An Introduction to Cryptography as Applied to the Smart Grid Jacques Benoit, Cooper Power Systems Western Power Delivery Automation Conference Spokane, Washington March 2011 Agenda > > > > > > > > > > Introduction Symmetric Cryptography Message Integrity and Authentication The IEC 62351 Standards DNP3 Secure Authentication Asymmetric Cryptography Digital Signatures Certificates and Certificate Authorities Transport Layer Security Conclusion 2 Introduction > > > > Cryptography is the practice and study of hiding information. Origins date more than 2000 years ago. Takes it root in the Greek word kryptos, meaning hidden. The National Institute of Science and Technology (NIST) plays a major role in defining cryptographic standards. > NIST published first encryption algorithm for general use in 1974. > Cryptography provides a set of tool to meet information security requirements: Confidentiality Authentication Integrity Non-repudiation 3 Symmetric Cryptography ALICE BOB 4 Symmetric Cryptography Standards > 1977 – Data Encryption Standard (DES) adopted as FIPS 46 federal standard for unclassified data. 56-bit key > 1999 – FIPS 46-3 standard recommends the use of Triple DES (TDES or 3DES) for increased security. With 2 keys, effective strength of 80 bits With 3 keys, effective strength of 112 bits and approved for use until 2029 > 2001 – FIPS 197 Advanced Encryption Standard (AES) 128, 192, or 256 bit keys 128 bit key is approved for use beyond 2030 5 Message Integrity Message Authentication Code (MAC) 6 Message Authentication Codes > Checksums and Cyclic Redundancy Check (CRC) designed to > > > > > > > detect common communications errors. Fast. But not designed to provide security. Easy to generate two messages with same value. Cryptographic hashes are slower, but it is extremely difficult to generate two messages with same hash. MD5 (Message-Digest algorithm 5) is widely used and generates a 128 bit digest. It is no longer considered secure. SHA-1 replaced MD5 and produces a 160 bit digest. Weaknesses have been identified. SHA-2 defines four functions to replace SHA-1: SHA-224, SHA-256, SHA-384 and SHA-512. SHA-224 is approved for use until 2029. SHA-3 is under development. 7 Message Integrity and Authentication Hashed-based Message Authentication Code (HMAC) 8 Hash-based Message Authentication Code (HMAC) > Hash-based Message Authentication Code (HMAC) algorithm uses the key as part of the hashing process. > HMAC algorithm is designed to be used with any hash function. > SHA-1 with key greater than 112 bits, but shorter that 128 bits is acceptable until 2030. > After 2030, key should have more than 128 bits. 9 IEC 62351 Information Security for Power System Control Operations > IEC 62351 was developed for handling the security of TC-57 protocols including IEC 61850, IEC 608705 and it derivatives, such as DNP3 IEC 62351-3 specifies how to secure TCP/IPbased protocols through the use of Transport Layer Security (TLS). IEC 62351-5 specifies how to add user and device authentication, and data integrity. > The DNP3 Secure Authentication extension was designed to meet the requirements of IEC 62351-5 10 DNP3 Secure Authentication Initial Handshake 11 DNP3 Secure Authentication Challenge-Response 12 Solving the Key Management Challenge: Asymmetric Cryptography > In symmetric cryptography both parties share a secret key > > > > > > used to encrypt and decrypt messages. In asymmetric cryptography, keys come in pairs. A message encrypted with one key can only be decrypted using the other key. One key is known as the public key and can be widely shared. The other key, known as the private key, is kept in a secure location. The sender of a message can use the intended receiver’s public key to encrypt the message. Only the intended receiver with the appropriate private key will then be able to decrypt the message. 13 Asymmetric Cryptography ALICE BOB 14 Digital Signatures ALICE BOB 15 Public Key Certificates 16 Approved Asymmetric Algorithms > Approved algorithms are: Rivest, Shamir and Adleman (RSA) with 2048 bits until 2029, RSA with 3072 bits, for CAs after 2030. Elliptic Curve Cryptography (ECC) with curves P224, K-233, or B-233 until 2029 until 2029. ECC with curves P-256, P-384, P-521, K-283, K409, K-571, B-283, B-409 and B-571 after 2030. 17 Certificates and the Smart Grid Certificates are widely used in a variety of protocols and technologies: > ZigBee Smart Energy devices > 802.1x port-based access control for WLANs > Internet Protocol Security (IPsec) protocol suite > Transport Layer Security (TLS) protocol > S/MIME (Secure/Multipurpose Internet Mail Extensions) and PKCS#7 for secure email and signed software updates 18 Transport Layer Security (TLS) 19 Conclusion > Cryptography is a hidden component in many of the > > > > > technologies of the Smart Grid It provides confidentiality, authentication and integrity for data exchanges NIST has been mandated to recommend standards and a security model for the Smart Grid. NIST has submitted five “foundational” family of standards to FERC FERC will introduce regulation when there is sufficient consensus IEC 62351 is one of the recommended standards 20 Contact Information Jacques Benoit Senior Analyst Information Security Cooper Power Systems Jacques.Benoit@CooperIndustries.com 21