💾 Archived View for spam.works › mirrors › textfiles › programming › sp4rpt.hac captured on 2023-06-16 at 20:12:20.

View Raw

More Information

-=-=-=-=-=-=-





NISTIR 90-4228





                         PROTOTYPING SP4
         A SECURE DATA NETWORK SYSTEM TRANSPORT PROTOCOL
             INTEROPERABILITY DEMONSTRATION PROJECT









       Charles Dinkel, Noel Nazario, and Robert Rosenthal
                   Computer Security Division
              National Computer Systems Laboratory
         National Institute of Standards and Technology
                     Gaithersburg, MD  20899











                        TABLE OF CONTENTS


ABSTRACT . . . . . . . . . . . . . . . . . . . . . . . . . . .  1

PREFACE. . . . . . . . . . . . . . . . . . . . . . . . . . . .  2

1.  PROJECT SUMMARY. . . . . . . . . . . . . . . . . . . . . .  3
     1.1  Computer Network Security - Why Needed?. . . . . . .  3
     1.2  Why Security at Layer 4 (SP4)? . . . . . . . . . . .  3
     1.3  NIST's OSI Security Laboratory . . . . . . . . . . .  3
     1.4  Results. . . . . . . . . . . . . . . . . . . . . . .  4
     1.5  Future Work. . . . . . . . . . . . . . . . . . . . .  4

2.   INTRODUCTION. . . . . . . . . . . . . . . . . . . . . . .  5

3.   BACKGROUND INFORMATION FOR SP4. . . . . . . . . . . . . .  6

4.   SP4 INTEROPERABILITY PROJECT DESCRIPTION. . . . . . . . .  7
     4.1  GOSIP Security . . . . . . . . . . . . . . . . . . .  7
     4.2  The Secure Data Network System (SDNS) Project at
          NIST . . . . . . . . . . . . . . . . . . . . . . . .  7
     4.3  SDNS Status. . . . . . . . . . . . . . . . . . . . .  9
     4.4  SP4 Protocol Development . . . . . . . . . . . . . . 11

5.   OSI SECURITY LABORATORY PROGRAM . . . . . . . . . . . . . 12

6.   SP4 INTEROPERABILITY TESTING. . . . . . . . . . . . . . . 14
     6.1  Establishing the SP4 Laboratory. . . . . . . . . . . 14

7.   VENDOR IMPLEMENTATIONS OF SP4 . . . . . . . . . . . . . . 16
     7.1  IBM SP4 Implementation - Description and Features. . 16
     7.2  Digital Equipment Corporation SP4 Implementation -
          Description and Features . . . . . . . . . . . . . . 17
     7.3  Hughes Aircraft Company SP4 Implementation - Description
          and Features . . . . . . . . . . . . . . . . . . . . 18

8.   RESULTS OF LABORATORY TESTING OF SP4 PROTOTYPES . . . . . 20
     8.1  SP4 Interoperability Demonstration . . . . . . . . . 20
     8.2  Hughes/Digital Interoperability Demonstration. . . . 20
     8.3  IBM Interoperability Demonstration . . . . . . . . . 20
     8.4  Alignment of SP4 Implementations . . . . . . . . . . 21

9.   CONCLUSIONS . . . . . . . . . . . . . . . . . . . . . . . 22

10.  FUTURE SP4 EFFORTS. . . . . . . . . . . . . . . . . . . . 23
     10.1 NIST SP4 Reference Implementation and Conformance Test
          Methodology. . . . . . . . . . . . . . . . . . . . . 23

LIST OF ABBREVIATIONS. . . . . . . . . . . . . . . . . . . . . 24

REFERENCES . . . . . . . . . . . . . . . . . . . . . . . . . . 25

APPENDIX 1  OSI SECURITY LABORATORY MILESTONES . . . . . . . . 26

APPENDIX 2  OSI SECURITY LAB GUIDELINES. . . . . . . . . . . . 28

APPENDIX 3  NIST SP4 DEMONSTRATION AGREEMENTS. . . . . . . . . 29



                         PROTOTYPING SP4
         A SECURE DATA NETWORK SYSTEM TRANSPORT PROTOCOL
             INTEROPERABILITY DEMONSTRATION PROJECT




       Charles Dinkel, Noel Nazario, and Robert Rosenthal
                   Computer Security Division
              National Computer Systems Laboratory
         National Institute of Standards and Technology
                  Gaithersburg, Maryland 20899




ABSTRACT

The NIST Secure Data Network System (SDNS) project implements
computer to computer communications security for distributed applications. 
The internationally accepted Open Systems Interconnection (OSI) computer
networking architecture provides the framework for SDNS, which is a project
of the National Security Agency (NSA).  SDNS utilizes the layering principles
of OSI to implement secure data transfers between computer nodes of local
area and wide area networks.  SDNS implements SP4, a security protocol at
the OSI Transport layer (layer 4) that provides end-to-end reliable
transparent data communications with confidentiality and integrity security
services.  Laboratory prototypes of SP4 formed the basis of proposed
voluntary national standards and will form the basis for future security
enhancements for the Government Open Systems Interconnection Profile
(GOSIP). 

