ciphernet software developerâ€™s kit (cdsa)

CipherNET®

Information Security Solutions and Products

CipherNET

CipherNET® SoftwareDeveloper’s Kit (CDSA)

Sri Myneni

July 21, 1998

MOTOROLA and CipherNet are registered trademarks of Motorola, Inc.

CipherNET

CipherNET®


CipherNETIntroduction

• Why Motorola-ISD chose CDSA ?

• CipherNet product offering

• Motorola-ISD CDSA vision

• Questions!!!!

CipherNET®


CipherNETMotorola Security Experiencel 30 years experience designing and developing information

security systemsè Large scale security systems integration

l Developing certificate management systems since 1993l Provide PKI for Defense Messaging Systeml Supplied link encryption systems to the U.S. government

for 30 years (1000s of secure networks)l Delivered over 2500 Network Encryption Systems (NES)l Delivered over 250,000 secure telephones worldwide

CipherNET®


CipherNETWhy Support CDSA ?• The Open Group - Global leader in setting

standards

• Supported by wide range of industry leaders(IT Buyers and Suppliers)

• Open Architecture

• Wide range of capabilities

• Flexible and Extensible

• Platform Independent

• Framework for interoperability

CipherNET®


CipherNETMotorola CDSA -SDKImplementation

• Supports CDSA 1.2

• Enhancements to the Intel reference code

• PlatformsèWindows 95 and Windows NT 3.51/4.0

• Motorola will optimize CDSA to meetapplication requirements

CipherNET®


CipherNETMotorola Solutions• Provide E-Commerce and E-Business

application providers with the security toolsforèEnabling global solutions

èRapidly exploiting the power of all forms ofelectronic communication

• System integrationèAssemble complex systems involving

messaging, information security, and customapplication development

CipherNET®


CipherNET

On-LineBusiness

On-LineCommerce

WirelessOn-LineBanking

On-Line Purchasing

Other

Developer’s API (CSSM)

CryptoServiceProvider

DataLibrary

CertificateLibrary

TrustPolicy

Service Provider’s Interface

ECC

LDAP

X.509V3

X.509V3

End-User

Applications

Motorola C

ipherNE

T S

DK

(CD

SA

)

Security Service

Provider Plug-In

Components

Future

FUTURE

LocalStorage

P

K

C

S

#12

Module

Managers

CipherNET®


CipherNETCryptographic Service Provider

• Elliptic Curve Cryptography (ECC)è High strength + small key sizes = good performance

è 160 bit ECC key ≡ 1024 bit RSA key

è 210 bit ECC key ≡ 2048 bit RSA key

è Signature: ECDSA, ECNRA

è Key Agreement: ECDH, MQV

è Key Transport: ECES, ECAES

CipherNET®


CipherNETCryptographic Service Providerl Other algorithms

è Bulk encryption: DES and Triple-DES

è Hashing: SHA-1

è Message Authentication Check: HMAC

è Random numbers: FIPS 186, ECC BBS

l Keys and certificates are stored on PKCS #12 “softwaretoken” for transportability

è Allows migration to hardware tokens with minimalimpact on the application

CipherNET®


CipherNETWhy Elliptic Curve Crypto?• Small key size

• Performance

• Ideal for systems with limited resourcesèSmart cards

èWireless and embedded systems

• Growing acceptance of EC in financialservices communityèSET 2.0, ANSI X9, ‘Short Certificates’

CipherNET®


CipherNETData Storage Libraryl Manages X.509 certificates and CRLs

l Remote repositoryè LDAP v3 directory service

è Read-only

è Local cache

l Local repositoryè For certificates not in the directory

è Allows offline use (e.g., laptop)

è Read and write access

CipherNET®


CipherNETCertificate Libraryl Parses X.509 certificates and CRLs

è X.509 v3 certificate formats

è X.509 v2 CRL formats

l Trust Policy Moduleè Single CA modal

è Migrating to multiple CA hierarchy

CipherNET®


CipherNETMotorola Public Key Infrastructure (PKI)

• Companion PKI is under development

• PKI is based upon a highly scaleable webarchitecture to allow rapid rollout of largescale applications

• Support application builders withcertificates during SDK integration and test

CipherNET®


CipherNET

CipherNet CAServer

Directory Server

Client SystemToken

CipherNet RA Workstations

PKI Architecture

CipherNET®


CipherNETMotorola Partner Relationships• Certicom:

èWorld leader in ECC

èCryptographic Service Provider for ourSoftware Developer’s Kit.

• Intelisys:è Jointly developing next generation Internet

purchasing applications

CipherNET®


CipherNETCDSA Critical Success Factors

• Delivering CDSA 2.0

• Small footprint version

• Browser support

• PKI agnostic

• Resolution of the export issues

• Applications developers buy-in

CipherNET®


CipherNETMotorola Technology DirectionBridged technology evolving to common security architecture

MICRO T A C ELITE

1 324 5 67 8 9* 0 #

RCL STO CLR SND

PWR FCN NAME END

Card/Disk TokenTechnology

Wireless- MicroTac- Pagers

Applications- Banking- E-Business- E-Commerce

Wireline- STE-CipherLink

Integrated Communications Securityfor Business, Government, and DOD

CipherNET®


CipherNET

Security ServicesE-Commerce, E-Business and Financial Applications

GSMSecurity

Pipe

CDMASecurity

Pipe

PagingSecurity

Pipe

iDenSecurity

Pipe

Tele- maticsSecurity Pipe

Standard Security Algorithms and Protocols

CelestriSecurity Pipe

CipherNET®


CipherNETCipherNet Availability

• CipherNET Software Developer’s Kit isavailable NOW

• Expect availability announcementsregarding PKI in next quarter

CipherNET®


CipherNETSupport

• Licensing agreement includesèProduct training

èOne year product support

èTest certificates

èExample source code

èManuals

• Optional support includesè Integration assistance

èModule customization

èOptional module development

CipherNET®


CipherNETSample Demonstration• Web based banking application using the

CipherNET SDK

• Demonstrates construction of an applicationrequiring strong authentication, dataintegrity, privacy, and non-repudiation

CipherNET®


CipherNETContacts• Product Information: Peter Uscinski (602) 441-5792

• Public Relations: Dede Connors (602) 441-2027

• Product Manager: Tres Wiley (602) 441-7401

• Email us: [email protected]

• www.ciphernet.motorola.com

Motorola

Information Security Division

8201 E. McDowell Road

Scottsdale, AZ 85257

CipherNET®


CipherNET

Questions Please !!!!!

ciphernet software developerâ€™s kit (cdsa)

Documents