ericssonhistory.com

More documents

Recommendations

Info

BOX B, SYMMETRIC KEY SYSTEMSGood symmetric key systems are consideredto be secure against (essentially) all but bruteforce,exhaustive key searches. The mostwidespread symmetric system is the dataencryption standard (DES), which was developedby IBM in the mid-1970s. The DES has akey size of 56 bits. With recent hardware developments,however, a 56-bit key size is nolonger considered secure. In fact, specialpurposemachines have been built that cansearch the entire key space in just a few hours.For this reason, the National Institute of Standardsand Technology (NIST) initiated thedevelopment of the advanced encryption standard(AES), which supports 128- to 256-bitkeys. Moreover, unlike the development ofDES, the AES design process is open to thepublic. From an initial set of 15 algorithms, theNIST has selected a set of five finalists. Thefinal AES algorithm is to be selected later thisyear, see http://www.nist.gov/aes/. A similarwork—the NESSIE project—is under way inEurope, see http://www.cryptonessie.org.Wireless networks add yet another dimensionto this scenario, making it necessary tosupport mobile virtual private networks(VPN) for mobile or remote employees.Communication securitymechanismsBasic cryptographyThe two main purposes of cryptography are• to maintain the confidentiality of messages;and• to guarantee the integrity of messages.Confidentiality is provided by encryption,whereas integrity can be provided by authenticationcodes or digital signatures.EncryptionThe encryption of packets protects IP traffic(Figure 2). Before sending a message (m)the sender uses a key (kl) to encrypt it. Theciphertext (c) is then sent over a public channelthat is open to eavesdroppers. To readthe message, the recipient uses a key (k2) todecrypt the ciphertext, thereby retrieving m.Although active adversaries can insert packetsand modify communication, for this discussionwe assume only passive listening.If kl and k2 are equal, the system is symmetric.Otherwise, it is said to be asymmetric.To guarantee security, k2 must alwaysbe kept secret, whereas kl can be madepublic—provided it is infeasible to derivek2 from kl. If indeed this is the case, thenthe system is called a public key system.Public key systems offer many interestingpossibilities; for instance, anyone can sendan encrypted credit card number to an onlineshop using the shop's public kl. Sinceonly the shop possesses k2, no one but theshop can determine the number. If a symmetricsystem were used, the shop wouldhave to exchange unique keys—privatelyand in advance—with every potential customer.The security of public key systems isalways based on the difficulty of solving certainmathematical problems, whereas symmetricschemes are more ad hoc in nature.The main drawback of public key systemsis that their mathematical nature alwaysmakes them less efficient than symmetricsystems; in particular, because the size ofkeys in public key systems is measured inkilobits—the keys of symmetrical systemsare only one tenth as large. Thus, the choiceof encryption method depends on the intendedapplication.Figure 2Use of encryption to protect a messagefrom eavesdropping.98 Ericsson Review No. 2, 2000
Figure 3Use of encryption and message authenticationcode (MAC) to protect a messagefrom eavesdropping and ensure messageintegrity.An example of a popular public key systemis the Rivest-Shamir-Adleman (RSA)system, which encrypts a message by interpretingit as a sequence of large integers thatare transformed via modular arithmetic.Throughput is in the kbit/s tange. Popularsymmetric systems include the data encryptionstandard (DES, Box B) and RC5.These systems, which belong to a categoryknown as block ciphers, encrypt at a rate ofseveral Mbit/s by dividing messages intoblocks, and using very efficient "bitfiddling"operations on each block. Themost efficient symmetric systems—calledstream ciphers—produce an "infinite"pseudo-random bit stream that is combinedor added to the message, bit by bit. Examplesof stream ciphers are RC4 and A5/1 (theencryption system used in GSM).In practice, a good cryptographic systemmakes it impossible for an outsider to readthe content of messages. However, encryptiondoes not protect data packets from beingmodified. For example, let us assume that apacket consists of one bit of data—"0" or" 1"—which corresponds to an encrypted "0"or "1" message. By changing the packet,someone could also change the message.Message authentication codesObviously, an integrity mechanism is neededto protect packets. The addition of a messageauthentication code (MAC) field enablesrecipients to detect whether or not any packetshave been modified. A MAC field is a sequenceof bits added to the original message.Modifications are detected by comparing thereceived MAC field with a checksum that isderived from the received message and a secretkey. If the output matches the teceivedMAC field, then the message is accepted asbeing authentic. Several MAC algorithmsexist. The one most commonly used in theInternet is the HMAC algorithm (Figure 3).A related security mechanism is the digitalsignature, which serves the same purposeas a MAC. However, whereas the MACcan only be verified by the intended recipient,a digital signatute can (in principle) beconfirmed by anyone. Keeping the terminologydefined above, a MAC is a symmetrictechnique, and a digital signature isasymmetric. Accordingly, in contrast to aMAC, a digital signature can give nonrepudiation;that is, if only one individualknows the secrer key, then no one but thatperson can have sent or used it.Ericsson Review No. 2, 2000 99
Page 1: Ericsson 2/2000REVIEWTHE TELECOMMUN
Page 4 and 5: ContributorsIn this issueLuis Barri
Page 6 and 7: Ericsson Review is also published o
Page 8 and 9: Evolving from cdmaOne to third-gene
Page 10 and 11: Figure 2Operators Harmonization Agr
Page 12 and 13: more features, and greater reliabil
Page 14 and 15: Figure 7Ericsson's third-generation
Page 16 and 17: Figure 11Ericsson's timeline for ev
Page 18 and 19: Third-generation TDMAChristofer Lin
Page 20 and 21: TABLE 1 MODULATION AND CODING SCHEM
Page 22 and 23: Figure 3An example of a cell patter
Page 24 and 25: Figure 5Curves illustrating maximum
Page 26 and 27: TABLE 3. DYNAMIC PACKET DATA SIMULA
Page 28 and 29: erage can be achieved in existing c
Page 30 and 31: Business solutions for mobile e-com
Page 32 and 33: Figure 2Comparison of traditional a
Page 34 and 35: BOX B, THE E-COMMERCE TIMELINE1999E
Page 36 and 37: Figure 6Mobile e-Pay end-user servi
Page 38 and 39: Figure 8Access features with push-a
Page 40 and 41: AuthenticationTo verify that end-us
Page 42 and 43: BOX C, MARKET HARMONIZATIONOn Tuesd
Page 44 and 45: Figure 2The footprint of the RBS 22
Page 46 and 47: Communications security in an all-I
Page 50 and 51: Figure 4Construction of an ESP-prot
Page 52 and 53: Figure 7An X.500 database structure
Page 54 and 55: Figure 9GPRS VPN scenarios.Figure 1
Page 56 and 57: TRADEMARKSRC4 and RC4 are registere
Page 58 and 59: HIPERLAN type 2 for broadband wirel
Page 60 and 61: Figure 3Typical usage of communicat
Page 62 and 63: Figure 6Mapping of higher layer pac
Page 64 and 65: TABLE 1PHYSICAL LAYER MODES OF HIPE
Page 66 and 67: Queen City WaterfrontEMERGING PROJE
Page 68 and 69: TABLE 2. IMPORTANT PARAMETERS FOR N
Page 70: Previous issuesNo. 1,2000IPv6—The

ericssonhistory.com

Create successful ePaper yourself

Delete template?

Save as template?