Encryption Channels • Acquisition Ciphertext Channel (ACC) • Only used during Acquisition and Authentication • Based on ACC key using AES 256 CBC symmetric encryption • Key is initially distributed to the remote manually then updated over the air in operation • Key is rolled every 28 days by default. Key is stored if the power is turned off. Remote must manually rekey if it is out of network for two keyrolls.
• Data Ciphertext Channel (DCC) • The DCC channel encrypts all user data traffic with the DCC key using AES 256 CBC symmetric encryption • Masks activity with random blocks of data when remotes have no data to send “Wall of Data” • Key is updated over the air every 8 hours by default. Not stored if power is cycled.
Operational Encryption
Wall of Data
Hub System XLM
XXLMXXLLMLX LLVLMXX
VMXXMM XXXMVLL
KR
IV VMXXMM XXXMVLL
KR
IV
TOS
00110101101001 SA DA
LLVLMXX
XLM
XXLMXXLLMLX
ACC key
ACC key
IP encryptor
DCC key
DCC key
IP encryptor
Evolution e8000 Series Remotes $%^#$#%@^&&#
SA DA
TOS
SA DA
TOS
$%^#$#%@^&&#
Demand Header DID
WAN
DCC key
Protocol Processor
TRANSEC Hub
Evolution e8000 Series Remotes
IP encryptor
Public Key Infrastructure (PKI)
• Host private keys/public keys • Asymmetric cryptography • Each host has a set of self generated private and public keys used for certificate exchange and verification • 2048 bit long private / public keys (RSA) • These keys protect all network key exchanges
• Each network element has a X.509 certificate • A certificate is a document that connects a public key to an identity • Used to authenticate remotes and build a chain of trust • Certificates are issued by iDirect CA
Public Key Infrastructure (PKI)
Wall of Data Hub System XLM
XXLMXXLLMLX LLVLMXX
VMXXMM XXXMVLL
KR
IV VMXXMM XXXMVLL
KR
IV
TOS
00110101101001 SA DA
LLVLMXX
XLM
XXLMXXLLMLX
X.509 Certificate
IP encryptor
DID #456789 Public Key
DCC key
Signature
$%^#$#%@^&&#
SA DA
TOS
SA DA
TOS
$%^#$#%@^&&#
ACC key
Demand Header DID
WAN
Protocol Processor
TRANSEC Hub
Strong Authentication
ACC key DCC key
IP encryptor
Evolution e8000 Series Remotes
TRANSEC Network Acquisition • When and only when a remote is out of network, the hub periodically invites it to acquire on ACC channel. • An out-of-network remote immediately responds to this invitation on the ACC with an "ACQ Burst" from which the hub calculates the timing, power and frequency offsets the remote must apply to successfully join the network. • The hub and remote authenticate across the ACC using X.509 Certificate Exchange • Current ACC and DCC keys are encrypted using the remote’s public key (PKI) and distributed to each remote
Acquisition and Authentication
VMXXMM XXXMVLL
X.509 Certificate ACC key
DID #456789 Public Key
DCC key
Signature
ACC key DCC key
Evolution e8000 Series Remotes ACC key
DCC key ACC key
X.509 Certificate DID #123456 Public Key
ACC key DCC key
Signature DCC key
Protocol Processor
TRANSEC Hub
Evolution e8000 Series Remotes
ACQ Obfuscation
• To mask the actual acquisition activity, the hub will • Issue dummy invitations to remotes already in network, so that it appears there is always some acquisition activity. Remotes in network will always burst in response to dummy invitations. • Deliberately not issue invitations for some slots, so the ACQ channel never appears full. • Issue normal invitations, in which some remotes will burst and others will not.
• Frequency, timing and power of “dummy” bursts will vary to hide usage patterns
Key Rolls • Changing encryption keys Peer 1 periodically helps prevent attackers from deriving keys from captured data (cryptanalysis) • iDirect TRANSEC makes rolling period configurable • ACC key must be manually distributed the first time or if a remote is out of network for 2 ACC keyrolls
Key Distribution Protocol Peer 2
Mutual Trust Established
Key Distribution Complete
Global Key Distributor
• Global Key Distributor (GKD) • GKD distributes ACC key among one or more networks • Allows roaming remotes to acquire into all networks
• Multiple GKDs can be configured for redundancy • Within an individual hub • Between multiple hubs
Handling Security Compromises • Zeroization is a process for removing all Critical Security Parameters (CSPs) from a network element. • Network configuration • DCC and ACC keys • Public/private key pair
• Certificate revocation adds a certificate to the CRL, breaking trust between an entity and the rest of the network. • Network acquisition fails • Key distribution ceases to work
• Operator-triggered key rolls, in combination with certificate revocation prevents network elements from decoding data.
