August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon...
1
August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon University http://chess.eecs.berkeley.edu Motivation Distributed models have the ability to perform tasks that single computers can not. These systems can be used to perform mass computation like Search for Extraterrestrial Intelligence at Home (SETI@home) which analyzes data from space by sending information to home computer systems to be processed or as control systems such a project by Partners for Advanced Transit and Highways which is developing a system for cars to communicate with each other to avoid accidents and aid traffic flow. One of the main concerns with using distributed models is security. The two main security leaks are: •Security sensitive data can be intercepted and read. •Unauthorized parties can send models that would harm system stability such as viruses. The solution to these issues is the use of cryptographic services. Ptolemy II Ptolemy II is a Java based software package that is used to model heterogeneous systems using models of computation known as actors. Ptolemy II also leverages the infrastructure to implement distributed models. A feature that makes Ptolemy II powerful for distributed models is Mobile Models. Instead of simply passing data, Ptolemy can pass models that can change how the rest of the model operates. This added functionality however leads to many security risks such as malicious models from unknown actors that must be addressed. Digital Signature The purpose of a digital signature is to verify who the sender is. Digital signatures are based on calculating the message digest of a piece of data and encrypting the message hash using the private key of an asymmetric algorithm. The SignatureSigner actor then outputs the encrypted message hash, public key, and the original message. The SignatureVerifier actor receives the public key, encrypted message hash and original message. Using the public key it decrypts the message hash. The message hash for the original message is then calculated and compared to the message hash that has been decrypted. If the hashes are equal then the message verification is successful. The digital signature allows us to determine if the information is from someone we trust and to ensure data was not changed in transit. Symmetric Cryptography Symmetric cryptography, also known as “secret key” or “private key” cryptography, is based on a key that is known to only those who should have it. Most symmetric ciphers process data in blocks of 64 or 128 bits. This makes it more difficult to break. The SymmetricEncryption actor sends the encrypted data, key and parameter. The SymmetricDecryption actor receives the encrypted data, key and parameter, and uses it to decrypt the data. The parameter information is only used for certain “modes” of encryption. The mode specifies how the block cipher should encrypt the data. The mode could be Electronic Code Book which is similar to a replacement scheme or a Cipher Block Chaining scheme which uses the prior block to encrypt the next block. The main weakness of symmetric cryptography is transporting the generated secret key. Sending the key with the data makes encryption useless since anyone eaves-dropping on the data line will be able to obtain the key. Signature with Hybrid Encryption Model Conclusion The model above is an example of how cryptographic services can be used to secure data and eliminate security risks in distributed models. The signature actors ensure that data is from a trusted source and has not been modified in transit. The asymmetric and symmetric actors work in tandem in what is know as hybrid encryption. Hybrid encryption uses an asymmetric algorithm and the receivers public key to encrypt the private key of the symmetric algorithm and a symmetric algorithm to quickly encrypt data. Hybrid encryption eliminates the weaknesses of both types of algorithms and ensures that data is secure. Asymmetric Cryptography Asymmetric cryptography uses a public/private key pair. The public key can be known to everyone while only one person knows the corresponding private key. Encryption is done by using the public key and is sent to the person with the corresponding private key. The private key is then used to decrypt the message. In the model above, the AsymmetricDecryption actor sends the AsymmetricEncryption actor its public key. The AsymmetricEncryption actor then uses this public key to encrypt the secret key data from the SymmetricEncryption actor and sends it to the AsymmetricDecryption actor for decryption. Asymmetric algorithms rely on the fact that a message encrypted using the public key, can only decrypt with the private key. The drawback to asymmetric algorithms is they are much slower in encrypting data compared to symmetric algorithms. Mentors: Professor Edward Lee Yang Zhao Data processing image courtesy of SETI@home.
-
date post
20-Jan-2016 -
Category
Documents
-
view
214 -
download
1
Transcript of August 6, 2003 Security Systems for Distributed Models in Ptolemy II Rakesh Reddy Carnegie Mellon...