KEY WORDS

Computer security, conformance testing, local area networks (LAN), network
security, protocol security, SDNS, transport protocols







The mention of certain vendor products in this report in no way implies
endorsement or recommendation of any kind.








                             PREFACE
                                 

        The Computer Security Act of 1987 (P.L. 100-235), focuses
        attention on the need to protect sensitive government
        information.  The National Institute of Standards and
        Technology (NIST) is assigned the responsibility for
        developing standards and guidelines to improve the
        Federal Government's management and use of computer
        and related telecommunications systems.  Included in this
        effort is developing cost-effective security mechanisms for
        providing privacy and security of sensitive information in
        Federal computer systems.

        In addition to its responsibilities for the development of
        standards and guidelines, NIST's National Computer
        Systems Laboratory (NCSL) provides technical assistance
        to federal agencies and conducts a program of research. 
        This program supports both standards development and
        technical assistance, and includes the development of test
        methods, the conduct of laboratory based activities, and
        collaborative research with other organizations.

        In all areas of standards development, NIST has adopted
        the approach of working closely within the voluntary
        standards community to encourage National and
        international standards that meet the requirements of the
        U.S. Federal Government.  The networking standards
        community bases its work on the International Standard
        Organization's (ISO) Basic Reference Model for Open
        Systems Interconnection (OSI).  This model, recognized
        internationally as a framework under which computer-to-
        computer communications protocols are developed, forms
        the basis for NIST's standards development and
        implementations activities for computer networks.



1.  PROJECT SUMMARY

                                
1.1 Computer Network Security - Why Needed?

The Open Systems Interconnection (OSI) standards being adopted by
government and industry make it possible to interconnect computer systems
manufactured by different vendors.  Maintaining the confidentiality, integrity,
and availability of data transmitted between these interconnected computers
poses new problems.  Users of networked computers need assurance that the
systems with which they are communicating are not only "open", but also
secure from unauthorized modifications, undetected loss, and unauthorized
disclosure.  Standard security protocols must provide for the verification of
the identities of both the senders and receivers of data to ensure that
computers and connecting communications are secure.

1.2 Why Security at Layer 4 (SP4)?

The Transport layer of the 7-layer OSI model provides reliable end-to-end
transparent data communications through a network.  The Transport layer
security  protocol (SP4) provides confidentiality and integrity services to data
being transmitted between computers.  NIST decided to focus initial network
security work at layer 4 for several important reasons:

    a.  Security at the Transport layer (SP4) is independent of network
        technology

    b.  The security protocols developed for the transport layer had
        matured to the point where vendors could begin building prototype
        implementations. 

    c.  SP4 had the potential to become a government and industry
        standard. 


1.3 NIST's OSI Security Laboratory

The OSI Security Laboratory was established to provide a resource where
interested researchers from government and industry can experiment with
new network security ideas.  Three vendors, Digital Equipment Corporation,
IBM, and Hughes Aircraft Company are currently using the laboratory to test
and demonstrate a subset of the Transport Layer security protocols (SP4).
  
1.4 Results

    a.  Interoperability of the Hughes and Digital prototype SP4
        implementations has been achieved.  

    b.  The success of the NIST project prompted NSA to release ten
        Secure Data Network System (SDNS) documents for public review.

    c.  The SP4 protocol specification has been accepted by the American
        National Standards Institute (ANSI) as a New Work Item.

1.5 Future Work

The results achieved in the OSI Security Laboratory demonstration of SP4
justify follow-up work.  NIST is planning to develop a reference
implementation of SP4 and related conformance test methodologies and to
initiate work in the area of Key Management.  The use of labels in SP4 is
another item that is under investigation. Integrated Services Digital Networks
(ISDN) security activities may lead to the establishment of an OSI/ISDN
security laboratory.



2.  INTRODUCTION

                                
This report describes the results of work that NIST completed as part of its
commitment to provide solutions and develop standards for, computer
network security.  The approach that NIST adopted was to work in
partnership with the National Security Agency (NSA) and industry to
demonstrate security at the Transport layer of the OSI model.

NIST is active in developing federal, national and international security
standards based on laboratory results in network security.  An OSI Security
Laboratory was established to permit engineers from NIST, IBM, Digital and
Hughes to cooperatively develop prototype implementations of Transport
layer security protocols (SP4).  Interoperability demonstrations of the SP4
implementations provided by the three vendors were conducted in the
laboratory.  An important goal of this effort is to develop commercial
markets for security products based on U.S. Government and industry
requirements.



