April 4, 2013 presentation given at the Raleigh ISSA Chapter meeting. This PDF of my slides reviews my paper that was accepted and nominated for an award and presented at the ITU Kaleidoscope 2013 conference.
14
ITU KALEIDOSCOPE 2013 GRIFFIN – APRIL 2013 October 18, 2012 ITU Kaleidoscope 2013 Presentation Telebiometric Information Security and Safety Management Phillip H. Griffin Information Security Consulting RALEIGH ISSA CHAPTER MEETING THURSDAY , APRIL 4, 2013
Transcript
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 October 18, 2012
ITU Kaleidoscope 2013 Presentation Telebiometric Information Security and Safety Management
Phillip H. Griffin Information Security Consulting
RALEIGH ISSA CHAPTER MEETING THURSDAY, APRIL 4, 2013
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013
ITU is the International Telecommunication Union
— United Nations specialized agency for information and communications technology (ICT)
— Membership includes 193 countries and over 700 private-sector entities and academic institutions
— Allocates global radio spectrum and satellite orbits; develops technical standards to ensure seamless interconnection of networks and technologies (telephones, video, TV, etc.)
— Consensus efforts to support fundamental right to communicate
— Empowers people through technology education and training
2
What is the ITU ?
Presenter
Presentation Notes
Founded in Paris in 1865. Initial name International Telegraph Union. Became a UN agency in 1947. Headquartered today in Geneva, Switzerland. ITU standards cover video compression, satellite navigation, mobile phones, digital broadcasting, 3D TV, and the internet.
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 3
Assess standardization required so that cities can enhance their social, economic, and environmental sustainability by using Information & Communications Technology
Sustainable communities will combine human-oriented technologies and human values
Building Sustainable Communities − is the fifth in a series of peer-reviewed academic conferences organized by ITU that aim to identify emerging developments in Information and Communication Technologies (ICTs) at an early stage to generate successful products and services through the development of international and open standards. (see http://www.itu.int/en/ITU-T/academia/kaleidoscope/2013/Pages/default.aspx) Organizations that rely on human-oriented technologies such as telebiometrics should protect and manage the safety and security of their physical and information assets. Data that documents the safe and secure operation of telebiometric system devices should be collected and captured in an information security and safety event journal. Event journal data provides an audit trail that should be protected using digital signatures, encryption and other safeguards. (see http://phillipgriffin.com/innovation.htm#ITU)
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 4
New Standardization
Telebiometric System Heartbeat
Provides metrics to enable the continuous improvement of an information security and safety management program for telebiometric system devices
Cryptographic Message Syntax (CMS)
Need a version that complies with the ASN.1 standards Permits all binary encoding rules and XML Encoding Rules (XER) Supports ISO/IEC JTC 1/SC 27 algorithms, cryptographic techniques
Signcryption Support in CMS
Defines the schema and processing for a SigncryptedData type needed to support the techniques in the ISO/IEC 29150 Signcryption standard
Presenter
Presentation Notes
A system heartbeat record should document and monitor the safety, performance, and availability of telebiometric system devices and alert system administrators to security and safety events and changes. Heartbeat data should provide metrics that inform the continuous improvement of a telebiometric information security and safety management program. Need an international standard CMS that complies with the ASN.1 standards. Should permit all encoding rules. Should support all ISO/IEC JTC 1/SC 27 approved algorithms and cryptographic techniques. A signcryption cryptographic message wrapper should protect event journal, biometric reference template, and other telebiometric information to promote user security and respect for user privacy rights.
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 5
Telebiometric System Heartbeat
Periodic messages … Should monitor and document the safety, performance, and availability of telebiometric system devices Provide information to alert system administrators of security and safety events and system changes (e.g., FAR/FMR settings, device location, aberrant behavior, etc.) Source of derived metrics to inform the continuous improvement of a telebiometric system information security and safety management program
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013
CMS is “a general syntax for data that may have cryptography applied to it, such as digital signatures and digital envelopes” - RSA Laboratories
— Defined by RSA Security in the early 1990s
— PKCS #7 (Public Key Cryptography Standard 7)
— Replaced the Privacy Enhanced Mail (PEM) standard
— Solved the X.509 certificate distribution problem
— Initial root was RSA until VeriSign spawned (RSA, IBM, etc.)
— Adopted by IETF to support secure email; SET; X9.73, others
— No valid international version of the CMS standard exists!
6
Cryptographic Message Syntax
CMS provides a standardized schema with a well defined “hole”.
