ACP-WGM16/WP-15 International Civil Aviation Organization 17 May 2010 WORKING PAPER AERONAUTICAL COMMUNICATIONS PANEL (ACP) 16th MEETING OF WORKING GROUP M (Maintenance) Paris, France 17-19 May 2010 Agenda Item 3a: ATN/OSI Document 9880 Update Status – Security Updates Amendment Proposal for One Key Pair for Key Agreement and Signing Prepared by: FAA Presented by: Vic Patel SUMMARY This working paper includes draft updates to ICAO Doc 9880 to allow the use of one key pair for key agreement and signing. ACTION The working group is invited to review Amendment Proposal and consider approving the change to Doc 9880. ACP-WGM16/WP-15 1. -2- INTRODUCTION 1.1 One of recommendations of the Honeywell Validation Report is use one key pair for key agreement and signing in Doc 9880. 2. 2.1 DISCUSSION This AP proposes allowing the use a single key pair for both key agreement and signing. 2.2 In developing the ARINC 823, ACARS Message Security (AMS), airline participants, including the USAF, recommended that AMS provisions specify a single key pair, to be used for both key agreement and signing. 2.3 Section 13.5.1 of the Handbook of Applied Cryptography states, “The principle of key separation is that key for different purposes should be cryptographically separated.” 2.4 Section 5.6.4.2 of NIST SP 800-56A states, “A static key pair may be used in more than one key establishment scheme. However, one static public/private key pair shall not be used for different purposes (for example, a digital signature key pair is not to be used for key establishment or vice versa).” 2.5 Section 5.2 of NIST SP 800-57 Part 1 states, “In general, a single key should be used for only one purpose (e.g., encryption, authentication, key wrapping, random number generation, or digital signatures). 2.6 Section 5.4.1.2 of Doc 9880 specifies that each ATN application or ATN router shall be bound to a static key pair associated to the ATN elliptic curve domain parameters. This requirement is in the context of the ATN Key Agreement Scheme. 2.7 Section 5.5.1.2 of Doc 9880 specifies that each signing ATN application, ATN router, or CA shall be bound to a signing key pair associated to the ATN elliptic curve domain parameters. 2.8 Note 3 in section 6.3.7 of Doc 9880 states that the Key Usage parameter refers to the type of compressed certificate path that is desired and is an ASN.1 type KeyUsage. Key Usage will have an abstract value of either digitalSignature or keyAgreement. AMENDMENT PROPOSAL #XXX Title: AP working paper number and date Document(s) Affected: Document Version: Sections of Documents Affected: One Key Pair for Key Agreement and Signing M16/WPxx 17 May 2010 ICAO Dc 9880 Part IV-B Draft June 2009 5.4.1.2, 5.5.1.2, 6.3.7 -3- ACP-WGM16/WP-15 Vic Patel Coordinator's Address: Coordinator's Phone: Coordinator's Fax: Coordinator's E-mail Address: Category: Problem description: Background: Backwards compatibility: Amendment Proposal: WG-M Status: ATO-P, AJP-1740 William J. Hughes Technical Center Atlantic City Airport, NJ, 08405 USA +1 609 485 5046 +1 609 485 5630 vidyut.patel@faa.gov Doc 9880 specifies the use of distinct key pairs for key agreement and signing. In developing the ARINC 823, ACARS Message Security (AMS), airline participants, including the USAF, recommended that AMS provisions specify a single key pair, to be used for both key agreement and signing. One of recommendations of the Honeywell Validation Report is to use a single key pair for key agreement and signing. See below. SUBMITTED 5/17/2010 Replace section 5.4.1.2 with the following: 5.4.1.2 Each ATN application or ATN router performing key agreement shall be bound to a static key pair associated to the ATN elliptic curve domain parameters. Replace section 5.4.1.2 with the following: 5.5.1.2 Each signing ATN application, ATN router, or CA shall be bound to a key pair associated to the ATN elliptic curve domain parameters. Replace Note 3 in section 6.3.7 with the following: Note 3. The Key Usage parameter refers to the type of compressed certificate path that is desired and is an ASN.1 type KeyUsage. Key Usage will have an abstract value of either digitalSignature, keyAgreement, or both digitalSignature and keyAgreement. 3. 3.1 ACTION BY THE MEETING The ACP WG-M is invited to: 1. Review the revisions to Doc 9880 identified by the AP in this Working Paper and provide comments and feedback regarding the proposed changes as described. ACP-WGM16/WP-15 -4- 3.2 Due to guidance in the Handbook of Applied Cryptography and the requirement in NIST SP 800-56A, the FAA recommends that the requirements for key agreement and signing not be combined but that use of a common key be permitted as a matter of Certificate Policy. 3.3 The FAA recommends acceptance of these changes and requests endorsement by the Working Group to update Doc 9880 as described in the AP.