Title: Presentation of ePP eSeal Protection Protocol for ISO 181854
1Presentation of ePP (eSeal Protection Protocol)
for ISO 18185-4
Presented for consideration to ISO TC104 SC4 WG2
- YouSung Kang
- (youskang_at_etri.re.kr)
- 2005. 10. 19.
2Contents
- ePP (eSeal Protection Protocol)
- Motivation
- Terminology
- Effects
- Procedure
- Packet Structure
- Performance Analysis
- Appendix
- A. ePP Scenarios
- B. ePP Cryptographic Operation
- C. ePP Security Analysis
3ePP (eSeal Protection Protocol)
4Introduction
- Scope
- The purpose of this presentation is to explain an
eSeal protection protocol (ePP) - What is the ePP?
- ePP stands for eSeal Protection Protocol
- Security protocol for protecting confidential
information between an eSeal and its associated
reader - Provides the mutual authentication, data
confidentiality, data integrity, non-repudiation
of stored data, immunity to DoS, and replay
protection - Developed by ETRI1) for protecting eSeal data
- Simulated in LIT2) at PNU3)
1) ETRI Electronics and Telecommunications
Research Institute 2) LIT Research Center for
Logistics Information Technology 3) PNU Pusan
National University
We are expecting this presentation to be
considered as the next generation version of ISO
18185-4
5Motivation
- ISO 18185-4 Gen 1
- The first generation standard released in August
31, 2005 - Did not satisfy requirements for the data
protection and device authentication - Comparing ePP with ISO 18185-4 Gen 1
1) CCMe Counter with CBC-MAC for eSeal, refer to
Appendix B.
6Terminology
- eSeal (Electronic Seal)
- A read only, non-reusable freight container seal
conforming to the high security seal defined in
ISO 17712 and conforming to ISO 18185 or revision
thereof that electronically evidences tampering
or intrusion through the container doors - ISO 18185-4 Gen 1
- The first generation standard distributed on
August 31, 2005 - ePP (eSeal Protection Protocol)
- Security protocol for protecting confidential
information between an eSeal and its associated
reader - SART (Secure Active RFID Tag)
- Conforms to eSeal
- Includes confidential information
- Supports ePP and keyed-write/keyed-read
- SARR (Secure Active RFID Reader)
- Conforms to eSeal reader
- Supports ePP and keyed-write/keyed-read
7Terminology
- CCMe (CCM for eSeal)
- Based on the CCM of the AES encryption algorithm
- Supports both of confidentiality and integrity of
eSeal data - CCM (Counter mode with CBC-MAC)
- Defined in IETF RFC 3610
- Generic authenticated encryption block cipher
mode - Combines Counter mode for confidentiality and
CBC-MAC for integrity - CBC-MAC (CBC-Message Authentication Code)
- Defined in FIPS 113
- Message integrity mechanism
- CBC (Cipher Block Chaining)
- A kind of block cipher operation modes
- ECDSA (Elliptic Curve Digital Signature
Algorithm) - Defined in X9.62
- Digital signature mechanism providing
non-repudiation of stored data
8ePP Coverage
ISO 18185-1 Coverage
? Collection Request
? Seal ID Response
1) i.e., pre-Shared Key
? eSeal Key Material1) Request
ePP Assumptions
? Reader Authentication Request
- SART and SARR have the same pre-Shared Key
- Information to be protected will be defined later
- One SARR performs keyed-action as much as
reasonable frequency
? Reader Authentication Response
SART
? eSeal Key Material Response
SARR
Authentication Server
? ePP Operation Request
? ePP Operation Response
ePP Coverage
- ?, ? Collect Seal ID, defined in ISO 18185-1
- ?, ?, ?, ? Reader Authentication by
authentication server and Get Key Material, out
of scope of ePP - ?, ? ePP Coverage
9ePP Command
10ePP Effects
- Performance Analysis
- Target environments
- TI MSP430
- A simple low power controller
- 8MHz, 16-bit RISC CPU
- Program memory 55 KB (max 120 KB)
- SRAM 5 KB (max 10 KB)
- User memory about 2KB
- Test code for AES (priority to computation speed)
- 14 KB Code
- 4 KB Data
- 10 KB CONST
11ePP Effects
For example, the maximum length of the
information that will be encrypted is 176 Bytes
in the ePP.
