• No results found

Using BroadSAFE TM Technology 07/18/05

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "Using BroadSAFE TM Technology 07/18/05"

Copied!
12
0
0

Loading.... (view fulltext now)

Download now ( 12 Page )

Full text

(1)

Using BroadSAFE

TM

Technology

07/18/05

(2)

Layers of a Security System

Security System Data Encryption Key Negotiation Authentication

All security systems start with root level key

(Cryptographic Identity)

Once root is compromised, all subsequent layers of security are compromised Identity

(3)

Deployment of Technology

Stateless Key Management Client (

μHSM)

Standalone for “strong device authentication”

Network connected devices

Key Management flexibility with low system cost impact

Client / Server Key Management Model

Trusted Platform Module (TPM)

Standalone key management capability (peer to peer)

Standards based solution

(4)

BroadSAFE Security

BroadSAFE Hardware Security Technology

Tamper resistant hardware for key storage

Standard CMOS processing provides integration capability

Private key generation internal to device (internal True Random Number Generator)

Deployed Now

Existing switching products

Existing networking VoIP Devices

Interoperates with TPM architecture (v1.1b and v1.2)

BroadSAFE Flexibility

Interoperable with security standards (IPsec, SSL, TLS, SRTP, SIP, 802.1x, etc.)

Open / Standards Based Key Management Interface

(5)

Unique DSA Key Pair

DSA Key Generation

Simple key generation based on internal generated random number

160 bit key is random number processed per FIPS186-2

Unique per device

Key generation time in uSec versus several minutes for RSA of equivalent strength

Modulus and Generator values can be well known (stored in ROM versus NVM)

NVM requirements ONLY 160 bits for DSA Key

DSA Key Pair Creation

Done during device manufacture

No programming required at OEM or end user

Certificate can be issued to travel with device

Public value can be stored outside the security boundary

Private key is only used to sign data within hardware security boundary

Private key is never exposed

(6)

Manufacturing Flow

Device Programming

Blank Packaged

DCFG

DAUTH= HMAC-SHA1(KCR-PUB)

Device

Registration KDI-PUB

Registered Device KDI-PRIV, KAES, KHMAC, DCFG, DAUTH

{KDI-PUB}KW-PRIV Warranty Server (WS) KW-PRIV Protected Environment Programmed Device KDI-PRIV, KAES, KHMAC, DCFG, DAUTH

DSA Public Key (KDI-PUB) signed by manufacturer to generate certificate DSA Private key (KDI-PRIV)

generated in protected security hardware (never exposed,

unknown to manufacture)

(7)

Simple Strong Authentication

System NVM

Request Certific ate

Submit Device Certificate

Authenticator

Send random cha llenge

μHSM Public Key (KDI-PUB) Signed by Manufacturer

Private key (KW-PRIV)

Authenticator verifies signature using the manufacturer public key (KW-PUB).

Establishes that the public key of this module

KDI-PUBis certified by the manufacturer.

μHSM signs challenge using private identity

key (KDI-PRIV) Send signe

d challenge

Authenticator verifies signed challenge using certified public key (KDI-PUB).

Establishes that this particular device holds the private key KDI-PRIV that corresponds to the certified public key KDI-PUB.

Authenticating the manufacturer of the module.

Communication Path (non-secure)

Authenticator generates a challenge (unique random 160 bit number).

NOTE: Every device contains a unique KDI-PRIVand corresponding KDI-PUB

Device

(8)

BroadSAFE

TM

Key Protection

Keys must be protected in Hardware

Key material is the target of attack

Aggregation of key material increases the value / risk of attack

Key management aggregates key material

Key generation

Key backup

Key policy

Key value goes up over time

Software almost impossible to make secure across all platforms(Microsoft, Linux, IOS, etc.)

Hardware key protection for about the same cost as software

BroadSAFE Automated Hardware Key Management System

Integration of strong hardware key protection into client devices

(9)

Key Management

Cryptography necessitates key management

Handling of cryptographic keys in your system

Have you locked the door and left the key under the mat?

Key Handling

Generation of keys

Set capabilities and security limits of keys (policy)Implement key backup and recovery

Prepare keys for storage

Key revocation and destructionMultiple layers of security

Authorized Key Usage

Smart-card K of N access control

Key linked to particular user / application / etc.

Secure Audit Logs

Tracking key usage to provide audit trailLiability protection

Certified Security

FIPS140-2 Level 3 Security

(10)

Key Delivery

Strong device authentication

Established as part of generating a session with authenticator

Key Delivery

Ephemeral DH session can be used to deliver device keys

Secure tunnel for key delivery to

μHSM

Security Protocol Agnostic

Any security protocol that uses Public Key Technology

Protection of device, system, user identity

(11)

μHSM

Security Applications

Asymmetric

Public Key Algorithms

(DSA, RSA, DH) Private Key(s) Key Exchange Protocols (IKE, SSL/TLS Handshake) Data In Data Out Communication Peer Key Exchange Symmetric Algorithm (3DES, AES, HMAC-SHA1) Clear Data Encrypted Data Key Management Interface (strong authentication) Session Key

(12)

BroadSAFE System

Strong Cryptographic Authentication

“who you are” versus “who you say you are”

Unique embedded “private key identity” for each device

Hardware Protection of Certificates and Keys

Identity is never compromised

Key material never leaves the tamper resistant hardware in clear text

FIPS140-2 Level 2 and Level 3 Solutions Available

Basis for any standard cryptographic security system (IPsec, SSL, TLS, etc.)

Secure Management

Encrypted and authenticated Management traffic

Automated policy and key updates

Upgrade functions cryptographically in hardware after the device has been deployed

References

Download now ( PDF - 12 Page - 114.00 KB )

Related documents

Essbase Coding Standards

Load Rule: Raw data from an ASCII text file, Microsoft Excel, or from an RDBMS database will be loaded into your Essbase cube using Essbase rules file objects.. Essbase objects

3D Input Format Requirements for DLP Projectors using the new DDP4421/DDP4422 System Controller ASIC. Version 1.3, March 2 nd 2012

It traditionally does not support a method of identifying the left/right input frame reference to the DLP® projector which can cause problems with displaying the eye data in the

Business Models: A Unit of Analysis for Company Performance

AWK Airwork Holdings Limited Human Landlord Contractor BGR Briscoe Group Physical Distributor Wholesaler

Exploring the utility of the Multidimensional State Boredom Scale.

691 The current study presents further validation of the Multidi- 692 mensional State Boredom Scale in hopes of inspiring future 693 research on state boredom: across two

Environmental Awareness Think Global, Act Local

Questions: Fact Sheet 1: Hazardous Substances and Hazardous Waste Environmental Awareness — Think Global, Act Local.. Denise Michaelsen and Carol Mutchler, CDC’s 2008

TAKING FESTIVAL EVENTS ONLINE BY CARDIFF ANIMATION FESTIVAL

Ask the workshop leader to include information in the workshop video about how they will interact with participants (e.g. in the Youtube Live chat & on social media). Put

Dissecting the genetics of Inflammatory Bowel Disease

Blocks of conserved LD are areas of reduced haplotype diversity while steps represent LD breakdown most likely due to recombination as cross-over profiles agree with LDU

Development Aid: A Perspective on the World Bank Performance Calculating the Social Return on Investment for the Least Developed

 After adjustment of partial-NPVs via the corresponding project remaining capital and recurring costs the average NPVs come down to -24 and -22 Mio USD using