3.  BACKGROUND INFORMATION FOR SP4

                                
The Security Protocol at Layer 4 of the OSI 7-layer architecture is called
SP4.  The OSI architecture is defined by International Standard IS-7498, a
document issued by the International Organization for Standardization (ISO). 
The SP4 protocol document is based on the Security Architecture addendum
to OSI, IS-7498/2.  SP4 provides Integrity and Confidentiality services at the
bottom of the Transport Layer (layer 4), right on top of the Network Layer
(layer 3).  

Layer 4 is the first place in the OSI architecture where reliable end-to-end
connections are established.  All the addressing information in layer 3 and
below remains in the clear.  For this reason SP4 can provide transparent
protection regardless of the type of network used; e.g. wide area or local
area. 

SP4 makes no assumptions about the encryption algorithm(s) used.  It also
assumes that some other trusted entity is responsible for providing pairwise
cryptographic associations that support local security policies.

SP4 takes the information from layer 4 and above and encapsulates it.  If the
Integrity Service is requested, the encapsulation consists of a cryptographic
checksum performed over all the information from Transport and above. 
The result of the checksum is appended to the end of the packet.  If
Confidentiality is requested, the packet plus the integrity checksum, if present,
is encrypted. 

There are two major options in SP4; SP4-E and SP4-C.  SP4-E stands for
"End-to-End" SP4 protection.  This option provides a single cryptographic
association to protect all communications between any pair of end systems. 
The E option supports a connectionless security service as described in IS-
7498/2.  SP4-E provides protection for either connection-oriented or
connectionless Transport.

SP4-C is "Connection-oriented" SP4 protection.  Under this option every
Transport connection is protected by an individual cryptographic association. 
It provides a finer key granularity than SP4-E.  This is a connection-oriented
security service as specified in IS-7498/2.  SP4-C protection can only be
provided when a connection-oriented Transport service is available.



4.  SP4 INTEROPERABILITY PROJECT DESCRIPTION

                                
4.1 GOSIP Security 

The Government Open Systems Interconnection Profile (GOSIP), FIPS 146,
identifies standard OSI network protocols and specific options for use in
federal Government distributed computer network applications.  Taken
together, these standard protocols and options form a profile.  Today, GOSIP
does not include a security profile, but does includes a chapter on security
that provide for a security label consistent with the Internet Protocol Security
Option.  The appendix to GOSIP identifies security as the highest priority
advanced requirement for future versions of GOSIP.

NIST works with the National Security Agency (NSA) and industry to bring
proposals for security technology standards to the voluntary standards
community.  The goal is to develop internationally accepted standards that
can be implemented in network security products, that meet the U.S.
Government's security requirements and can be marketed internationally by
U.S. industry.  The GOSIP security profiles will reflect these international
standards where appropriate.  

4.2 The Secure Data Network System (SDNS) Project at NIST

At the present time there are no base standards for computer network
security.  One of NIST's objectives in participating in the SDNS project was
to assist in developing a framework of base standards for security.  Working
with IBM, Digital and Hughes, NIST was able to develop a set of agreements
for demonstrating the interoperability of SP4 prototype implementations.

The SP4 protocol specification has been modified and updated as a result of
work accomplished in the NIST OSI Security Laboratory.  This specification
has been submitted to ANSI where it is expected it will serve as the basis for
a national, and eventually, an international (ISO) standard for security.  Once
base standards for security exist, these can be submitted to the NIST
Workshop for Implementors of OSI to begin the process of establishing stable
implementation agreements. These agreements often serve as catalysts to the
development and marketing of actual vendor products.

While it is recognized that detailed security mechanisms would differ for
classified and unclassified applications, both would benefit from a common
security foundation.  The OSI Basic Reference Model provides the
foundation.  Through participation in the Secure Data Network System
(SDNS) project of the National Security Agency, NIST expects to exploit the
potential economic benefits derived from standardizing security built on that
foundation.  NIST's SDNS activities will help define the architecture and
protocols within the framework of the OSI computer network model to
provide data communications with security.  In addition, requirements for a
key management system will be specified and vendors encouraged to develop
interoperable equipments that implement SDNS Protocols.
    
Three phases of the SDNS project were defined.  Phase 1, completed in mid
1987, developed a security architecture based on the OSI model and defined
a key management system for use on commercial data networks.

Phase 1A, focused on the development of protocols for Phase 1.

Phase 2 will result in a family of low cost interoperable off-the-shelf security
products for use in personal computers, micro and mini-computers, modems
and host computers.  These devices will provide protection for local area
networks (LANS), electronic mail (E-Mail), and public and private data
networks.
4.3 SDNS Status

NIST has taken an active role in national and international standards
activities for computer networks; and at industry's request, NIST sponsors the
NIST Workshop for Implementors of Open Systems Interconnection. 
Workshop documents record stable implementation agreements of OSI
protocols among the organizations participating in the NIST Workshop.  The
Workshop's Special Interest Group  on Security has reviewed the SDNS
documents dealing with security protocols at layer 3 (SP3) and at layer 4
(SP4).  Current work involves defining the security services and information
that must be provided by a Key Management System to SP4.

The dotted lines in Figure 1 illustrate the possible locations for security
protocols in the GOSIP, FIPS 146.  NIST's computer network security
standards activity focuses on development of security profiles that include
SP3, SP4, security management, security for electronic mail (X.400), and
possibly SP2 security.

In April 1989, NSA released the SP4 specification into the public domain. 
The ANSI committee responsible for data communications (X3S3.3) reviewed
the SP4 document during its April 1989 meeting and approved it for
placement as a New Work Item for ISO standardization.  This contribution
serves as base text for use in preparation of Addenda to the ISO 8073 (OSI
Connection Oriented Transport Protocol Specification) and ISO 8602 (OSI
Connectionless Transport Service) documents.

The following SDNS documents have also been released for public review:

SDNS.301 -   Security Protocol 3 (SP3)
SDNS.601 -   Key Management Profile - Communication Protocol
             Requirements for Support of the SDNS Key Management
             Protocol
SDNS.701 -   Message Security Protocol
SDNS.702 -   SDNS Directory Specifications for Utilization with the SDNS
             Message Security Protocol
SDNS.801 -   Access Control Documents
SDNS.802 -   Access Control Specification
SDNS.902 -   Key Management Protocol - Definition of Services Provided
             by the Key Management Application Service Element
SDNS.903 -   Key Management Protocol - Specification of the Protocol for
             Services Provided by the Key Management Application Service
             Element
SDNS.906 -   Key Management Protocol - SDNS Traffic Key Attribute
             Negotiation 

      
4.4 SP4 Protocol Development

SDNS SP4 Implementors Meetings were held approximately every two months
at NIST.  During these meetings, the participants, representatives from IBM,
Hughes, and Digital, met with NIST engineers and reviewed the status of the
SP4 implementations, updated the set of Demonstration Agreements, and
recommended changes and corrections to implementations in the laboratory. 
The Demonstration Agreements were a subset of the SP4 protocol
specifications that the three vendors agreed to implement in their prototypes. 
Appendix 3. is an outline of those agreements.

Laboratory sessions permitted the vendor representatives to discover
differences and "bugs" that prevented their SP4 implementations from
interoperating.  Information from this work was reviewed at the SP4 Protocols
Meeting and agreements modified and/or confirmed.  This allowed the
vendors to return to the laboratory with a clearer understanding of what had
to be done to their hardware and software to achieve interoperability.



5.  OSI SECURITY LABORATORY PROGRAM


NIST's OSI Security Laboratory was established as a direct result of a
recognized need for improved computer network security.  Current research
focuses on security at the Transport Layer (SP4), where reliable end system
computer to end system computer communications is provided.

The objectives of NIST's OSI Security Laboratory Program are:

       Develop OSI security standards that would be useful in government
        and commercial applications;

       Develop and perform interoperability demonstrations of OSI security
        equipment;

       Develop automated conformance testing methodologies for the
        standards;

       Develop conformance tests of security devices implementing the
        standards;

       Maintain compatibility between the public OSI security standards
        and the Secure Data Network Systems (SDNS) specifications.

       Stimulate the development of commercial products compatible with
        OSI standards

Figure 2 illustrates the laboratory layout and the configuration for the
computers that are participating in the SP4 interoperability tests.  The NIST
IEEE 802.3 local area network extends through a gateway to OSINET.

Appendix 1 lists the milestones met in developing the laboratory.

Appendix 2 is a list of the guidelines for use of the OSI Security Laboratory
proposed by NIST and agreed to by the SP4 vendors.



6.  SP4 INTEROPERABILITY TESTING

                                
6.1 Establishing the SP4 Laboratory

IBM, Hughes Aircraft Company and Digital Equipment Corporation (SDNS
contractors for SP4) agreed to provide NIST with the following:

       A duplicate of the prototype SP4 development system that was being
        used for Phase IA of the SDNS project.

       Copies of the software and source code being used for its
        implementation.

       A commitment of time from a person or persons knowledgeable of
        the implementation (hardware and software) to participate in
        defining the interoperability demonstration, modify the software to
        perform the demonstrations, and assist NIST in performing the initial
        demonstrations.