Presenter
Presentation Notes
The SignedData type allowed certificates and CRLs to be transferred in a message signed using the private key of the message sender. The message recipient can be provided with all of the keys needed to verify the signature of the sender and to validate the sender’s public key. RSA stood up the first root key to demonstrate the utility and effectiveness of PKCS and used this root to support their own consulting business clients. When the value of PKI became well known, VeriSign was formed. Many different standards groups have developed versions of PKCS #7 CMS. IETF has further developed the standard for use in internet mail. This standard follows the lead of PKCS #7 and uses CMS types as distinct, complete messages, each with its own MIME header. The cryptographic algorithms supported by IETF standards are restricted for internet use and have traditionally excluded important and widely adopted patented technology. IETF CMS schema does NOT comply with any version of the ASN.1 standards. Uses the deprecated, then withdrawn ASN.1 1988 standard. The Secure Electronic Transaction (SET) standard defined in the middle 1990s by Visa International and MasterCard. SET was the first standard to use CMS types as message components rather than as complete messages. This approach minimized the size of the data that was encrypted or signed. RSA created a new version of CMS for SET that complied with the 1994 ASN.1 standards. The X9.73 ANSI CMS standard was defined by the Accredited Standards Committee (ASC) X9. It was the first CMS standard to use a common ASN.1 schema to support both traditional binary messages and XML markup representations of CMS messages. (Note that OASIS XML Common Biometric Format (XCBF) applied this idea earlier). X9.73 restricts the use of cryptographic algorithms to those approved for use by the financial services (roughly to those approved by NIST, who contribute extensively to the work of X9).
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 7
CMS Message Example
Schema is in ISO/IEC & ITU standard, Abstract Syntax Notation One (ASN.1)
ASN.1 is used in billions of phones ! 6.8 B cell phone subscriptions, 2013
Compact binary or XML markup
Zero+ Certificates and CRLs
Unsigned attribute content needs no protection (e.g., SAML assertion)
Presenter
Presentation Notes
ASN.1 tools can be used to validate that the ASN.1 syntax is correct, and to generate programming language code directly from the ASN.1 schema definitions. Any XML Schema can be converted to an analogous ASN.1 schema, which can then be used to generate code. This automates the process of implementing an information exchange schema, and allows that process to be standards based rather than being vendor dependent (e.g., on the use of .NET or other vendor defined frameworks). Any ASN.1 encoding rules can be applied to any ASN.1 schema. So it is possible to create messages in XML markup or in a compact, efficient binary format from the same ‘abstract schema’. XML instance documents and binary encoded messages are both examples of ‘concrete syntax’. An ASN.1 schema is independent of any particular concrete representation. That is an abstract schema may have many different transfer syntaxes. The degenerate case of SignedData has no content and no signers. It can be used to distribute certificates and CRLs (i.e., as in IPsec). The content and attributes are optional components in the SignedData message and may be ‘detached’ and transferred out of band. There may be zero or more certificates and CRLs in a message, and when any are present, these may be in any order, and they may not be useful to the message recipient. (They might have nothing at all to do with the current message.) The signed attributes component of SignedData is a protocol ‘Hole’, a purposeful, well-defined place in the message where any user with a need can add content to the message of any type or format [see http://www.packetizer.com/osi/understandingosi/chapter8.html]. This signed attribute ‘hole’ allows vendors to innovate, to add functionality to the message. The hole allows the message schema and protocol to be extended arbitrarily without modifying the CMS standard and without impacting other users, who are free to ignore any extensions in the hole.
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 8
CMS SignedData is used to provide data integrity and origin authenticity in each of the following standards:
X9.84 Biometric Information Management and Security
ISO 19092 Biometrics – Security Framework
DoD & FBI Electronic Biometric Transmission Specification (EBTS)
DHS Biometric Enabled Watch Lists (BEWL)
ICAO Doc 9303 Machine Readable Passports
ANSI / NIST-ITL 1-2011 Biometric Data Format & Interchange Standard
OASIS XML Common Biometric Format (XCBF)
ISO/IEC 24761 Authentication Context for Biometrics (ACBio)
CMS In Biometric Standards
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013
1 - Attack on a biometric sensor with dummies: reproduced biometric trait presented as input 2 - Replay attack. Recorded, intercepted signal is replayed to bypass the biometric sensor 3 - Attack on feature extractor: produces altered values to those read by the biometric sensor 4 - Tampered feature representation (features are replaced with a fraudulent feature set) 5 - Attack on the matcher, forcing it to produce high or low matching score to allow or deny access 6 - Attack on biometric templates in a local, remote, or distributed database to add, modify, delete 7 - Tampered biometric reference template. See 4. 8 - Attack on the final matching decision end point : attacker disables the authentication system
9
Biometric System Vulnerabilities
Support policy-based information security management using real- time device FAR/FMR settings? CMS (6, 7), and
ACBio transfer?
