international cryptography experiment* (ice)
TRANSCRIPT
INTERNATIONAL CRYPTOGRAPHYEXPERIMENT* (ICE)
David M. Balenson <[email protected]>Principal Computer Scientist
Trusted Information Systems, Inc.3060 Washington Road (Rt. 97)
Glenwood, MD 21738+1-301-854-5358; fax +1-301-854-5363
http://www.tis.com/
*Supported by DARPA under Contract #DABT 63-95-C00018
The Open Group - Security Program GroupJune 26, 1997
26-June-97 International Cryptography Experiment (ICE) Slide 2 of 25Building a World of Trust
Overview
• International Cryptography Experiment (ICE)– International “plug-and-play” cryptography
• TIS DARPA ICE Project– Layered security architecture & demo framework
– Secure E-mail CAPI demonstrations
• NSA CAPI program
• NIST Cryptographic Toolkit• KRISIS
• ESSRII
26-June-97 International Cryptography Experiment (ICE) Slide 3 of 25Building a World of Trust
International Cryptography
• Individuals, industry, and governments worldwide needcryptography to protect sensitive information
• Crypto modules must be user-selectable, system-supported, widespread, and internationally acceptable
• Governments worldwide want to maintain their prerogativesin controlling cryptography
• ICE calls for a collective international effort– To promote the international use of cryptography in common
computer software applications (i.e., word processors,electronic mail, database, etc.)
• In a manner that meets the needs of individuals andindustry and the desires of governments
26-June-97 International Cryptography Experiment (ICE) Slide 4 of 25Building a World of Trust
Embedded Cryptography
APPLICATION
EMBEDDEDCRYPTO MODULE
• Cryptography is directly embedded in application– Cryptography cannot be tailored by user– Export for general-purpose use prohibited
26-June-97 International Cryptography Experiment (ICE) Slide 5 of 25Building a World of Trust
“Plug-and-play” Cryptography
CRYPTO API (CAPI)
APPLICATION A APPLICATION B APPLICATION C
CRYPTOMODULE 1
CRYPTOMODULE 2
CRYPTOMODULE 3
• Crypto API (CAPI) separates applications from cryptography– Applications employ range of crypto modules/algorithms
– Crypto modules support range of applications
• Balance user, industry, and government needs– Varying protection requirements (military, govt, commercial, individual)
– Enables govt controls on crypto w/ minimal impact on applications
26-June-97 International Cryptography Experiment (ICE) Slide 6 of 25Building a World of Trust
International Cryptography Experiment (ICE)
• ICE is an informal international alliance ofindividuals, industry, and governments to:– Advance the general understanding of CAPIs and their
international use to promote “plug-and-play” crypto
– Promote the international development and use of CAPI-based applications and crypto modules
– Conduct experiments to demonstrate the flexible, cost-effective use of approved cryptographic modules incommon, exportable computer software applications(e.g., word processors, e-mail, and database systems)
26-June-97 International Cryptography Experiment (ICE) Slide 7 of 25Building a World of Trust
TIS DARPA ICE Project
• TIS DARPA ICE project:– Develop modular, removable, replaceable crypto-based
security components that are:• Commercially available
• Satisfy a wide range of protection needs
• ICE research is seeking to answer two questions:– Can an application using crypto-based security services
be separated from specific crypto implementations suchthat the application can easily use different alternatives?
– Can a single cryptographic implementation (token ormodule) support a range of security services &applications?
