Presentation is loading. Please wait.

Presentation is loading. Please wait.

N1102 ISO/IEC JTC1/SC25 WG1 Chitose Outline of Revised Security Services for Networked Appliances Part II: Secure Communication Middleware Protocol Yasuyuki.

Published byRobert Henderson Modified over 9 years ago

Similar presentations

Presentation on theme: "N1102 ISO/IEC JTC1/SC25 WG1 Chitose Outline of Revised Security Services for Networked Appliances Part II: Secure Communication Middleware Protocol Yasuyuki."— Presentation transcript:

1 N1102 ISO/IEC JTC1/SC25 WG1 Chitose Outline of Revised Security Services for Networked Appliances Part II: Secure Communication Middleware Protocol Yasuyuki Shintani ECHONET TM Consortium 22 June 2004

2 ISO/IEC JTC1/SC25 WG1 Chitose Remaining Issues? Comments on York Town meeting. 1.Technical resolution is needed for "Key update function" for the comment from Tom Schmidt. 2.Definition of "Key Setting Node" is needed. Document N1078, that was submitted on Yorktown meeting, already has definition of "Key Setting Node “. 3.Deference between IPsec and ECHONET Security. ECHONET security focuses small footprint device. ECHONET security is for security communications between devices within home. Key Setting is relatively easier comparing the security communications between INTERNET Server and device within home.

3 ISO/IEC JTC1/SC25 WG1 Chitose A comment for “Key update function” A comment is originally from Mr. Tom Schmidt The spec talks about changing the key, and makes provision to accommodate devices that are currently off line. Using the current common key to protect distribution of the new key is dangerous. If the attacker has successfully compromised the system the value of the current key is known and offers no protection of the new key. Ideally the system needs to limit damage if one or more devices are compromised.

4 ISO/IEC JTC1/SC25 WG1 Chitose Technical resolution for "Key update function" We employed AES as our cipher algorithm, and the security strength is strong enough. Then "key update" function is not mandatory. However, someone worries about the security risk, We recommend householders to perform “key update" periodically using the following methods: a.Manually key update: same method as “8.1 Key initialization” (using serial key) b.Automatic key update: using DH.

5 N1102 ISO/IEC JTC1/SC25 WG1 Chitose Automatic key update Using DH (Diffie-Hellman)

6 ISO/IEC JTC1/SC25 WG1 Chitose Automatic key update: using DH Key update function is optional. On AES' 128-bit strength, if there exists a method capable of recovering a DES key in one second (though in fact "DES Crackers" usually take a few hours to recover a DES key), it would still require 149 trillion years to crack a 128-bit AES key, which is rather insurmountable from the viewpoint of today's technologies. However, the security strength could not completely depend on the strength of algorithm used, but may be subject to human frailties. In this case, It is recommended to perform “ key update ” operations periodically to avoid any possible security risk. Automatic key update function is provided for high security demand.

7 ISO/IEC JTC1/SC25 WG1 Chitose Introduction of DH algorithm DH allows two users to exchange a secret key over an insecure medium without any prior secrets. Alice and Bob agree on public number g and prime number p. Alice chooses secret value x. Bob chooses secret value y. Alice generates a public value (Za) -> Za = g X mod p. Alice sends the Za to Bob Alice calculates the shared secret key K (K = Zb X mod p) to communicate with Bob. Bob calculates the shared secret key K (K = Za y mod p) to communicate with Alice. Bob generates a public value (Zb) -> Zb = g y mod p. Bob sends the Zb to Alice

8 ISO/IEC JTC1/SC25 WG1 Chitose Introducing DH to Key Update

9 N1102 ISO/IEC JTC1/SC25 WG1 Chitose Summary

10 ISO/IEC JTC1/SC25 WG1 Chitose Summary of Security Work Security for internal/external and IP/non-IP based devices. In N1077 document which titled “Security Services for Networked Appliances - Part I: Security Requirements”, we explain home network security requirements that may come from inside or outside home. In N1078/N1101 document which titled “Security Services for Networked Appliances - Part II: Secure Communication Middleware Protocol”, Security for internal and non-IP based devices are described. In N1014 which titled “Security Services for the Home Network” by Mr. Steven Ungar, security for external/internal and IP based devices are described. Remaining issues about security work are already resolved. 1.Technical resolution is needed for "Key update function“. 2.Definition of "Key Setting Node" is needed. 3.Deference between IPsec and ECHONET Security.