Presenter
Presentation Notes
The following is from Report 12 at http://www.itu.int/en/ITU-T/techwatch/Pages/reports.aspx “In an often-cited paper published in the IBM Systems Journal in 2001 �the authors identify eight vulnerable points in biometric, which are also�critical for local and remote (tele-) biometric applications”.
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 10
New CMS type proposed:
CMS Signcryption Support
ID360: Global Forum on Identity Schema similar to SignedData One mode supports field-level signcryption within signed object Attributes: Defined by any group with a need using any type or format Manifest defined for each content type, e.g., a list of XPath expressions in an XML document
Presenter
Presentation Notes
The confidentiality of biometric data is "not required in order to ensure the integrity and accuracy of the biometric identification system". Confidentiality may be required for other reasons, such as "privacy laws, liability protection, or customer satisfaction". Public acceptance and the success of a biometric system may depend in part on the "level of apparent security" (X9.84, 2011). The use of "encryption to prevent unauthorized disclosure of the biometric information" (X9.84, 2011) may promote acceptance.
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013
Signcryption combines encryption and digital signature functions into a single, efficient cryptographic operation.
— A cryptographic technique and a primitive
— ISO/IEC 29150:2011Signcryption standard
— Hybrid : Combines digital signature with encryption (hybrid like MAC + Encryption in SSL, SSH, ESP mode of IPsec)
— Confidentiality + Data Integrity + Origin Authenticity
— Asymmetric cryptography makes non-repudiation possible — Faster, smaller result than signature-followed-by-encryption — No standardized signcryption CMS type exists!
11
Signcryption Primitive Support
Presenter
Presentation Notes
I defined and proposed standardization of a new SigncryptedData CMS message in April 2012, and presented this proposal to the ID360 Global Forum on Identity conference held at the University of Texas, Austin on behalf of my DoD Biometric Identity Management Agency (BIMA) client. Signcryption is a relatively new hybrid cryptographic primitive. Signcryption provides the functionality of encryption and digital signature in one operation. Familiar symmetric hybrid cryptographic techniques are found in the Secure Sockets Layer (SSL) protocol, the Secure Shell protocol (SSH) protocol, and the Encapsulating Security Payload (ESP) protocol of IPsec. These protocols all rely on symmetric encryption coupled with a Message Authentication Code (MAC). The ISO/IEC 29150 Signcryption standard was published in 2011 by the ISO/IEC JTC 1/SC 27 Security Techniques committee. Signcryption: - simultaneously signs and encrypts data in a single operation - provides origin authentication, data integrity, and confidentiality - uses asymmetric cryptography that makes non-repudiation possible - faster than traditional signature followed by encryption techniques Signcryption schemes offer better overall performance and security (Barbosa & Farshim, 2008). Signcryption schemes provide “shorter cipher text and/or lower computational cost” - Li, Chung Ki, & Wong, Duncan S. (2009). Signcryption schemes “fulfill both the functions of digital signature and public key encryption in a single step, and with a cost, both in terms of modular exponentiation and message overhead, significantly smaller than that required by” traditional sign-then-encrypt techniques - Zheng, Yuliang. (1998). The efficiencies of signcryption make it ideal for protecting information in environments constrained by bandwidth limitations (e.g., wireless mobile devices), high volumes of transactions (e.g., Internet commerce), or size or cost of storage (e.g., smart cards).
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 12
Summary
New standards are needed:
Telebiometric System Heartbeat
Need a standardized, extensible, CMS protected message to enable development of vendor neutral telebiometric incident handling and information security and safety management solutions
Cryptographic Message Syntax (CMS)
Need an international standard that complies with the ASN.1 standards, that supports all encoding rules, and permits use of SC 27 cryptography
CMS Signcryption Support
Need a new CMS SigncryptedData message type that supports the use of efficient ISO/IEC 29150 Signcryption techniques in CMS
ITU KALEIDOSCOPE 2013
GRIFFIN – APRIL 2013 13
Building Sustainable Communities – ITU Kaleidoscope conference, Kyoto, Japan, 22-25 April, 2013. (http://itu.int/en/ITU-T/academia/kaleidoscope/2013/Pages/default.aspx)
Phil is an ISSA Fellow and a CISM. He has a Master of Science in Information Technology and a BS in Computer Science, and five U.S. patents at the intersection of biometrics, information security and privacy, and RFID. Phil has over 15 years of experience in the development of commercial, national and international security standards. He has served in a variety of leadership roles including committee chair, head of delegation, rapporteur and editor. Phil has contributed to standards in ITU-T, ISO, ISO/IEC, ASC X9, INCITS T4, U.S. DoD, NIST, and OASIS. �
