idirect transec - advanced overview
DESCRIPTION
•iDirect ACC and DCC Encryption Channels•Operational Encryption•Public Key Infrastructure•Acquisition & Authentication•Acquisition Obfuscation•Key Rolls•Handling Security CompromisesTRANSCRIPT
© 2008 VT iDirect, Inc.
TRANSECAdvanced Overview
TRANSEC Operation
• iDirect ACC and DCC Encryption Channels•Operational Encryption•Public Key Infrastructure•Acquisition & Authentication•Acquisition Obfuscation•Key Rolls•Handling Security Compromises
Encryption Channels
• Acquisition Ciphertext Channel (ACC)• Only used during Acquisition and Authentication• Based on ACC key using AES 256 CBC symmetric encryption• Key is initially distributed to the remote manually then updated
over the air in operation• Key is rolled every 28 days by default. Key is stored if the power
is turned off. Remote must manually rekey if it is out of network for two keyrolls.
• Data Ciphertext Channel (DCC)• The DCC channel encrypts all user data traffic with the DCC key
using AES 256 CBC symmetric encryption• Masks activity with random blocks of data when remotes have no
data to send “Wall of Data”• Key is updated over the air every 8 hours by default. Not stored if
power is cycled.
IP encryptorProtocol Processor
00110101101001 SA DA
TOS
$%^#$#%@^&&# SA DA
TOS
IVKRXXLMXXLLMLX LLVLMXX
XLM VMXXMMXXXMVLL
IP encryptor
IVKRXXLMXXLLMLX LLVLMXX
XLM
DCC key
DCC key
DCC key
IP encryptor
TOS Demand
Header DID
Evolution e8000Series Remotes
WAN
Hub SystemWall of Data
TRANSEC Hub
$%^#$#%@^&&# SA DA
VMXXMMXXXMVLL
Evolution e8000Series Remotes
Operational Encryption
ACC key
ACC key
•Host private keys/public keys• Asymmetric cryptography• Each host has a set of self generated private and public
keys used for certificate exchange and verification• 2048 bit long private / public keys (RSA)• These keys protect all network key exchanges
•Each network element has a X.509 certificate• A certificate is a document that connects a public key to
an identity• Used to authenticate remotes and build a chain of trust• Certificates are issued by iDirect CA
Public Key Infrastructure (PKI)
Protocol Processor
00110101101001 SA DA
TOS
$%^#$#%@^&&# SA DA
TOS
IVKRXXLMXXLLMLX LLVLMXX
XLM VMXXMMXXXMVLL
IP encryptor
X.509 Certificate
DID #456789
Public Key
Signature
IVKRXXLMXXLLMLX LLVLMXX
XLM
ACC key
DCC key
ACC key
DCC key
IP encryptor
TOS Demand
Header DID
Evolution e8000Series Remotes
WAN
Hub SystemWall of Data
Strong Authentication
TRANSEC Hub
$%^#$#%@^&&# SA DA
VMXXMMXXXMVLL
Public Key Infrastructure (PKI)
TRANSEC Network Acquisition
• When and only when a remote is out of network, the hub periodically invites it to acquire on ACC channel.
• An out-of-network remote immediately responds to this invitation on the ACC with an "ACQ Burst" from which the hub calculates the timing, power and frequency offsets the remote must apply to successfully join the network.
• The hub and remote authenticate across the ACC using X.509 Certificate Exchange
• Current ACC and DCC keys are encrypted using the remote’s public key (PKI) and distributed to each remote
Protocol Processor
X.509 Certificate
DID #123456
Public Key
Signature
X.509 Certificate
DID #456789
Public Key
Signature
ACC key
DCC key
ACC key
DCC key
ACC key
DCC key
Evolution e8000Series Remotes
TRANSEC Hub
VMXXMMXXXMVLL
Evolution e8000Series Remotes
Acquisition and Authentication
ACC key
DCC key
ACC key
DCC key
ACQ Obfuscation
• To mask the actual acquisition activity, the hub will• Issue dummy invitations to remotes already in network, so that it appears there is always
some acquisition activity. Remotes in network will always burst in response to dummy invitations.
• Deliberately not issue invitations for some slots, so the ACQ channel never appears full.• Issue normal invitations, in which some remotes will burst and others will not.
• Frequency, timing and power of “dummy” bursts will vary to hide usage patterns
Key Rolls
• Changing encryption keys periodically helps prevent attackers from deriving keys from captured data (cryptanalysis)
• iDirect TRANSEC makes rolling period configurable
• ACC key must be manually distributed the first time or if a remote is out of network for 2 ACC keyrolls
Peer 1 Peer 2
Mutual Trust Established
Key Distribution Complete
Key Distribution Protocol
Global Key Distributor
•Global Key Distributor (GKD)• GKD distributes ACC key among one or more
networks• Allows roaming remotes to acquire into all networks
• Multiple GKDs can be configured for redundancy• Within an individual hub• Between multiple hubs
Handling Security Compromises
• Zeroization is a process for removing all Critical Security Parameters (CSPs) from a network element.• Network configuration• DCC and ACC keys• Public/private key pair
• Certificate revocation adds a certificate to the CRL, breaking trust between an entity and the rest of the network.• Network acquisition fails• Key distribution ceases to work
• Operator-triggered key rolls, in combination with certificate revocation prevents network elements from decoding data.
THANK YOU