August 6, 2003
Security Systems for Distributed Models in Ptolemy II
Rakesh ReddyCarnegie Mellon University
http://chess.eecs.berkeley.edu
MotivationDistributed models have the ability to perform tasks that single computers can not. These systems can be used to perform mass computation like Search for Extraterrestrial Intelligence at Home (SETI@home) which analyzes data from space by sending information to home computer systems to be processed or as control systems such a project by Partners for Advanced Transit and Highways which is developing a system for cars to communicate with each other to avoid accidents and aid traffic flow.
One of the main concerns with using distributed models is security. The two main security leaks are:
•Security sensitive data can be intercepted and read.•Unauthorized parties can send models that would harm system stability such as viruses.
The solution to these issues is the use of cryptographic services.
Ptolemy II
Ptolemy II is a Java based software package that is used to model heterogeneous systems using models of computation known as actors. Ptolemy II also leverages the infrastructure to implement distributed models. A feature that makes Ptolemy II powerful for distributed models is Mobile Models. Instead of simply passing data, Ptolemy can pass models that can change how the rest of the model operates. This added functionality however leads to many security risks such as malicious models from unknown actors that must be addressed.
Digital SignatureThe purpose of a digital signature is to verify who the sender is. Digital signatures are based on calculating the message digest of a piece of data and encrypting the message hash using the private key of an asymmetric algorithm. The SignatureSigner actor then outputs the encrypted message hash, public key, and the original message. The SignatureVerifier actor receives the public key, encrypted message hash and original message. Using the public key it decrypts the message hash. The message hash for the original message is then calculated and compared to the message hash that has been decrypted. If the hashes are equal then the message verification is successful. The digital signature allows us to determine if the information is from someone we trust and to ensure data was not changed in transit.
Symmetric Cryptography
Symmetric cryptography, also known as “secret key” or “private key” cryptography, is based on a key that is known to only those who should have it. Most symmetric ciphers process data in blocks of 64 or 128 bits. This makes it more difficult to break. The SymmetricEncryption actor sends the encrypted data, key and parameter. The SymmetricDecryption actor receives the encrypted data, key and parameter, and uses it to decrypt the data. The parameter information is only used for certain “modes” of encryption. The mode specifies how the block cipher should encrypt the data. The mode could be Electronic Code Book which is similar to a replacement scheme or a Cipher Block Chaining scheme which uses the prior block to encrypt the next block. The main weakness of symmetric cryptography is transporting the generated secret key. Sending the key with the data makes encryption useless since anyone eaves-dropping on the data line will be able to obtain the key.
Signature with Hybrid Encryption Model
Conclusion
The model above is an example of how cryptographic services can be used to secure data and eliminate security risks in distributed models. The signature actors ensure that data is from a trusted source and has not been modified in transit. The asymmetric and symmetric actors work in tandem in what is know as hybrid encryption. Hybrid encryption uses an asymmetric algorithm and the receivers public key to encrypt the private key of the symmetric algorithm and a symmetric algorithm to quickly encrypt data. Hybrid encryption eliminates the weaknesses of both types of algorithms and ensures that data is secure.
Asymmetric Cryptography
Asymmetric cryptography uses a public/private key pair. The public key can be known to everyone while only one person knows the corresponding private key. Encryption is done by using the public key and is sent to the person with the corresponding private key. The private key is then used to decrypt the message. In the model above, the AsymmetricDecryption actor sends the AsymmetricEncryption actor its public key. The AsymmetricEncryption actor then uses this public key to encrypt the secret key data from the SymmetricEncryption actor and sends it to the AsymmetricDecryption actor for decryption. Asymmetric algorithms rely on the fact that a message encrypted using the public key, can only decrypt with the private key. The drawback to asymmetric algorithms is they are much slower in encrypting data compared to symmetric algorithms.
Mentors:Professor Edward LeeYang Zhao
Data processing image courtesy of SETI@home.
