Security By Design

Scott A. VanstoneV.P. Cryptographic Research

Research in MotionDistinguished Professor Emeritus

University of Waterloo

Security by Design

When designing a new telecommunications system it is prudent to make security a fundamental part of the design process.

Geneva, 6-7 December 2010 3Addressing security challenges on a global scale

What is Cryptography?

• Cryptography is the study of mathematical techniques related to aspects of information security such as:

– confidentiality– data integrity– entity authentication – data origin authentication

Geneva, 6-7 December 2010 4Addressing security challenges on a global scale

What is Cryptography (2)

• Cryptography plays a fundamental role in securing information based systems.

• Often cryptography (and security in general) is an afterthought and as such it is bolted on after the overall system has been completed.

Geneva, 6-7 December 2010 5Addressing security challenges on a global scale

Think of the Postal Analogue

• You put a letter in an envelope to maintain the integrity of the information in the letter and keep the letter from prying eyes (integrity and encryption).

• You put your address in the upper left corner of the envelope to authenticate the sender which is you (authentication).

• You sign the letter so that at a later date you cannot say you did not send it.

6Addressing security challenges on a global scale Geneva, 6-7 December 2010

The Digital World

• We want to mimic all of these services but electronically.

• This has been done and done more securely and efficiently than postal mail.

• It is all due to the advent of something called “public-key cryptography”.

• Canada is and continues to be a leader in this field.

7Addressing security challenges on a global scale Geneva, 6-7 December 2010

Symmetric-Key Cryptography

• Communicating parties a priori share secret information.

8Addressing security challenges on a global scale Geneva, 6-7 December 2010

secure channel

Eve

Alice Bobunsecured channel

Public-Key Cryptography

• Communicating parties a priori share authentic information.

9Addressing security challenges on a global scale Geneva, 6-7 December 2010

authentic channel

Eve

Alice Bobunsecured channel

Symmetric-Key vs Public-Key

• Symmetric-Key has been used for thousands of years.

• Public-Key is relatively new dating from 1976.

• Public-key cryptography is based on hard mathematical problems.

10Addressing security challenges on a global scale Geneva, 6-7 December 2010

Why Symmetric-Key?

• Typically very fast for bulk encryption (confidentiality).

• The Advanced Encryption Standard (AES) is well accepted as a superior algorithm for symmetric-key.

11Addressing security challenges on a global scale Geneva, 6-7 December 2010

Disadvantages of Symmetric Key

• Key management can be a serious problem.

• Non-repudiation (digital signature) is very difficult to realize.

12Addressing security challenges on a global scale Geneva, 6-7 December 2010

Why Public-Key?

• One disadvantage of symmetric-key cryptography is key management.

• Public-Key provides an efficient method to distribute keys.

• Public-key offers a very efficient way to provide non-repudiation. This is one of the great strengths of public-key.

13Addressing security challenges on a global scale Geneva, 6-7 December 2010

Disadvantages of Public-Key

• Public-key operations require intense mathematical calculations.

• They can be thousands of times slower to encrypt data than a well designed symmetric-key scheme.

14Addressing security challenges on a global scale Geneva, 6-7 December 2010

Hybrid Schemes

• Use symmetric-key schemes to do bulk encryption.

• Use public-key techniques to pass keys so that key management is not a problem.

15Addressing security challenges on a global scale Geneva, 6-7 December 2010

Digital Signatures

• One of the truly great technologies that public-key cryptography can provide.

• Handwritten signatures are fixed to the message but not an integral part of the message.

• Digital signatures combine the message and private information of the signer.

16Addressing security challenges on a global scale Geneva, 6-7 December 2010

Why Elliptic Curve Cryptography (ECC)?

• Most security per bit of any known public-key scheme

• Ideally suited to constrained environments– Computationally efficient– Bandwidth efficient– Battery efficient

• Well studied• Standardized in relevant influential

international standards17Addressing security challenges on a global scale Geneva, 6-7 December 2010

Elliptic Curve: y2=x3+ax+b

18Addressing security challenges on a global scale Geneva, 6-7 December 2010

y y x x

y y

x x

1 1

2 1

2 1

slope

( )

Suite B

Purpose Algorithm Unclassified Classified

Encryption AES 128 bit key 256 bit key

Signatures ECDSA 256 bit curve 384 bit curve

Key Exchange ECDH or ECMQV 256 bit curve 384 bit curve

Hashing SHA SHA-256 SHA-384

19

Suite E for Embedded Systems

Purpose Algorithm Unclassified

Encryption AES 128 bit key

Signatures ECDSA 283 bit curve

Key Exchange ECDH or ECMQV 283 bit curve

Hashing SHA SHA-256

Geneva, 6-7 December 2010 20Addressing security challenges on a global scale

Examples of Security by Design

• XM Radio

• Blackberry

Geneva, 6-7 December 2010 21Addressing security challenges on a global scale

XM Radio

• XM Radio delivers digital radio to most of North America.

• XM approached Certicom in the late 90s to design security into the system from the ground up.

Geneva, 6-7 December 2010 22Addressing security challenges on a global scale

BlackBerry

• RIM built security in from the beginning.

• Suite B was running on the device even before the NSA endorsement in 2003.

Geneva, 6-7 December 2010 23Addressing security challenges on a global scale

Conclusion

• There is good security available.

• The simple but often forgotten message is:– Design security into the system from the

beginning.– Think the design through careful so that you meet

your objectives.

Geneva, 6-7 December 2010 24Addressing security challenges on a global scale