A fourth company, Sun Microsystems Inc., (not an SDNS contractor)
provided NIST with a model 3/280 micro computer system and source code
for the SunLink OSI software.  Throughout this project Sun Microsystems has
furnished technical support as well as upgrades to their software products
when new releases were issued.


NIST engineers installed the cabling required for an IEEE 802.3 bus utilizing
Carrier Sense Multiple Access with Collision Detection (CSMA/CD) as the
access method.  This local area network (LAN) was configured as a
subnetwork of the main computer network spanning the NIST campus.

Two Sun computers, a model 3/280 on loan from the company and a model
3/50 Workstation owned by NIST were the first machines connected to the
laboratory subnetwork.  The 3/280 was delivered with two 575 megabyte disk
drives, a 10 1/2 inch magnetic tape drive, and a color monitor.  This computer
was configured as the gateway between the laboratory subnetwork and the
NIST network.

Sun provided NIST with version 3.5 of the Sun Operating System and version
5.2 of the SunLink OSI Source Code.  Under the software licensing
agreement Sun Microsystems had approved a NIST request that it be
permitted to modify the OSI code to include Transport Layer security.
Two IBM RISC Technology Personal Computers (RT/PC) were delivered to
NIST in November 1988.  Engineers from IBM assisted NIST personnel in
installing the units and connecting them to the 802.3 subnetwork in the
laboratory.  Documentation needed to operate the PC's and run the SP4
demonstration test scripts was furnished by IBM.

In January 1989 Digital Equipment Corporation and Hughes Aircraft
Company provided computer hardware, software and documentation required
to demonstrate their versions of the SP4 protocols.  Shortly thereafter, all
three vendors met with NIST engineers to begin the process of demonstrating
interoperability.



7.  VENDOR IMPLEMENTATIONS OF SP4

                                
Three vendors, Digital, IBM, and Hughes agreed to participate in the NIST
SP4 Interoperability Project.  A brief description of each vendor's prototype
implementation follows.

7.1 IBM SP4 Implementation - Description and Features

The IBM implementation of SP4 was developed as part of the IBM-funded
ARGO project at the University of Wisconsin.  The overall objective of the
ARGO project was to implement a suite of computer networking software
based on the international standards for Open System Interconnection.  The
software was designed to run on an IBM RT/PC model 125 computer
workstation using a version of the 4.3 BSD Unix operating system.  The IBM
SP4 prototype developed as part of the ARGO project incorporates part of
the set of SDNS standards and protocols designed to provide secure
communications in an OSI environment.

The subset of SP4 features implemented in the IBM RT/PC's includes:

       SP4-C 
       Full-software implementation of SP4
       Full OSI stacks
       XOR cryptography
       OSI over TCP addressing 
       Access control mechanism
       Security parameter negotiation
       Simulations of certain malicious attacks

The Key Management Protocol (KMP) services related to the exchange of
credentials and the traffic encryption key attributes were implemented by
IBM.  However, those services that required the existence of a Key
Management Center (KMC), such as retrieval of the Compromised Key List,
were not implemented.  Instead, stub interfaces to those portions of the
protocol were provided.  

The transport layer on which the IBM SP4 prototype is based contains the
connection-oriented transport service.  Within the connection-oriented
transport entity, only classes 0 and 4 of the ISO transport protocol are
implemented.  The IBM prototype implements the Security Encapsulation
function, the Data Encipherment function (confidentiality), the Integrity
function (unique sequence numbers, final sequence numbers, direction
indication), the Security Label function (single security labels only) and the
Security Padding function.

In the IBM prototype a simple key creation device is simulated by software. 
A data base for the storage of traffic encryption keys is also implemented.

Access control is provided by the IBM system.  Whenever access control
decisions are necessary, a stub procedure, which queries an operator for a yes
or no decision is used.  The access control functions supported in this way
include:

       The determination of security options, permissible security levels,
        security labels, and traffic encryption key attributes proposed by the
        initiator of a cryptographic association between two SDNS users;

       The selection of the same items by the responder of a cryptographic
        association between two SDNS users.

The security options sets supported by the IBM prototype are:

       Confidentiality 

       Integrity

       Confidentiality and integrity

For these option sets key granularity per-transport-connection or per end
system can be selected.  The cryptographic algorithm provided by the IBM
prototype is a "exclusive OR" (XOR) function.

7.2 Digital Equipment Corporation SP4 Implementation - Description and
    Features

Digital's SP4 prototype implementation was created by modifying an existing
product called a Digital Ethernet Secure Network Controller (DESNC). 
These controllers are external encryption devices.  A standard DESNC
performs DES (FIPS PUB46-1) encryption at layer 2.  The modified DESNCs
implement SP4-E connectionless security services and incorporate a procedure
to negotiate cryptographic associations.  At least one VAX Station node is
required to control the security devices on the LAN.

The controlling VAX node contains a database with information about the
encryption devices and the network configuration.  It contains the names of
the encryption devices, their network addresses, date of modification, the
name of the firmware image being run, and the type of audit conducted.  The
information in the database is loaded into the devices to control their
operation and set alarms to flag relevant events.  A system administrator can
review information in the database and reports from the DESNCs to detect
unauthorized modification.
A DESNC can be used to furnish security services to non-Digital hosts as
well.  In the OSI Security Laboratory, a DESNC is used to provide
transparent OSI security services to a Sun model 3/50 workstation.  Because
the DESNC is able to distinguish between OSI and non-OSI data packets, it
can encrypt OSI data without interfering with any other network traffic.

SP4 features implemented by Digital in their prototype device include:

       SP4-E
       External device controlled by a Vax node on the LAN
       Hardware DES cryptography
       Messaging application on top of TP4
       OSINET addressing
       Peer address checking
       Simple key management scheme

7.3 Hughes Aircraft Company SP4 Implementation - Description and
    Features

The Hughes prototype SP4 device is implemented as an embedded intelligent
communications controller capable of being installed in a variety of
workstations.  The prototype used in the OSI Security Laboratory is installed
in a model 286 Personal Computer.

The embedded intelligent communications controller card performs all the
communications protocol processing as well as providing a hardware
implemented cryptographic function, ie. DES.

The controller board consists of an 80286 microprocessor running in protected
mode, 512K bytes of DRAM, a subnetwork interface (IEEE 802.3 or ethernet
in the current version) and an embedded cryptographic device.  A multi-
tasking real-time protected mode operating system is provided for the board. 
Under this operating system, protocol and cryptographic software functions
can be implemented as individual tasks which enforce process isolation.
The Hughes prototype SP4 device is based on version 1.2 (dated 07/12/88) of
the SP4 specification and implements the SP4-E option.

The following features of the SP4 security protocols are also implemented:

       SP4-E
       On-board hardware card with dedicated 80286 microprocessor
        operating in protected mode, DES hardware, and IEEE 802.3
        implementation
       Messaging application on top of TP4
       OSINET addressing
       Peer address checking
       Simple key management scheme

The data encipherment function chosen for the Hughes prototype SP4 device
is the DES algorithm.  Process isolation keeps the actual key value out of
user process space.

The Hughes prototype SP4 device implements a Key Management Protocol. 
This protocol allows for an electronic key management in which the two end-
systems desiring to communicate first authenticate themselves to each other. 
Both create the same pairwise traffic encryption key, and then negotiate the
security services that they will use on information protected using that key. 



8.  RESULTS OF LABORATORY TESTING OF SP4 PROTOTYPES
                                

8.1 SP4 Interoperability Demonstration 

In the OSI Security Laboratory the feasibility of secure OSI was demonstrated
by using SP4.  Digital, IBM, and Hughes each chose a different method for
implementing the SP4 protocols.  IBM selected a software approach.  The
DESNC device used by Digital is hardware.  Hughes' technique involved both
hardware and software.  The variety in approaches clearly demonstrated the
implementation independence and flexibility of the SP4 protocol specification.

The focus of the SP4 interoperability demonstration was on providing integrity
and confidentiality security services over an unprotected network.  Related
issues, such as key management and cryptography, though very important with
respect to achieving interoperability, are not covered in the SP4 specification,
but in other SDNS documents. 

8.2 Hughes/Digital Interoperability Demonstration

Interoperability of the Hughes and Digital implementations of SP4 was
achieved in the OSI Security Laboratory.  Both systems use the OSINET
addressing scheme specified in the GOSIP agreements, the same protocol
exchange to obtain keys, support integrity and confidentiality services using
the Data Encryption Standard (DES) in the Cipher Block Chain Mode, and
the SP4-E option of the standard.

Digital and Hughes implemented the first three layers of the OSI architecture
stack plus SP4 and Transport Class 4 (TP4).  An application for message
handling was provided directly on top of TP4.

8.3 IBM Interoperability Demonstration

IBM implemented all seven layers of the OSI model in software.   They chose
to use the SP4-C option of the specification.  A stub procedure was used to
provide access control and service negotiation security.  The application
programs provided by IBM run in the X-Windows environment.
It was not possible to achieve interoperability between the IBM and either
the Digital or Hughes versions of SP4 for several reasons.  IBM based its
implementation on an earlier version of the SP4 specification.  IBM's
addressing scheme uses OSI over TCP (Transport Control Protocol) rather
than OSINET addressing.  Other differences are with the Key Management
Application and the cryptographic algorithm used.  For demonstration
purposes IBM used an XOR function rather than the DES algorithm used
by the other two vendors.