12ePP Write Information
ePP Write Information - Request
(Max 234 B)
8
42
max 176 1)
8
0x51
D(encrypted I)
MIC
S
r
1) D has length of max 176 because of ePP Read
Information Response format and max multiple
number of 16 less than 182
Max 252 Byte x (about) 0.324 ms/B (about) Max
81.648 ms
ePP Write Information - Response
8
16 3)
8
0x51
0x2430 2)
D(encrypted DT)
MIC
r
3) D has length of 16 because of CCM encryption
feature
2) Seal type 110 (SART)
47 bytes in this case x 0.324 ms/B 15.228 ms
13ePP Write Information
SARR
SART
Assume pre-Shared Key KE Generate Random number r
Prepare Information I Perform Digital Signature
S for I using ECDSA CCMe_ENCKE(r, S, I)1)
Assume pre-Shared Key KE
ePP Write Information - Request
ePP Packet Header
D(encrypted I)
MIC
CRC
S
r
Receive ePP Write Information - Request
1) refer to Appendix B.
CCMe_DECKE(r, S, D) If received r ? stored r ?
Failure
error handling (e.g., discard)
Success
Store r, S, and I Record Date/Time DT and Int. ID
IID CCMe_ENCKE(r, Null, DT)
ePP Write Information - Response
ePP Packet Header
D(encrypted DT)
MIC
CRC
r
Receive ePP Write Information - Response
CCMe_DECKE(r, Null, D)
Failure
error handling (e.g., request again)
Success
Record DT
14ePP Write Information
SART
SARR1)
ePP Write Information - Request
ePP Packet Header
D(encrypted I)
MIC
CRC
S
r
?
Max 252 Byte x (about) 0.324 ms/B (about) Max
81.648 msec
1)Computation speed depends on hardware
performance.
?
Analysis
?
?
?
?
?
Communication time(96.876 ms) Computation
time(29.573 ms) 76.6 23.4
2)MTK Mutual Transient Key. refer to Appendix C.
ePP Write Information - Response
ePP Packet Header
D(encrypted DT)
MIC
CRC
r
?
47 bytes in this case x 0.324 ms/B 15.228 msec
15ePP Alert Message
ePP Alert Message
8
16
8
0x7F
0x1830 1)
D(encrypted A)
MIC
r
1) Seal type 110 (SART)
49 bytes ( 17 32) in this case x 0.324 ms/B
15.876 ms
16ePP Alert Message
SARR
SART
Assume pre-Shared Key KE
Assume pre-Shared Key KE
Generate Random number r Prepare Alert message
A CCMe_ENCKE(r, Null, A)
ePP Alert
ePP Packet Header
D(encrypted A)
MIC
CRC
r
Receive ePP Alert
CCMe_DECKE(r, Null, D) If received r ? stored r ?
Failure
error handling (e.g., discard)
Success
Store r Report to manager
17ePP Alert Message
SART
SARR
Analysis
?
?
?
Communication time(15.876 ms) Computation
time(9.968 ms) 61.4 38.6
1)MTK Mutual Transient Key. refer to Appendix C.
ePP Alert
ePP Packet Header
D(encrypted A)
MIC
CRC
r
?
49 bytes ( 17 32) in this case x 0.324 ms/B
15.876 msec
18ePP Read Information
ePP Read Information - Request
8
16 1)
8
0x53
MIC
r
D(encrypted DT)
1) D has length of 16 because of CCM encryption
feature
50 bytes in this case x 0.324 ms/B 16.2 ms
ePP Read Information - Response
(Max 234 B)
8
42
max 176 3)
8
0x28302)
0x53
D(encrypted I)
MIC
S
r
2) Seal type 110 (SART)
3) D has length of max 176 because of max
multiple number of 16 less than 182
Max 249 Byte x 0.324 ms/B Max 80.676 ms
19ePP Read Information
SARR
SART
Assume pre-Shared Key KE Generate Random number
r Prepare Date/Time DT CCMe_ENCKE(r, r, DT)
Assume pre-Shared Key KE
ePP Read Information - Request
ePP Packet Header
MIC
CRC
r
D(encrypted DT)
Receive ePP Read Information - Request
CCMe_DECKE(r, r, D) If received r ? stored r ?
Failure
error handling (e.g., discard)
Success
Store r Record Date/Time DT and Int. ID
IID CCMe_ENCKE(r, S, I)
ePP Read Information - Response
D(encrypted I)
MIC
CRC
S
ePP Packet Header
r
Receive ePP Read Information - Response
Failure
CCMe_DECKE(r, S, D)
error handling (e.g., request again)
Success
Record DT Transmit S and I to upper layer
20ePP Read Information
SART
SARR1)
ePP Read Information - Request
ePP Packet Header
MIC
CRC
r
D(encrypted DT)
?
