Brush Script fonts to be on your machine.

Study Group 7/17 ASN.1 A short history of communications notations n Bits and bytes pictures n TLV with tabular notation n ASN.1 n Text-based communication n (Semantic) mark-up

Study Group 7/17 ASN.1 ITU-T SG7 involvement n Standardising notations to support communication for over twenty years n ASN.1 one of the first notations to be developed and widely deployed n Its use has spread to almost all ITU-T Study Groups n A major platform for the systems design and testing methodologies of SG10

Study Group 7/17 ASN.1 Development of encoding notations (1) Diagrams of bits and bytes - e.g. IPv4 (The earliest approach, simple and clear, but focusing totally on the bits-on-the-line.) Tool support not possible - but see ECN discussion later.

Study Group 7/17 ASN.1 Development of encoding concepts (2) n Each parameter has Parameter ID (or type), length, value n Tables list each parameter: Tabular Notation Tool support not possible - but see ECN discussion later.

Study Group 7/17 ASN.1 Problems solved by TLV encodings n Variable length fields n Optionality n Permits random order n Supports alternatives n Generalises to arbitrary depth n Provides “extensibility” easily

Study Group 7/17 ASN.1 Abstract syntax notation (ASN.1) n The first attempt to hide encoding details n Easily understood by domain experts n Readily understood by programmers used to data-type definitions n Easily converted to language structures for implementation n Supports “extensibility”, even with very compact encodings

Study Group 7/17 ASN.1 ASN.1 - A Superb Notation, its Number One! But there are other interpretations!

Study Group 7/17 ASN.1 A brief advert: Penetration of ASN.1 n Telecommunications, including 3GPP mobile phones n Multimedia standards n Security-related systems, including smart-cards and certificates - the basis for e-commerce n Embedded systems communications n Air traffic control n Many, many others

Study Group 7/17 ASN.1 Key features of ASN.1 today n Platform and language independent n Tools support C, C++, Java implementations n Proven technology, widely used n Permits rapid development of error free implementations through tools n Can provide extremely compact but extensible representations when necessary

Study Group 7/17 ASN.1 Canonical encodings n Reduce decoder size n Reduce testing costs n Remove side-channel vulnerabilities n Not easy to specify in the general case (ASN.1 has 15 years experience) n Essential for most security and digital signature work n Are a Good Thing

Study Group 7/17 ASN.1 Text-based communication (defined using BNF) n Easily displayed and debugged n Tools are generic and often free n Not easily related to data structures n Verbose n Does not scale well to complex structures - ignore it

Study Group 7/17 ASN.1 XML mark-up n The new boy on the block, but very important n Offers a lot of integration potential n Even more verbose, so of limited application at present (schema definition also verbose - see later) n Generic tools (eg browser support) exist n DTD and schema definition fairly obscure n Attracting a lot of attention and interest

Study Group 7/17 ASN.1 Use ASN.1 to define your schema. Use XML to define your abstract syntax.

Study Group 7/17 ASN.1 Abstract syntax and schemas n Just two words for the same thing? n Do we need to map between ASN.1 type definitions and XML schemas (or DTDs)? n Can XML mark-up directly support ASN.1 schemas? n Can Packed Encoding Rules directly support XML abstract syntax definitions? Just some of the issues addressed by current work

Study Group 7/17 ASN.1 Why a linkage between ASN.1 and XML? n Benefits of a closer integration of XML schema specification languages and of tools for protocol implementation n Browser support to display ASN.1 values n Very compact encodings become available for XML n Exploits the very real advantages of both

Study Group 7/17 ASN.1 ASN.1 XML Value Notation n The first of several steps to integrate ASN.1 and XML n ASN.1 values can be displayed or input in XML format n XML Value Notation provides an XML Encoding Rule specification n UTF8 encoding of the XML Value to be transferred

Study Group 7/17 ASN.1 ASN.1 XML Value Notation Example (1) ASN.1 Schema definition Invoice ::= SEQUENCE { numberINTEGER, nameUTF8String, detailsSEQUENCE OF LineItem, chargeREAL, authenticatorBIT STRING} LineItem ::= SEQUENCE { part-noINTEGER, quantityINTEGER }

Study Group 7/17 ASN.1 ASN.1 XML Value Notation Example (2) XML Schema definition - part only! <xsd:element <xsd:element name="part-no" type="xsd:number"/> name="part-no" type="xsd:number"/> <xsd:element <xsd:element name="quantity" type="xsd:number"/> name="quantity" type="xsd:number"/> </xsd:complexType>Compare: LineItem ::= SEQUENCE { part-noINTEGER, quantityINTEGER }

Study Group 7/17 ASN.1 ASN.1 XML Value Notation Example (3) this-invoice ::= <Invoice><number>32950</number> funny-name with < funny-name with < <details><Line-item><part-no>296</part-no><quantity>2</quantity></Line-item>Cont

Study Group 7/17 ASN.1 ASN.1 XML Value Notation Example (4) Continued Continuation <part-no>4793</part-no><quantity>74</quantity> <charge>397.65</charge> EFF8 E F </authenticator></Invoice>

Study Group 7/17 ASN.1 Legacy protocols won’t die! n Tools (and staff training) investments lead to new protocols being defined in the same way as old ones, using the same encoding techniques n Need to re-define with new schema languages (eg ASN.1!), but retain the bits- on-the-line n Requires an Encoding Control Notation Just some of the issues under current discussion

Study Group 7/17 ASN.1 Encoding Control Notation n The most recent area of ASN.1 work n Aims to provide a common notation, common tools, for all protocols n Any notation to support this goal needs flexibility and has to include a notation for defining encodings n The addition of ECN to ASN.1 makes it very powerful in this area

Study Group 7/17 ASN.1 Bluetooth Service Discovery Protocol in ASN.1 bluetooth-tag-encoding #TAG ::= {ENCODING SPACE SIZE 8 EXHIBITS HANDLE “Bluetooth tag” AT {0..7} EXHIBITS HANDLE “Bluetooth tag” AT {0..7}length-delimited-repetition { } #REPETITION ::= {ENCODING{REPETITION-SPACE SIZE variable-with-determinant SIZE variable-with-determinant MULTIPLE OF octet MULTIPLE OF octet USING length } } USING length } }

Study Group 7/17 ASN.1 The scene today (1) n ASN.1, XML, TTCN, SDL, ECN, IDL, SIP, CORBA, etc etc plus various data dictionaries n Some near-integration (eg ASN.1, TTCN, SDL, and now XML) n Some similar functions, many differences n Some notations are rich in some areas, few are rich in all areas. n Schema mappings difficult

Study Group 7/17 ASN.1 The scene today (2) The scene today (2) n Still a large divide between: –Definitions of objects for storage (databases) and for communication (and of associated meta-data) –Things that work for large systems and things that work for embedded and small systems –Scalability between high-bandwidth comms and low-bandwidth air interfaces –Definition of semantics, of rules of procedure, of syntax, and of encodings

Study Group 7/17 ASN.1 But ASN.1 addresses most of these problems It provides solutions that are both machine and human friendly.

Study Group 7/17 ASN.1 It provides canonical encodings (CXER and the compact Canonical-PER)

Study Group 7/17 ASN.1 It provides full extensibility support for all encodings (including XER and CXER)

Study Group 7/17 ASN.1 Can you ask for more? THE END