8.4 Alignment of SP4 Implementations

In June 1989, NIST and the vendors met to identify how each of the three
SP4 implementations mapped onto version 1.2 of the SP4 specification
document.  Issues that prevented interoperability, recommended changes to
each vendor's prototype to achieve alignment and alternatives were outlined. 
Because this effort was beyond the scope of work originally agreed to, the
vendors were not able to commit the resources required to make
modifications to their SP4 implementations.  Since a strategy leading to
interoperability of the Digital, Hughes and IBM implementations has been
developed, NIST has encouraged the vendors to complete this objective
during the 1990 fiscal year and has offered continuing laboratory support.




9.  CONCLUSIONS


The OSI Security Laboratory has proven to be successful as a resource where
interested researchers from government, and industry, can experiment with
new ideas in network security, try new approaches for common problems, and
develop new solutions.  The laboratory provided a neutral working
environment that fostered cooperation among the three vendors and ensured
the integrity of the experiment.  The vendors, Digital Equipment Corporation,
IBM, and Hughes Aircraft Company are currently using the laboratory to test
and demonstrate a subset of the Transport Layer security protocols (SP4).

Interoperability of the Hughes and Digital SP4 implementations has been
achieved.  IBM's SP4 prototype was designed using an earlier version of the
specification.  NSCL has proposed that all three vendors align their
prototypes with the most recent version of the SP4 document as the approach
for achieving interoperability.

The laboratory exercise, with actual implementations of SP4, has assisted
NIST in its efforts to advance this technology in the voluntary standards
community.  Through its involvement in national and international standards
organizations, NIST assisted the X3S3.3 committee of the American National
Standards Institute (ANSI) adopt the SP4 specification as a New Work Item. 
It is felt that this process will lead to base standards in security that can be
brought into the GOSIP arena for approval as stable implementors
agreements.

The National Security Agency (NSA) has released the SP4 specification for
public review.  Additional SDNS documents have also been released. 
Through its partnership with NSA, NIST will review these protocol documents
and where appropriate take the necessary action to have them adopted as
Federal Information Processing Standards (FIPS).  

Although current efforts in the OSI Security Laboratory focus on Transport
Layer security, it is possible that future work will involve Network Layer
security (SP3), and Integrated Services Digital Networks (ISDN) security. 
Preliminary discussions have been held with vendors who have expressed an
interest in implementing SP3.  ISDN activities may result in the establishment
of a joint OSI/ISDN security laboratory.  Work in the areas of key
management and labels is also proposed.



10. FUTURE SP4 EFFORTS

                                
10.1NIST SP4 Reference Implementation and Conformance Test
    Methodology

One of the objectives of NIST's work in Transport Layer security is to
develop an SP4 reference implementation.  A Formal Description Language
(FDL) such as Estelle has been proposed for the development of this
reference implementation

To assist in this work, a Sun model 3/260 computer system has been
purchased.  This computer features a 327 megabyte disk drive, a 1/4 inch
cartridge tape drive and color monitor.

The development and implementation of a conformance test methodology for
SP4 security devices complement this work.  Conformance tests of computer
products help validate a manufacturer's claim that a product conforms to a
standard. For users, conformance testing reduces risks and uncertainties
associated with efforts to link products of different manufacturers.  A
conformance test methodology provides vendors with the incentive needed to
accelerate the development and marketing of a product.

NIST's conformance testing methodology will provide procedures for
accrediting testing facilities to conduct follow-on work.  Documentation will
be provided that will permit other organizations and laboratories to perform
SP4 protocol conformance tests in an automated fashion.




                      LIST OF ABBREVIATIONS



ANSI         American National Standards Institute
CSMA/CD      Carrier Sense Multiple Access/Collision Detection
DES          Data Encryption Standard
DESNC        Digital Ethernet Secure Network Controller
DIGITAL      Digital Equipment Corporation
E-MAIL       Electronic Mail
FIPS         Federal Information Processing Standard
FDL          Formal Description Language
GOSIP        Government Open Systems Interconnection Profile
HUGHES       Hughes Aircraft Company
IEEE         Institute of Electrical and Electronics Engineers, Inc.
ISDN         Integrated Services Digital Network
ISO          International Standards Organization
KMC          Key Management Center
LAN          Local Area Network
NIST         National Institute of Standards and Technology
NCSL         National Computer Systems Laboratory
NSA          National Security Agency
OSI          Open Systems Interconnection 
SDNS         Secure Data Network System
SP2          Security Protocol - Layer 2
SP3          Security Protocol - Layer 3
SP4          Security Protocol - Layer 4
SP4-C        Security at Layer 4 per Transport Connection
SP4-E        Security at Layer 4 End System to End System
TP4          Transport Class 4





                           REFERENCES

                                
SDN.401                  SDNS Secure Data Network Systems - Security
                         Protocol 4 (SP4); Revision 1.2, 1988-07-12

FIPS PUB146              Federal Information Processing Standards
                         Publication 146, Government Open Systems
                         Interconnection Profile (GOSIP), August 24,
                         1988

FIPS PUB46-1             Federal Information Processing Standards
                         Publication 46-1, Data Encryption Standard,
                         Reaffirmed January 22, 1988

EK-DESNC-UG-001          DESNC Installation/User's guide - Digital
                         Equipment Corp., Maynard, MA.