11 N1102 ISO/IEC JTC1/SC25 WG1 Chitose Appendix

12 ISO/IEC JTC1/SC25 WG1 Chitose Comparison between “Old Key Update Method” and “New Key Update Method” Old Key Update Method:Using Old Key for Updating Key New Key Update Method:Using DH for Update Key Key Update Old Method New Method Key Update x x 1 st Key is compromised Key Update is intercepted x 2 nd Key is compromised Key Update is intercepted x 1 st Key is compromised Key Update is intercepted Protected 2 nd Key is compromised Key Update is intercepted Protected 1 st Key Generation2 nd Key Generation3 rd Key Generation

13 ISO/IEC JTC1/SC25 WG1 Chitose IKE uses DH for key exchange DH key exchange InitiatorResponder Initiator computes the shared secret key according to Pr. Initiator transits the SAi (SAi states that initiator supports cryptographic algorithms) to Responder. Responder responses the SAr (SAr states that responder selects cryptographic algorithm) to Initiator. SAi SAr Initiator generates the DH public value (Pi) and transits DH public value to responder. Responder generates the DH public value (Pr) and transits DH public value to initiator. Pi Pr Responder computes the shared secret key according to Pi. Initiator uses pre-shared key, DH public values (Pi, Pr), and initiator identification to generate the hash value (HASHi). Responder uses pre-shared key, DH public values (Pi, Pr), and initiator identification to authenticate the hash value (HASHi). Moreover, using pre- shared key, DH public values (Pi, Pr), and responder identification generates the hash value (HASHr). Initiator uses pre-shared key, DH public values (Pi, Pr), and responder identification to authenticate the hash value (HASHr). HASHi HASHr

14 ISO/IEC JTC1/SC25 WG1 Chitose The common public values of DH Public number (g)Prime number (p) - hexadecimal value A2FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A63A3620 FFFFFFFF FFFFFFFF B2FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 FFFFFFFF

15 ISO/IEC JTC1/SC25 WG1 Chitose Application of DH algorithm The Diffie-Hellman key exchange is used by security protocols to provide secret key exchange while communicating on a network such as:  Secure Socket Layer (SSL)  Secure Shell (SSH)  Internet Key Exchange (IKE)  Transport Layer Security (TLS)

Download ppt "N1102 ISO/IEC JTC1/SC25 WG1 Chitose Outline of Revised Security Services for Networked Appliances Part II: Secure Communication Middleware Protocol Yasuyuki."

Similar presentations

The Diffie-Hellman Algorithm

The Diffie-Hellman Algorithm
Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.

Security and Privacy over the Internet Chan Hing Wing, Anthony Mphil Yr. 1, CSE, CUHK Oct 19, 1998.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.

Internet and Intranet Protocols and Applications Lecture 9a: Secure Sockets Layer (SSL) March, 2004 Arthur Goldberg Computer Science Department New York.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Security S-72.3240 Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.

Security S Wireless Personal, Local, Metropolitan, and Wide Area Networks1 Contents Security requirements Public key cryptography Key agreement/transport.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
Computer Networking Revision Dr Sandra I. Woolley.

Computer Networking Revision Dr Sandra I. Woolley.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.

Lesson 12 Cryptography for E-Commerce. Approaches to Network Security Separate Security Protocol--SSL Application-Specific Security--SHTTP Security with.
TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.
UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.

UCB Security Jean Walrand EECS. UCB Outline Threats Cryptography Basic Mechanisms Secret Key Public Key Hashing Security Systems Integrity Key Management.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
The Diffie-Hellman Algorithm Riley Lochridge April 11, 2003.

The Diffie-Hellman Algorithm Riley Lochridge April 11, 2003.
TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.

TCP/IP Protocol Suite 1 Chapter 28 Upon completion you will be able to: Security Differentiate between two categories of cryptography schemes Understand.
Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.

Network Security. Contents Security Requirements and Attacks Confidentiality with Conventional Encryption Message Authentication and Hash Functions Public-Key.
Dan Boneh Basic key exchange The Diffie-Hellman protocol Online Cryptography Course Dan Boneh.

Dan Boneh Basic key exchange The Diffie-Hellman protocol Online Cryptography Course Dan Boneh.
Diffie-Hellman Key Exchange

Diffie-Hellman Key Exchange

Similar presentations

Ads by Google