26-June-97 International Cryptography Experiment (ICE) Slide 8 of 25Building a World of Trust
Layered Security Architecture
SECURE APPLICATIONS
SECURITYMECHANISMS/PROTOCOLS
SECURITYSUPPORTSERVICES
CRYPTO MODULES/ALGORITHMS
SSAPI
Security Service API:
AuthenticationIntegrityConfidentialityNon-repudiationAccess-control
Connection-orientedStore-and-forward
SSSAPI Security SupportService API:
Key mgmt.Cert. mgmt.AuthenticationKey recoveryAuditLabellingCAPICrypto API:
HW tokens/boxesSW modules
26-June-97 International Cryptography Experiment (ICE) Slide 9 of 25Building a World of Trust
Demonstration Framework
Applications email WWW telnet/FTP
Securityservice APIs
TIS/MOSS API GSS-API IDUP-GSS-API SSPI
Securitypackages
Kerberos SPKM MOSS S/MIME PGP/MIME MSP SSL PCT
CAPIs CryptoAPI CSSM APICryptoki
Modules SoftwareTokens
Tokens Fortezza Lynks EES SmartcardsSmartDisk
Algorithms UKCapstoneFederalCommercial MultiNational
Key recovery TTPRecoverKeyEES
26-June-97 International Cryptography Experiment (ICE) Slide 10 of 25Building a World of Trust
Secure E-mail CAPI Demo Subset
Applications email
Securityservice APIs
TIS/MOSS API
Securitypackages
TIS/MOSS
CAPIs CryptoAPI Cryptoki
Modules SoftwareTokens
Tokens FortezzaSmartDisk
Algorithms CapstoneFederalCommercial
Key recovery RecoverKeyEES
26-June-97 International Cryptography Experiment (ICE) Slide 11 of 25Building a World of Trust
Secure E-mail CAPI Demo(Windows/NT and Windows 95)
• Qualcomm Eudora 3.0 E-mail package
• TIS/MOSS Secure E-mail software– Eudora “plug-in” using EMS-API and TIS/MOSS API
• Microsoft CryptoAPI 1.0– Internal RSA Labs Cryptoki interface
• Generic CryptoAPI-to-Cryptoki translator
– Cryptographic Service Providers (CSPs)• TIS Crypto SmartDisk CSP
• TIS Fortezza CSP
• TIS RecoverKey CSP
• Microsoft Enhanced CSP (w/o Cryptoki)
26-June-97 International Cryptography Experiment (ICE) Slide 12 of 25Building a World of Trust
Secure E-mail CAPI Demo(Windows/NT and Windows 95)
EUDORA E-MAIL PACKAGEEMS-API
TIS/MOSS APITIS/MOSS SECURE E-MAIL SOFTWARE
MicrosoftCryptoAPI 1.0
CRYPTOSMARTDISK
CRYPTOSMARTDISK
CSP
FORTEZZACARD
FORTEZZACSP
RECOVERKEYCSP
MICROSOFTENHANCED
CSP
RSA LabsCryptoki
Translator Translator Translator
26-June-97 International Cryptography Experiment (ICE) Slide 13 of 25Building a World of Trust
Secure E-mail CAPI Demo(Unix)
• Rand MH E-mail package• TIS/MOSS Secure E-mail software
– TIS/MOSS API
• TIS UNIX version of Microsoft CryptoAPI 1.0– Cryptographic Service Providers (CSPs)
• TIS Fortezza CSP
• TIS RSAREF CSP
26-June-97 International Cryptography Experiment (ICE) Slide 14 of 25Building a World of Trust
Secure E-mail CAPI Demo(Unix)
RAND MH E-MAIL PACKAGE
TIS/MOSS API
TIS/MOSS SECURE E-MAIL SOFTWAREMicrosoft
CryptoAPI 1.0TIS UNIX CRYPTOAPI
FORTEZZACARD
FORTEZZACSP
RSAREFCSP
26-June-97 International Cryptography Experiment (ICE) Slide 15 of 25Building a World of Trust
NSA CAPI Program
• Cross-organizational team assessment of CAPIs
• 1995 Recommendation– Examined Internet GSS-API/IDUP-GSS-API, X/Open
GCS-API, and RSA Labs Cryptoki
• 1996 Recommendation (2nd Edition)– Updated, expanded (more detailed analysis, examples),
and added Microsoft CryptoAPI– Adopt combinations of four widely accepted CAPIs
– Select high-level GSS-API whenever practical
• Implementation of recommendations
26-June-97 International Cryptography Experiment (ICE) Slide 16 of 25Building a World of Trust
NSA GSS-API Demo(Windows/NT)
• Interactive “chat” application• Simple Public Key Mechanism (SPKM)
– GSS-API interface• Context establishment calls
• Per-message calls
• No credential mgmt
• Microsoft CryptoAPI 1.0– Cryptographic Service Providers (CSPs)
• Microsoft Base CSP
• Fortezza CSP (forthcoming)
26-June-97 International Cryptography Experiment (ICE) Slide 17 of 25Building a World of Trust
NSA GSS-API Demo(Windows/NT)
INTERACTIVE “CHAT” PROGRAMGSS-API
SIMPLE PUBLIC KEY MECHANISMMicrosoft
CryptoAPI 1.0CRYPTO SERVICE PROVIDERS
MicrosoftBase CSP
FortezzaCSP
FORTEZZACARD
