real privacy management (rpm)
DESCRIPTION
Real Privacy Management (RPM). Overview Presentation April 2011. Why RPM? What is it? What’s standard about it? What’s novel? (Features) What does novel give you? (Benefits) Is it proven? Practical proof of the features and benefits - PowerPoint PPT PresentationTRANSCRIPT
Real Privacy Management (RPM)
Overview Presentation
April 2011
Why RPM?
What is it?
What’s standard about it?
What’s novel? (Features)
What does novel give you? (Benefits)
Is it proven?
Practical proof of the features and benefits
Example Technology: SSLX Reference Implementation
RPM’s application to Financial Services
Next steps
RPM Technology Review
Real world, human networks have continuous, mutual authentication in all secure interactions, regardless of risk level.
Electronic networks don’t.
Why not?
Because it’s too slow, effort-laden, complex.
So it just isn’t done.
Who cares? Tomorrow does.
Horses -> cars. Fire -> electricity. Earth -> Star Wars
The network will never be trusted until it’s just like humanity
Why RPM?
Real Privacy Management (RPM) is a patented collection of cryptographic authentication and data
security methods; as well as a distributed architecture that integrates RPM-enabled
technology components providing end-to-end security services to any network.
Using RPM, network participants are assured that every transmission is uniquely authenticated and
encrypted in real-time.
What is Real Privacy Management (RPM)?
IPSec, the complete security protocol for Next Generation Internet (IPv6), was developed as a framework for authenticated and encrypted IP traffic
RPM can be thought of as an IPSec implementation; specifically, as IPSec ESP + Auth in tunnel mode (essentially, an IPSec VPN)
RPM is IPSec.
Features: Symmetric, one-pass, key establishment, key transport, key exchange, key management methods/system delivering authentication and data security (encryption)
In this regard, RPM is best-practice ‘standard’ network security
What’s Standard About RPM?
• Cryptography
New primitives, based on Underdetermined equation sets (provable security, both cryptographic and mathematic)
Unique, random encryption message key per transmission (packet)
Key sizing – Moore’s Law upkeep: add a byte, doubles key space
Bandwidth (less overhead, no latency), Trust scaling and distribution
• Size
Full RPM support library < 10KB
• Flexibility
Federated Trust Model support – global network definition
Full OSI ‘any-level’ support (network, transport, session, application)
Full Standards support for ‘pieces’ (e.g., authentication, IKE, etc. – all/parts of RPM fulfills Standards calls in financial, HIPPA, etc.)
What’s Novel About RPM?
• Power
Primitives, full operation optimized at machine level: registry-based computational effort (lowest possible)
• Performance
Optimized computation delivers real time instantiation: 5 microseconds [CEBundle at 5440613985 Nanoseconds for 1,000,000 RPM Iterations including: 1. RNG creation, 2. Authentication credential update with associated output, and 3. Unique message key creation for presentation to a cipher]
• Application
Design brings suitability for FGPA/ASIC (chip level)
Math delivers RFID, key manipulation/tagging (doc management), Identifiers application (Credit Card numbers, SSNs, PINs, etc.)
Size/low power brings sensors, drones, pacemakers – HW/SW
Speed delivers real-time, especially where real-time security doesn’t exist
What’s Novel About RPM?
Aside from the standard benefits of confidentiality, integrity, secrecy, privacy and authentication in any public/private network, RPM delivers several benefits because of its novel features:
• RPM fits where other protocols can’t
• RPM can operate where other protocols can’t
• RPM has less transmissions, sends less data than other protocols
• RPM can operate in real-time within the tolerances of most unsecured networks
Novel RPM Benefits
The core technology of the RPM System is a new method for generating a sequence of master keys, with derived session and child keys, for use in encryption and authentication. This core technology is based on sound principles of randomization, derived keys, and presenting the adversary under certain attacks with underdetermined equations.
–By Dr. Alan T. Sherman, May 27, 2005, An Initial Assessment of the RPM Authentication and Key-Management System: Highlights
Is RPM Secure?
The realized security is sharing a pair of common-credentials, sharing a common-key, secrecy of messages, sender authentication, common-key authentication, message authentication, common-key renewal, renewal of a pair of common-credentials, etc. Such a security-function integrated simple communication system will be useful for the future wireless communication system such as handy phones and ubiquitous networks.
– By Dr. Hatsukazu Tanaka, SCIS 2006 The 2006 Symposium on Cryptography and Information Security Hiroshima, Japan, Jan. 17-20, 2006, The Institute of Electronics, Information and Communication Engineers
Is RPM Secure?
Telcordia believes that the combination of all these paradigms and solutions in the RPM technology and system is a top-level, state-of-the-art, solution to the problem of designing an end-to-end multi-party security system. Overall, the RPM technology and system can certainly be considered as the result of sound, ingenious and novel thinking, targeting the most appropriate goals for the security properties of any system of this kind. More specifically, RPM has addressed essentially all major cryptographic and security attacks known in the related literature, and used essentially all necessary state-of-the-art cryptographic and security algorithms, protocols and techniques that are applicable to systems of this type. Additionally, RPM has proposed novel technology to solve the following problems: generation of a stream of pseudo-random values with special security guarantees, efficiently and securely encrypting data, continuously authenticating sender and receiver during an encryption session, protecting stored data or cryptographic keys, and providing communication security between any two parties. The RPM end-to-end security system reaches a level of content security that is comparable to the state of the art in this research direction, and, in fact, surpasses the state of the art by novel paradigms and solutions.
–By Dr. Giovanni Di Crescenzo, Telcordia, March 2011, Cryptography Assessment of Real Privacy ManagementTM (RPM) System : Extended Summary
Is RPM Secure?
10,000 RPM sessions in less than 100 seconds. DH takes longer than actual transmission
Practical Proof of RPM Benefits
RPM has application across a wide spectrum of industries, including Financial, Wireless, Computing and Telecommunications, Entertainment, etc.
In order to demonstrate RPM’s flexible application, it has been the core security protocol inside:
• TCP2 – a new secure version of TCP (Japan)
• Network Appliances – 10Mbps/100Mbps/1GB
• Secure Sockets Layer eXtended (SSLX)
• Noxx, Email Catalogs, bPositive
Practical Proof of RPM Features
RPM in SSL Replacement - SSLX
Governing body awards and monitors Public Directory Services
Trusted third-party installs DS application and databaseAvailable: Windows server
SSLX-VPN closed-communitysecure communication
package/deviceAvailable: Windows server
WebBrowser
Server
SSLX Public Administrator
Directory Service Private Directory Service
User updates browser withAdd-on forFirefox
Site admin upgrades server.
Available module: Apache mod_sslx
As another example of how RPM fits within an industry, here are some applications within Financial Services:
• Credit Card processing, payment gateways, POS, ATM, etc.
• Financial NFC systems (Active/Passive/BAP RFID, cellular, etc.)
• EMV Chip Card, POS and ATM systems (US rollout)
RPM Application for Financial
