Upload
samara
View
75
Download
2
Tags:
Embed Size (px)
DESCRIPTION
Security By Design. Scott A. Vanstone V.P. Cryptographic Research Research in Motion Distinguished Professor Emeritus University of Waterloo. Security by Design. When designing a new telecommunications system it is prudent to make security a fundamental part of the design process. - PowerPoint PPT Presentation
Citation preview
Security By Design
Scott A. VanstoneV.P. Cryptographic Research
Research in MotionDistinguished Professor Emeritus
University of Waterloo
Security by Design
When designing a new telecommunications system it is prudent to make security a fundamental part of the design process.
Geneva, 6-7 December 2010 3Addressing security challenges on a global scale
What is Cryptography?
• Cryptography is the study of mathematical techniques related to aspects of information security such as:
– confidentiality– data integrity– entity authentication – data origin authentication
Geneva, 6-7 December 2010 4Addressing security challenges on a global scale
What is Cryptography (2)
• Cryptography plays a fundamental role in securing information based systems.
• Often cryptography (and security in general) is an afterthought and as such it is bolted on after the overall system has been completed.
Geneva, 6-7 December 2010 5Addressing security challenges on a global scale
Think of the Postal Analogue
• You put a letter in an envelope to maintain the integrity of the information in the letter and keep the letter from prying eyes (integrity and encryption).
• You put your address in the upper left corner of the envelope to authenticate the sender which is you (authentication).
• You sign the letter so that at a later date you cannot say you did not send it.
6Addressing security challenges on a global scale Geneva, 6-7 December 2010
The Digital World
• We want to mimic all of these services but electronically.
• This has been done and done more securely and efficiently than postal mail.
• It is all due to the advent of something called “public-key cryptography”.
• Canada is and continues to be a leader in this field.
7Addressing security challenges on a global scale Geneva, 6-7 December 2010
Symmetric-Key Cryptography
• Communicating parties a priori share secret information.
8Addressing security challenges on a global scale Geneva, 6-7 December 2010
secure channel
Eve
Alice Bobunsecured channel
Public-Key Cryptography
• Communicating parties a priori share authentic information.
9Addressing security challenges on a global scale Geneva, 6-7 December 2010
authentic channel
Eve
Alice Bobunsecured channel
Symmetric-Key vs Public-Key
• Symmetric-Key has been used for thousands of years.
• Public-Key is relatively new dating from 1976.
• Public-key cryptography is based on hard mathematical problems.
10Addressing security challenges on a global scale Geneva, 6-7 December 2010
Why Symmetric-Key?
• Typically very fast for bulk encryption (confidentiality).
• The Advanced Encryption Standard (AES) is well accepted as a superior algorithm for symmetric-key.
11Addressing security challenges on a global scale Geneva, 6-7 December 2010
Disadvantages of Symmetric Key
• Key management can be a serious problem.
• Non-repudiation (digital signature) is very difficult to realize.
12Addressing security challenges on a global scale Geneva, 6-7 December 2010
Why Public-Key?
• One disadvantage of symmetric-key cryptography is key management.
• Public-Key provides an efficient method to distribute keys.
• Public-key offers a very efficient way to provide non-repudiation. This is one of the great strengths of public-key.
13Addressing security challenges on a global scale Geneva, 6-7 December 2010
Disadvantages of Public-Key
• Public-key operations require intense mathematical calculations.
• They can be thousands of times slower to encrypt data than a well designed symmetric-key scheme.
14Addressing security challenges on a global scale Geneva, 6-7 December 2010
Hybrid Schemes
• Use symmetric-key schemes to do bulk encryption.
• Use public-key techniques to pass keys so that key management is not a problem.
15Addressing security challenges on a global scale Geneva, 6-7 December 2010
Digital Signatures
• One of the truly great technologies that public-key cryptography can provide.
• Handwritten signatures are fixed to the message but not an integral part of the message.
• Digital signatures combine the message and private information of the signer.
16Addressing security challenges on a global scale Geneva, 6-7 December 2010
Why Elliptic Curve Cryptography (ECC)?
• Most security per bit of any known public-key scheme
• Ideally suited to constrained environments– Computationally efficient– Bandwidth efficient– Battery efficient
• Well studied• Standardized in relevant influential
international standards17Addressing security challenges on a global scale Geneva, 6-7 December 2010
Elliptic Curve: y2=x3+ax+b
18Addressing security challenges on a global scale Geneva, 6-7 December 2010
y y x x
y y
x x
1 1
2 1
2 1
slope
( )
Suite B
Purpose Algorithm Unclassified Classified
Encryption AES 128 bit key 256 bit key
Signatures ECDSA 256 bit curve 384 bit curve
Key Exchange ECDH or ECMQV 256 bit curve 384 bit curve
Hashing SHA SHA-256 SHA-384
19
Suite E for Embedded Systems
Purpose Algorithm Unclassified
Encryption AES 128 bit key
Signatures ECDSA 283 bit curve
Key Exchange ECDH or ECMQV 283 bit curve
Hashing SHA SHA-256
Geneva, 6-7 December 2010 20Addressing security challenges on a global scale
Examples of Security by Design
• XM Radio
• Blackberry
Geneva, 6-7 December 2010 21Addressing security challenges on a global scale
XM Radio
• XM Radio delivers digital radio to most of North America.
• XM approached Certicom in the late 90s to design security into the system from the ground up.
Geneva, 6-7 December 2010 22Addressing security challenges on a global scale
BlackBerry
• RIM built security in from the beginning.
• Suite B was running on the device even before the NSA endorsement in 2003.
Geneva, 6-7 December 2010 23Addressing security challenges on a global scale
Conclusion
• There is good security available.
• The simple but often forgotten message is:– Design security into the system from the
beginning.– Think the design through careful so that you meet
your objectives.
Geneva, 6-7 December 2010 24Addressing security challenges on a global scale