Aeronautical Information Sec ATN Conference September 24 -25 2002 Honeywell Advanced Systems Technology Group 7000 Columbia Gateway Drive Columbia, MD 21046
Agenda • What is Information Security • Overview of Cryptography • ATN Security • Secure ACARS Aeronautical Information Security 2002 ATN Conference, London UK 2
What is Information Security? Information security is concerned with providing: • Confidentiality, • Authentication, • Integrity, and • Availability of data (during both storage and communication). Aeronautical Information Security 2002 ATN Conference, London UK 3
Critical Considerations for Aeronautical INFOSEC • Thorough Vulnerability analysis to identify relevant risks • Bandwidth and computation constraints • Standardization – use of proven security solutions • Cost of implementation, deployment and maintenance Aeronautical Information Security 2002 ATN Conference, London UK 4
Vulnerability and Risk Analysis Privacy Authentication Monitoring Spoofing Integrity Data Corruption Modification Aeronautical Information Security 2002 ATN Conference, London UK Viruses Virus 5
Overview of Cryptography Aeronautical Information Security 2002 ATN Conference, London UK 6
![Overview of Cryptography [1/5] Encryption Symmetric Cryptography – a. k. a. , Secret Key](https://present5.com/presentation/fdb4bb7c0ea24935b99724466564223e/image-7.jpg "Overview of Cryptography [1/5] Encryption Symmetric Cryptography – a. k. a. , Secret Key")
Overview of Cryptography [1/5] Encryption Symmetric Cryptography – a. k. a. , Secret Key Cryptography – A single shared secret key – ( ) is used to both encrypt and decrypt a message Common algorithms Alice Encrypt w DES, Triple-DES, IDEA, AES – Strengths w Excellent performance (fast) w Very strong security Decrypt Bob – Weaknesses w Secret key management requires sending and receiving parties to obtain shared secret key via secure means w Not practical for digital signing or authentication w Scalability Aeronautical Information Security 2002 ATN Conference, London UK 7
![Overview of Cryptography [2/5] Encryption Asymmetric Cryptography – a. k. a. , Public Key](https://present5.com/presentation/fdb4bb7c0ea24935b99724466564223e/image-8.jpg "Overview of Cryptography [2/5] Encryption Asymmetric Cryptography – a. k. a. , Public Key")
Overview of Cryptography [2/5] Encryption Asymmetric Cryptography – a. k. a. , Public Key Cryptography – Keys come in pairs -- one private ( ), one public ( ) Alice Bob Encrypt w Operation “done” with one key is “undone” with other Bob – Common algorithms w RSA, DSA, ECC – Strengths w Minimizes exposure of keys – Only public keys are shared – Knowing public key provides no information about private key w Enables digital signatures – Weaknesses Decrypt Digital Signature Alice Sign w Computationally slow compared to symmetric key w Requires “trust” in public keys + Alice Bob + Aeronautical Information Security 2002 ATN Conference, London UK Verify 8
![Overview of Cryptography [3/5] Hybrid Cryptography – Takes advantage of symmetric and asymmetric strengths](https://present5.com/presentation/fdb4bb7c0ea24935b99724466564223e/image-9.jpg "Overview of Cryptography [3/5] Hybrid Cryptography – Takes advantage of symmetric and asymmetric strengths")
Overview of Cryptography [3/5] Hybrid Cryptography – Takes advantage of symmetric and asymmetric strengths – Encrypt messages using high performance symmetric algorithms – Securely manage message encryption keys and digitally sign messages using slower asymmetric algorithms Alice Encrypt Bob Encrypt Alice ication thent and Au ntiality e Confid Alice Hash & Verify Aeronautical Information Security 2002 ATN Conference, London UK ity ial ent fid Con Hash & Sign Note: is a public key certificate which contains Alice’s public key signed by a trusted Certificate Authority (CA). nly O Bob Decrypt 9
![Overview of Cryptography [4/5] Session Key Derivation – Shared secret key is derived independently](https://present5.com/presentation/fdb4bb7c0ea24935b99724466564223e/image-10.jpg "Overview of Cryptography [4/5] Session Key Derivation – Shared secret key is derived independently")
