2003.03.31 (c) Mitsubishi Electric Corp.
User Scenarios
&
Security Considerations
in
APPAGG
part 2/2
2003.03.31
Nobuhiro Kobayashi@Mitsubishi Electric Corp.
[email protected]
1
2003.03.31 (c) Mitsubishi Electric Corp.
Solution
•
•
•
•
•
•
•
Who grants the rights to the subject ?
Who stores the rights ?
How describe the rights ?
Who authenticates the subject ?
Who authenticates the object ?
Who authorizes the subject ?
(? Any other items ? )
2
2003.03.31 (c) Mitsubishi Electric Corp.
Solution (cont.)
• Who grants the rights to the subject ?
– Owner
– (? default settings by manufacturer )
3
2003.03.31 (c) Mitsubishi Electric Corp.
Solution (cont.)
• Who stores the rights ?
– ? each appliance
– ? Owner’s wearable appliance
(ex. watch)
4
2003.03.31 (c) Mitsubishi Electric Corp.
Solution (cont.)
• How describe the rights ?
– ? XML
– ? original format
5
2003.03.31 (c) Mitsubishi Electric Corp.
Solution (cont.)
• Who authenticates the subject ?
– Owner
– ? Owner’s wearable appliance
– ? each appliance
– ? Trusted third party
6
2003.03.31 (c) Mitsubishi Electric Corp.
Solution (cont.)
• Who authenticates the object ?
– Owner
– ? Owner’s wearable appliance
– ? each appliance
– ? Trusted third party
7
2003.03.31 (c) Mitsubishi Electric Corp.
Solution (cont.)
• Who authorizes the subject ?
– Owner
– ? Owner’s wearable appliance
– ? each appliance
– ? Trusted third party
8
2003.03.31 (c) Mitsubishi Electric Corp.
Example.
John’s wearable appliance “watch”
has the rights list.
The “watch” sends command to the light.
How to set the rights to the lights ?
John
John grants
the rights to the light.
John grants
the rights to his watch.
Rights List for light
Rights List for watch
Owner is John.
Owner is John.
Owner can turn on the lights.
Owner can use the laptop.
command
Turn ON
the light.
9
Version 1
A( watch )
2003.03.31 (c) Mitsubishi Electric Corp.
C( attacker )
B( light )
command
command
command
normal
attack
command
command
command
success replay attack
10
2003.03.31 (c) Mitsubishi Electric Corp.
Solution (cont.)
• To protect from replay attack.
– Use Random Number
– Use HMAC
( Keyed-Hashing for Message Authentication)
• It is more lightweight
than other cryptographic routines.
11
Version 2
A( watch )
2003.03.31 (c) Mitsubishi Electric Corp.
C( attacker )
start request
B( light )
start request
start request
RN
RN
check
RN
RN
command
key
HMAC
compute
HMAC
with key
generate
Random Number
( RN ).
RN
RN
command
command
HMAC
HMAC
key
HMAC
tmp
check
normal
start request
attack
start request
RN2
RN2
RN
RN
command
command
HMAC
HMAC
12cannot replay attack
ERROR
2003.03.31 (c) Mitsubishi Electric Corp.
Version 2’
A( watch )
C( attacker )
start request
B( light )
start request
start request
RN
RN
RN
key
check
RN
RN
command
RN
command
command
HMAC
HMAC
HMAC
key
HMAC
tmp
check
normal
attack
start request
start request
RN
RN
RN
RN
command
command
HMAC
HMAC
doesn’t execute command
13
2003.03.31 (c) Mitsubishi Electric Corp.
Version 3
A( watch )
C( attacker )
B( light )
start request
start request
start request
RN_A
RN_A
RN_A
key
key
RN_B
RN_B
HMAC
tmp
RN_B
HMAC_B
HMAC_B
HMAC_B
check
RN_B
RN_B
command
key
command
key
HMAC_A
HMAC_A
HMAC
tmp
check
start request
start request
RN_A2
RN_A2
attack
key
RN_B
RN_B
HMAC
tmp
HMAC_B
HMAC_B
check
ERROR
attack detected
normal
14
2003.03.31 (c) Mitsubishi Electric Corp.
References
•
Appliance Aggregation Architecture Terminology, Survey, and Scenarios
http://www.hpl.hp.com/hosted/ggf/AppAggSurvery.doc, March 2003
•
terminology translation ( English <-> Japanese )
http://www.ipa.go.jp/security/ciadr/word_idx.html
http://www.ipa.go.jp/security/ciadr/crword.html
http://www.sisnet.or.jp/sis/dokuhon/p10.htm
15
2003.03.31 (c) Mitsubishi Electric Corp.
END
Thank you.
16
2003.03.31 (c) Mitsubishi Electric Corp.
NOT USE
17
2003.03.31 (c) Mitsubishi Electric Corp.
Example. (cont.)
John sets “secret key” to the “watch” and the light.
The “watch” make HMAC from the command
by “secret key”,
and sends the command and HMAC to the light.
John
The lights make HMAC from
the received command by “secret key”,
and compares this HMAC and the received HMAC.
John sets “secret key”.
John sets “secret key”.
Rights List for light
Rights List for watch
Owner is John.
Owner is John.
Owner can turn on the lights. A
Owner can use the laptop.
command
Turn ON
the light.
HMAC
made by watch
command
Turn ON
the light.
A
HMAC
made by watch
HMAC
made by light
compare the HMAC
18
2003.03.31 (c) Mitsubishi Electric Corp.
Example. (cont.)
To against “replay attack”,
use 3 handshakes and random numbers.
Generate
random
number.
Session
Start
Request
HMAC_W
(R.N.)
W
HMAC_W
(R.N.)
R.N.
compare the HMAC
HMAC_W
(R.N.)
HMAC_L
(R.N.)
L
HMAC_L
(R.N.)
HMAC_L
(R.N.)
command
Turn ON
the light.
R.N.
compare the HMAC
A
HMAC_L
(R.N.)
Generate
random
number.
A
command
Turn ON
the light.
HMAC
made by watch
HMAC
made by light
HMAC
made by watch
compare the HMAC
19
2003.03.31 (c) Mitsubishi Electric Corp.
Terminology translation
( English <-> Japanese )
•
•
•
Impersonation, spoof
authentication
replay attack
なりすまし
認証
再送攻撃
•
•
eavesdrop
encryption
盗聴
暗号化
•
•
•
•
•
alteration
Integrity
hash
message digest
digital signature
改ざん
完全性
ハッシュ
メッセージ・ダイジェスト
デジタル証明
•
•
repudiation
non-repudiation
否認（事後否認）
否認拒否
•
•
•
authorization
access control
privilege control
認可
アクセス制御
特権制御
•
principal
認証をうける単位（ユーザ、ホスト、アプリケーション等）
20