26-June-97 International Cryptography Experiment (ICE) Slide 18 of 25Building a World of Trust
NSA IDUP-GSS-API Demo(Windows/NT)
• Qualcomm Eudora 3.0 E-mail package
• TIS/MOSS & S/MIME Secure E-mail software– Eudora “plug-ins” using EMS-API and IDUP-GSS-API
• Credential mgmt, environment-level, and per-IDU (standard, SE,and EV) calls
– Added support for RSADSI S/MIME
• Microsoft CryptoAPI or Intel CSSM-API– Cryptographic Services
– Certificate Management Services
26-June-97 International Cryptography Experiment (ICE) Slide 19 of 25Building a World of Trust
NSA IDUP-GSS-API Demo(Windows/NT)
EUDORA E-MAIL PACKAGEEMS-API
IDUP-GSS-API-credential management
- environment-level- per-IDU (standard, SE, and EV)
TIS MOSS-S/MIMESECURE E-MAIL SOFTWARE
MicrosoftCryptoAPI or
Intel CSSM-APICrypto and
Certificate Management Services
FORTEZZACARD
FORTEZZAProvider
OtherProviders
26-June-97 International Cryptography Experiment (ICE) Slide 20 of 25Building a World of Trust
NIST Cryptographic Toolkit
• Goal of packaging & distributing standardFederal algorithms under consistent interface– Facilitate use of algorithm suite, standard API
• Initial implementation using GCS-API interface– Sample email application– Future WebSubmit (supercomputer job submission) app
• Plans to incorporate future standard algorithms– Advanced encryption standard (AES)
– Key exchange
• TIS to add CDSA interface (CSSM-API)
26-June-97 International Cryptography Experiment (ICE) Slide 21 of 25Building a World of Trust
Technology Transfer
• Ongoing coordination with– government agencies
• NSA, NIST, DARPA, UK MoD, …
– industry• Intel, Microsoft, RSA Labs, ...
• Promoting understanding & use of security APIs– TIS DARPA ICE Web page
• Conducting technical workshops– Fourth International ICE/CAPI Technical Workshop
• Held December 1996
– Fifth International ICE/CAPI Technical Workshop• To be held in Fall 1997?
26-June-97 International Cryptography Experiment (ICE) Slide 22 of 25Building a World of Trust
Key Recovery in Secure Information Systems(KRISIS)
• European study and pilot for confidentiality services– Sponsored by European Commission (EC)
– Participants include IABG (Germany), Bull (France), DERA (UK),Microsoft (UK), Phillips Crypto (The Netherlands), R3 SecurityEngineering (Switzerland), and TIS (UK)
• Derive architecture of commercially acceptable confidentialityservice for Europe fitting different legal frameworks of Europeancountries
– id major requirements for commercial confidentiality service– analyse number of proposed solutions
– pilot particular solution to gain practical experience– recommend future pan-Europe confidentiality services
• Pilot infrastructure– Based on TIS RecoverKeyTM technology– Establish key recovery centers in 5 different European countries
26-June-97 International Cryptography Experiment (ICE) Slide 23 of 25Building a World of Trust
ESSRI
• European Security Standards ReferenceImplementation Initiative– Proposal for action in Europe for international InfoSec
standards
– To be presented by Dr. Brian Gladman
26-June-97 International Cryptography Experiment (ICE) Slide 24 of 25Building a World of Trust
Conclusion
• If this approach is widely adopted:– Secure application development without concern with
the underlying cryptography– Common secure applications working with a wide
variety of different cryptographic modules
– Common cryptographic modules supporting manydifferent applications
– Ability to easily integrate cryptographic functionsdesigned for diverse protection needs (military,government, commercial, and individual)
– Cryptographic modules can satisfy national policieswith minimal impact on applications
26-June-97 International Cryptography Experiment (ICE) Slide 25 of 25Building a World of Trust
Further Information
• TIS ICE/CAPI Web page:http://www.tis.com/crypto/ice.html
• Key personnel:David Balenson <[email protected]>Dennis Branstad <[email protected]>
Brian Gladman <[email protected]>
Steve Walker <[email protected]>