ISO7498                  Information Processing Systems - Open Systems
                         Interconnection - Security Architecture (Part 2)

ISO8073                  Information Processing Systems - Open Systems
                         Interconnection - Connection Oriented Transport
                         Protocol Specification - Addendum 2:  Class
                         Four Operation Over Connectionless Network
                         Service

ISO8602                  Information Processing System - Open Systems
                         Interconnection -Protocol for Providing the
                         Connectionless - Mode Transport Service

ISO802.3                 ANSI/IEEE Standard Draft International
                         Standard - Carrier Sense Multiple Access with
                         Collision Detection







         APPENDIX 1  OSI SECURITY LABORATORY MILESTONES
                                

As one of its milestones in support of the SDNS project, the National
Computer Systems Laboratory (NCSL) of NIST undertook the development
of an OSI Security Laboratory in FY88.  The purpose of the laboratory is to
permit engineers and computer scientists from NIST and participating vendors
to:

    ?   Develop security protocols for computer network security
    ?   Develop a demonstration system showing interoperability of devices
        implementing the Security Protocol at Layer 4 (SP4)
    ?   Develop and conduct conformance tests for SP4

Planning for the OSI Security Laboratory was begun in October 1987
following approval to renovate two adjoining chemical laboratories in the
Technology Building.  Physical and electrical layouts were developed by NIST
engineers.  The plans were approved in November and the extensive work
required to remodel the area was begun in January 1988.  This phase of the
work was completed in March 1988.  Engineers from NIST coordinated these
activities.  The work was accomplished by technicians from the NIST Plant
Division and included:

    ?   Removal of all chemical laboratory services including hot/cold water,
        gas burners, and other miscellaneous equipment
    ?   Removal of fume hood and cabinets
    ?   Removal of the partitions separating the two rooms to permit
        conversion to a double module laboratory
    ?   Installation of additional lighting
    ?   Site security provided by installation of cipher lock and heat and
        smoke sensors
    ?   Installation of electrical raceway and receptacles
    ?   HVAC renovation
    ?   Painting of entire laboratory space

While renovation work was underway a contract was issued for installation of
a raised floor system, carpeting, and an entrance ramp.  The renovation work
in the laboratory space, including the raised floor, was completed on April 30,
1988.

A layout for computers and workstations for the laboratory was developed by
NIST engineers.  Meetings were held with representatives of four suppliers
of computer furniture to discuss requirements and estimated costs.

Final installation of the furniture and telecommunications center was
completed in August 1988.  Lines for three phones were also installed that
same month.

Following completion of all renovation work, a Sun model 3/50 workstation
was installed in the laboratory.  Additional computer equipment installed on
the 802.3 LAN in the OSI Security Laboratory includes:

    ?   Sun model 3/280 system - to be used for monitoring data packets
        during interoperability tests

    ?   Sun model 3/260 system - to be used for developing the NIST SP4
        reference implementation

    ?   Two IBM PC/RT's

    ?   Digital VAX station and two DESNC encryption boxes

    ?   Hughes Aircraft Company SP4 implementation using an IBM PC



             APPENDIX 2  OSI SECURITY LAB GUIDELINES
                                

1) All documentation, software, and hardware used in the lab will be
unclassified.

2) All NIST personnel who receive any proprietary products must, before
their receipt, be informed of the proprietary nature of the product.

3) NIST will provide reasonable protection for all proprietary information,
hardware, software, and documentation including locked storage cabinets and
a Cipher lock on the door of the lab.

4) Hardware loaned to NIST will be afforded reasonable protection against
theft, damage, and destruction.  Maintenance of the equipment will be
provided by the vendors in accordance with the vendor agreements.

5) Equipment provided by the vendors will be used in interoperability
demonstrations conducted in the Security Lab.  Equipment will be
demonstrated only with permission of the vendor.

6) Failures that occur during the interoperability demonstrations will not be
disclosed to other than the technical representatives of the vendor of the
device being demonstrated.

7) NIST will destroy any proprietary software stored in any CPU or other
storage medium which cannot be returned to the vendor after completion of
the demonstrations.




          APPENDIX 3  NIST SP4 DEMONSTRATION AGREEMENTS
                                
Downloaded From P-80 International Information Systems 304-744-2253