Overview of Cryptography [4/5] Session Key Derivation – Shared secret key is derived independently from parameters that are – – Alice exchanged in the open Mathematical properties ensure that session keys generated independently by both parties are identical Conserves system resources Alice Bob Sign Verify Alice Note: Alice and Bob derives the session key from parameters exchanged between them, their respective addresses, and their public/private key pairs. Alice Aeronautical Information Security 2002 ATN Conference, London UK Note: is a public key certificate which contains Alice’s public key signed by a trusted Certificate Authority (CA). Note: Alice generates some session Parameters and sends them to Bob. Her signature ensures authenticity. Derive Key TAG HMAC Bob 10
![Overview of Cryptography [5/5] Basic Contents of a Public Key Certificate Distinguished Name: cn=](https://present5.com/presentation/fdb4bb7c0ea24935b99724466564223e/image-11.jpg "Overview of Cryptography [5/5] Basic Contents of a Public Key Certificate Distinguished Name: cn=")
Overview of Cryptography [5/5] Basic Contents of a Public Key Certificate Distinguished Name: cn= Identifier ou= ATN-Aircraft o= Honeywell c= US Serial No. : 12345678 Valid Not Before: Date/Time Valid Not After: Date/Time Public Key: Key Usage: Signing Issuing CA Distinguished Name: cn= ‘State’-CA ou= ATN o= Honeywell c= US Aeronautical Information Security 2002 ATN Conference, London UK Unique name of public key owner Unique public key certificate number Certificate validity dates Public key Key Usage (signing or encryption) Name of certificate issuer Certificate issuer’s digital signature 11
ATN Security Aeronautical Information Security 2002 ATN Conference, London UK 12
Security in ATN • Risk analysis performed by Eurocontrol has identified the following threats: – Masquerade/modification/replay of air-ground application communications. Denial of service by flooding ground IDRP databases. – • Airlines desire to ensure the confidentiality of operational data. • ATN SARPs (Edition 3) provides the following security services: – Authentication and integrity of air-ground applications. – Authentication and integrity of IDRP communications. – Supporting Public Key Infrastructure (PKI). • ATNP WG-B/Sub-Group 3 is enhancing the ATN SARPs to add confidentiality services Aeronautical Information Security 2002 ATN Conference, London UK 13
ATN Security Solution • Uses both symmetric & public-key cryptography. • Based on ISO Generic Upper Layer Security (GULS) standard. • Mutual authentication during initial CM contact is provided by Elliptic Curve Digital Signature Algorithm (ECDSA). • Initial CM contact also establishes shared public value using (EC Diffie-Hellman) • Required public keys of applications are delivered to aircraft during initial CMA exchange. • Application (and location) specific session keys derived by applications from their key pairs and shared public value. • Subsequent application communications secured by Hashed Message Authentication Code (HMAC) under session key • Message Counter and source included to prevent replay. Aeronautical Information Security 2002 ATN Conference, London UK 14
Secure Session Establishment Process Aeronautical Information Security 2002 ATN Conference, London UK 15
ATN PKI • Major components: Certificate Authorities (CA) and Certificate Delivery Services. • Each State is required to establish and maintain a CA and Delivery Services. • Aircraft operators may maintain subordinate CAs. • CAs issue X. 509 certificates and CRLs. • Sharing of CAs among States is recommended to reduce cross certification. • Delivery Services deliver certificates and CRLs to ATN entities. Aeronautical Information Security 2002 ATN Conference, London UK 16
Relationship of ATN CAs State CA AOE CAs Aircraft CMAs Aeronautical Information Security 2002 ATN Conference, London UK State CA Ground CMA Ground Apps State CA Ground Routers Aircraft Routers 17
Certificate Delivery Services • May use X. 500 directories for automated certificate delivery. • Ground scenarios: – All applications and routers have directory access. – CMA has directory access and provides certificates and – CRLs as needed to other applications. Certificates may be cashed locally or pre-stored. • Air scenarios: – Short-lived certificates for CMA/routers sent to aircraft. – Certificate fields known by aircraft in advance not sent on – RF. Certificate reconstructed by aircraft before verification. CMA certificates may be pre-stored. Aeronautical Information Security 2002 ATN Conference, London UK 18
Secure ACARS Aeronautical Information Security 2002 ATN Conference, London UK 19
Secure ACARS Overview • US Air Force Dual Use Science and Technology (DUS&T) Program – Objective of DUS&T: Leverage Commercial Know-how, Investments, and Markets for Dual Commercial and Military Use – Cooperative Agreement Between Government and Contractor – 50/50 Cost Share between Honeywell and USAF • Phase 1: Extend ACARS protocol to support standard-based security solution – Honeywell, Columbia MD – Expected completion of laboratory prototype by 2/2003 Aeronautical Information Security 2002 ATN Conference, London UK 20
System Capabilities • Security Services – Authentication: Provide strong authentication of the terrestrial and airborne communicating peer entities – Data Integrity: Provide data integrity for the ACARS payload – Data Confidentiality: Provide data confidentiality for the ACARS payload • Migration to ATN – Implements cryptographic primitives, functions, and Public Key Infrastructure (PKI) specified in the ATN SARPs, Security Services (ICAO Doc 9705, SV 8) • Compatibility/Interoperability – Support full backward compatibility with the existing ACARS message traffic – – when operating in non-secure mode Permit the DSP to route ACARS security message traffic in the same manner as current non-secure message traffic Ensure media independence to facilitate operation over VHF, SATCOM or other future communication links • Data Compression to preserve ACARS bandwidth Aeronautical Information Security 2002 ATN Conference, London UK 21
Proposed Security Framework for ACARS Security Service Mechanism Cryptographic Algorithms S-ACARS ATN SARPs Confidentiality Encryption Key Management Key Exchange ECDSA FIPS-186 -2 HMAC-SHA-1 RFC 2104 SHA-1 FIPS-180 -1 AES FIPS-197 ECDH ANSI X 9. 63 PK Certificates ITU-T X. 509 Digital Signature Data Integrity / Authentication Message Authentication Hash ECDSA FIPS-186 -2 HMAC-SHA-1 RFC 2104 SHA-1 FIPS-180 -1 AES FIPS-197 ECDH ANSI X 9. 63 Notes ITU-T X. 509 Note 1 Note 2 Notes: 1. HMAC is published as FIPS-198, as of 6 Mar 2002. 2. Currently there is no FIPS for key exchange; however for Elliptic Curve Cryptosystems, ANSI X 9. 63 is likely to be the basis for FIPS. Standards-based, COTS-supported Security Framework Aeronautical Information Security 2002 ATN Conference, London UK 22
Secure ACARS Overhead Analysis Based on Proposed ACARS Security Framework • Session Establishment w Key Establishment w Downlink: ~ 60 bytes w Uplink: ~ 21 bytes • Data Exchange w Confidentiality, Data Authentication/Integrity Services w Down/Uplink: Single-block or Multi-block ACARS message + Security Overhead (7 bytes) • Session Termination w Data Authentication/Integrity – Explicit w Downlink: w Uplink: ~ 10 bytes w Down/Uplink: 0 bytes – Implicit Compression can negate overhead and achieve savings! Aeronautical Information Security 2002 ATN Conference, London UK 23
Contact Aloke Roy Honeywell International Phone #: +1 -410 -964 -7341, Fax #: +1 -410 -964 -7322 Email: aloke. roy@honeywell. com Aeronautical Information Security 2002 ATN Conference, London UK 24
www. honeywell. com
Скачать презентацию Aeronautical Information Sec ATN Conference September 24 -25
fdb4bb7c0ea24935b99724466564223e.ppt