What is wrong with legacy IP security tools?

In Technical article by XXLSEC

Numerous security researchers globally are trying to solve challenges within the legacy IP security technologies and tools. The problem is that these tools do not support future multi-connected world, but they are designed to build security between only two parties, A and B.

In the current and especially future multi-connected environments, the need for real time secure and authenticated connectivity between numerous users cannot be solved with these over 40-year-old legacy technologies like PKI and IPsec. They work nicely between two entities, A and B, but scaling the connections becomes almost impossible and creates huge management costs, vulnerabilities, risks and by carrying these old technologies as a burden it becomes impossible to meet modern scaling requirements.

It remains to be seen how security researchers see these problems regarding current encryption and authentication methods:

“The traditional methods of adding encryption and authentication to secure traffic in an IP/MPLS network typically include techniques associated with the IP security (IPsec) suite of protocols and related technologies. IPsec was originally designed to secure point-to-point Layer 3 traffic (IPsec tunnels) over an insecure medium, and did not initially target any-to-any communication for virtual private routed network (VPRN) services.

Because IPsec is designed for Layer 3 traffic, it does not adapt well to Layer 2 or other non-IP based legacy communications protocols.

To adapt IPsec for any-to-any communication, an operator must establish a mesh of point-to-point tunnels between participating nodes. Scaling issues and the operational complexity of this solution are well known and have inhibited this approach from being adopted at a large scale to solve any-to-any communication using a point-to-point encryption approach.” 1

All future IoT networks share this same problem as default in every node which is connected to the system. Not only network elements as stated above, but also the sensors, routers, network infra, data storages, cloud services, personal devices and other end terminals in the IoT system must have authenticated and encrypted connectivity.

Towards Zero Trust

Trust as a foundation for security is not anymore valid due to reasons, mainly geopolitical, meaning countries do not trust vendors and technologies. This means that technologies and IT-systems cannot anymore include hardware or software components which are not validated and audited. Current security environment is untrusted and trust must be defined again. Zero Trust is a requirement for the future – trust nothing and verify and authenticate everything. Security by design – not as addition.

“Zero trust is a cybersecurity strategy that embeds security throughout the architecture for the purpose of stopping data breaches. This data-centric security model eliminates the idea of trusted or untrusted networks, devices, personas, or processes and shifts to multi-attribute based confidence levels that enable authentication and authorization policies under the concept of least privileged access. Implementing zero trust requires rethinking how we utilize existing infrastructure to implement security by design in a simpler and more efficient way while enabling unimpeded operations.” 2

The question is how to do this. How can we create a solution which resolves this problem. This means that current 1990’s internet security technologies like IPsec, SSL, PKI, ECDH, VPN, etc. are not the answer. New technologies are needed. Solving multi-party authentication and encrypted IP traffic is also the vision of US DoD.

“Initial priorities included retirement of 20-30+ years old technologies, transition from point-to-point to network-centric cryptographic systems, and countermeasure actions in response to continued advances in computer processing power which enhanced adversary capabilities against DoD systems.” 3

Multiparty protocol (MPP) – multi-party security protocol to replace legacy technologies

IDC is the first protocol that can deliver multi-party authentication and security, while current protocols are between two parties only. This will be the game changer. IDC can deliver shared secrets and security between numerous of nodes in a defined group.

As DoD sees, all the elements in the data transmission chain should be validated and authenticated. IoT systems, where critical data is handled, have the same requirements:

“The main purpose of identity management is to manage the life cycle of identities and provide identification, authentication and access control services for identities. There are various identities that serve different purposes in the IoT approach, but the main ones are for device and user identification. The others are used for management of devices, functions and services. Identifiers and keys are also used to sign data, including software and firmware. These different device identities are needed to identify the devices for connectivity within the access and network domains, and to identify device applications in the IoT platform and cloud domain.” 4

These requirements cannot be fulfilled with PKI and IPsec legacy protocols, but IDC is capable with one user-controlled trust anchor to provide authentication and e2e encryption for all the nodes in the IoT or other IT system with minimal cost and much better security. IDC is also a machine identity that can be authenticated.

Image: Legacy protocols can not support modern complex requirements, when IDC is capable to handle security for every possible combination.

XXLSEC IDC is a protocol which secures cipher primitives by prioritizing dispersed secrets and usage with homomorphic encryption benefits.

Large scale IoT systems and 5G connectivity

5G networks will serve especially new connected low latency high data speed systems, like vehicles, critical medical systems, drone swarms, critical communication, etc. and many times driven with artificial intelligence. Also network slicing and multicast capabilities are important features for example to critical communication users.

The question is how to do authentication and encryption with PKI and IPsec when number of sensors can be millions and millions, and they need to have same shared information available with sub1ms requirement. There is no time to do session key exchange millions of times between multiple sensors. Therefore protocols offering security only between two nodes are not good enough.

Zero Trust policy means no more trusting third-party vendors in security but authenticating all elements which handle your data, since your data is the most valuable asset the organisations have.

Secure connections have to be formed between multiple parties in real time. Same real time IoT systems require also multicast capable traffic. One node in the system will send information and many parties receive it – there is no time for millions of session key exchanges, only real time encrypted connections between multiple authenticated parties matter – and that is IDC.

Public references:
1 Application note Network group encryption – Nokia
2 US DoD Digital Modernization Strategy 6/5/2019
3 US DoD Digital Modernization Strategy 6/5/2019
4 End-to-End security management for IoT, Ericsson.

Read more about IDC protocol from here >>