50 bytes in this case x 0.324 ms/B 16.2 msec
1)Computation speed depends on hardware
performance.
?
Analysis
?
?
?
?
?
Communication time(96.876 ms) Computation
time(29.992 ms) 76.4 23.6
2)MTK Mutual Transient Key. refer to Appendix C.
ePP Read Information - Response
D(encrypted I)
MIC
CRC
S
ePP Packet Header
r
?
Max 249 Byte x 0.324 ms/B Max 80.676 msec
21ePP Summary
- Features
- Security services for eSeals confidential
information - Mutual authentication between eSeal and its
associated reader - Data confidentiality
- Data integrity
- Non-repudiation of stored data
- Immunity to DoS
- Replay protection
- Implementation with software upgrade
- We can accommodate the ePP program to the current
hardware component - The dominant portion of data read/write operation
is not data encryption/decryption time, but data
communication time - Concealing of Seal ID is out of scope of the ePP
22Discussion
- Any Questions or Comments?
Thank you for your attention !
23Appendix
24Appendix A. ePP Scenario
- ePP Write
- 1. Initial status
- - SART status Open and unSealed
- - SARR condition Law enforcement agent(e.g.,
customs police) reader - 2. Get Seal ID and SART status
- - SARR ? SARTs, broadcast, plaintext Wake-up
signal - - SARR ? SARTs, broadcast, plaintext Send
Collection command - - SARTs ? SARR, broadcast, plaintext Respond
Seal ID - - SARR ? SART, point-to-point, plaintext Send
Get seal Status command - - SART ? SARR, point-to-point, plaintext
Respond Open and unSealed - 3. ePP Write Information
- - SARR ? SART, point-to-point, ciphertext Send
ePP Write Information - Request command - - SART ? SARR, point-to-point, ciphertext
Respond ePP Write Information - Response - 4. Transition SART status
- - SART external Physically closed and
sealed(e.g., cable connected, bolt inserted) - - SART internal Record Event Date and Time on
Sealed Event Record, then, transition to
Closed and Sealed
25Appendix A. ePP Scenario
- ePP Alert
- 1. ePP Alert
- - SART ? SARR, point-to-point, ciphertext Send
ePP Alert
26Appendix A. ePP Scenario
- ePP Read
- 1. Status
- - SART status Closed and Sealed
- - SARR condition Authorized(e.g., the owner of
goods, customs police) reader - 2. Get Seal ID
- - SARR ? SARTs, broadcast, plaintext Wake-up
signal - - SARR ? SARTs, broadcast, plaintext Send
Collection command or Collection Seal IDs with
Event Record command - - SARTs ? SARR, broadcast, plaintext Respond
Seal ID or Seal ID Event Record - 3. ePP Read Information
- - SARR ? SART, point-to-point, ciphertext Send
ePP Read Information - Request command - - SART ? SARR, point-to-point, ciphertext
Respond ePP Read Information - Response - 4. Transition SART status
- - SART external Physically open and seal broken
(e.g., cable disconnected, bolt removed) - - SART internal Record Event Date and Time on
Seal open Event Record, then, transition to
Opened
27Appendix B. ePP Cryptographic Operation
- PRNG (Pseudo Random Number Generation)
- Used for selection of slot time
- Out of scope
- PRF (Pseudo Random Function)
- MTK(Mutual Transient Key) derivation function
- Uses the pre-Shared Key as a secret information
- Assume that SART and SARR have the same
pre-Shared Key, securely. - CBC-MAC (FIPS 113) using AES
pre-Shared Key (128 bits)
CBC-MAC(pre-Shared Key, Random number Seal ID
Int. ID)
Int. ID is omitted in case of ePP Alert
MTK (CCM Enc/Decryption Key, 128 bits)
28Appendix B. ePP Cryptographic Operation
- Confidentiality Integrity
- CCMe (Counter with CBC-MAC Protocol for eSeal)
- Counter mode for message confidentiality
- CBC-MAC for message authentication
- Expanded by 8 bytes (additional MIC 8 bytes)
- Digital Signature
- ECDSA-163 (Elliptic Curve Digital Signature
Algorithm) - Small size (about 42 bytes) relatively to RSA
Signature
29Appendix B. ePP Cryptographic Operation
before
ePP Packet Header
Data to be encrypted
S
r
ePP Packet Header (16B) r (8B) S(42B)
CCM encryption
AAD (42B)
AAD Additional Authentication Data
Plaintext ePP Packet
Data (max 176B)
Seal ID(6B), Int. ID(2B)
PRF (CBC-MAC)
(C) ePP Packet
(A)
(B)
Random number (8B)
pre-Shared key (16B)
MTK (16B)
Construct Nonce
CRC
Nonce (13B)
(C)
(B)
(A)
after
ePP Packet Header
encrypted Data
MIC
CRC
S
r
30Appendix B. ePP Cryptographic Operation
before
ePP Packet Header
encrypted Data
MIC
CRC
S
r
ePP Packet Header (16B) r (8B) S(42B)
AAD (42B)
CCM decryption
AAD Additional Authentication Data
Data (max 176B)
ePP Packet
MIC (8B)
after CRC check
MIC Message Integrity Code
PRF (CBC-MAC)
Seal ID(6B), Int. ID(2B)
Plaintext ePP Packet
(A)
(B)
Random number (8B)
pre-Shared key (16B)
MTK (16B)
Construct Nonce
Nonce (13B)
(B)
(A)
ePP Packet Header
decrypted Data
after
S
r
31Appendix B. ePP Cryptographic Operation
- CCMe Notation
- Encapsulation
- CCMe_ENCKE(r, AAD, D)
- where, CCMe_ENC means CCMe encryption operation.
- KE is a secret key for CCMe, for example,
pre-Shared Key. - r is a random number which becomes a part of
Nonce. - AAD is an additional authentication data, for
example, digital signature value S. - D is data to be encrypted, for example,
confidential information I. - Decapsulation
- CCMe_DECKE(r, AAD, D)
- where, CCMe_DEC means CCMe decryption operation.
- KE is a secret key for CCMe, for example,
pre-Shared Key. - r is a random number which becomes a part of
Nonce. - AAD is an additional authentication data, for
example, digital signature value S. - D is data to be decrypted.
32Appendix C. ePP Security Analysis
- Mutual Authentication
- Security service for ePP Write Information and
ePP Read Information - Both of SARR and SART can be authenticated by
proving each to have the same pre-Shared Key - SART authenticates SARR by verifying the
integrity of received data - Only SARR having pre-Shared Key can derive
MTK(CCMe Encryption Key) - In SART, if the integrity of received data is
confirmed, SART admits SARR to be lawful - So does SARR, too.
33Appendix C. ePP Security Analysis
- Key Establishment
- MTK(Mutual Transient Key CCMe Enc/Decryption
Key) is derived from pre-Shared Key - MTK is generated from each internal PRF block of
SART and SARR - MTK PRF-128(pre-Shared Key, Random number
Seal ID Interrogator ID) - (Exception) MTK for ePP Alert
PRF-128(pre-Shared Key, Random number Seal ID) - MTK is not transmitted through wireless channel
- Construct Nonce
- Nonce (13 bytes) Seal IDs MSB (3 bytes)
Int. ID (2 bytee) Random number (8 bytes)
34Appendix C. ePP Security Analysis
- Data Confidentiality and Data Integrity
- Default cipher algorithm is CCMe (Counter with
CBC-MAC for eSeal) - CCM supports message encryption and message
authentication - Confidential information is encrypted using MTK
- MIC for the confidential information and the
digital signature value is calculated using MTK - Data confidentiality and integrity is guaranteed
by CCM using MTK - Non-Repudiation of Stored Data
- Information(I) must be guaranteed
- Law enforcement agent performs Digital
Signature(S) for Information(I) using its own
private key - SART conserves Information(I) and Digital
Signature(S) - SARR verifies the Digital Signature(S) using law
enforcement agents public key
35Appendix C. ePP Security Analysis
- Immunity to DoS(Denial of Service)
- Request of Information Read/Write from illegal
reader - Only SARR having pre-Shared Key can derive MTK
- In SART, if the integrity check of received data
fails, the request message may be discarded - Alert message from illegal tag
- Illegal alert messages give burden to backbone
network, so it is important to suspend illegal
messages - Alert message must be encrypted using MTK
- In SARR, if the integrity check of received data
fails, the request message may be discarded
36Appendix C. ePP Security Analysis
- Replay Protection
- A kind of resource exhaustion attack
- SART holds a list of the previous Random
numbers(r) up to reasonable size - SART compares the received Random number(r) with
the list - In SART, if the same Random number(r) is found,
the request message is discarded