《IEEE-1667-2006.pdf》由会员分享,可在线阅读,更多相关《IEEE-1667-2006.pdf(59页珍藏版)》请在三一文库上搜索。
1、IEEE Std 1667-2006 IEEE Standard Protocol for Authentication in Host Attachments of Transient Storage Devices I E E E 3 Park Avenue New York, NY 10016-5997, USA 6 June 2007 IEEE Computer Society Sponsored by the Information Assurance Committee -,-,- Copyright 2007 IEEE. All rights reserved. IEEE Sta
2、ndard Protocol for Authentication in Host Attachments of Transient Storage Devices Sponsor Information Assurance Committee of the IEEE Computer Society Approved 6 December 2006 IEEE-SA Standards Board ii Copyright 2007 IEEE. All rights reserved. Abstract: This document defines a standard protocol fo
3、r secure authentication and creation of trust between a secure host and a directly attached Transient Storage Device (TSD), such as a USB flash drive, portable hard drive, or cellular phone. The protocol has only an indirect relationship with data integrity/security, and does not directly address is
4、sues of authorization and enforcement. The protocol also does not address devices that are attached using a network connection. However, a device that uses a point-to-point wireless connection such as WUSB may comply with this protocol. Keywords: secure authentication, Transient Storage Device _ The
5、 Institute of Electrical and Electronics Engineers, Inc. 3 Park Avenue, New York, NY 10016-5997, USA Copyright 2007 by the Institute of Electrical and Electronics Engineers, Inc. All rights reserved. Published 6 June 2007. Printed in the United States of America. IEEE is a registered trademark in th
6、e U.S. Patent +1 978 750 8400. Permission to photocopy portions of any individual standard for educational classroom use can also be obtained through the Copyright Clearance Center. -,-,- IEEE Std 1667-2006 iv Copyright 2007 IEEE. All rights reserved. Introduction This introduction is not part of IE
7、EE Std 1667-2006, IEEE Standard Protocol for Authentication in Host Attachments of Transient Storage Devices. IEEE Std 1667 defines bidirectional authentication of Transient Storage Devices (TSDs) such as USB Flash Drives (UFDs), memory cards, and portable hard disks. Not only can the host authentic
8、ate the identity of the TSD, but the TSD can also authenticate the identity of the host. IEEE Std 1667 defines authentication of the host and/or the device based on generic actions in the body of the standard. Protocol specific implementations of these actions are defined separately in annexes to th
9、e standard allowing the extension of the specification to more protocols over time. Usually, each protocol- specific implementation will be published as an informative annex and then made a normative part of the specification after widespread review and comment. Each TSD is defined as containing one
10、 or more storage areas. The storage areas are individually authenticated, allowing the standard to address the need for authentication below the device level, e.g., to allow host specific access to the different storage areas on the device. The term Addressable Command Target (ACT) is used to avoid
11、linking the specification to any given protocol. Each protocol-specific annex will identify the equivalence between an ACT and some portion of the device. Notice to users Errata Errata, if any, for this and all other standards can be accessed at the following URL: http:/ standards.ieee.org/reading/i
12、eee/updates/errata/index.html. Users are encouraged to check this URL for errata periodically. Interpretations Current interpretations can be accessed at the following URL: http:/standards.ieee.org/reading/ieee/interp/ index.html. Patents Attention is called to the possibility that implementation of
13、 this standard may require use of subject matter covered by patent rights. By publication of this standard, no position is taken with respect to the existence or validity of any patent rights in connection therewith. The IEEE must not be responsible for identifying patents or patent applications for
14、 which a license may be required to implement an IEEE standard or for conducting inquiries into the legal validity or scope of those patents that are brought to its attention. v Copyright 2007 IEEE. All rights reserved. Participants At the time this standard was completed, the P1667 Working Group ha
15、d the following membership: Ariel Sobelman, Chair Daniel Goodman, Vice-chair Moshe Raines, Vice-chair Donald Rich, Technical editor Yehuda Hahn, Technical editor John Goodman G. Scott Henderson Emily Hill Henry Hutton Mike Kuppinger The following members of the individual balloting committee voted o
16、n this standard. Balloters may have voted for approval, disapproval, or abstention. Hagai Bar-El Christopher Fitzgerald John Geldman Daniel Goodman G. Scott Henderson Emily Hill Henry Hutton Mike Kuppinger Donald Rich Sponsoring Committee Chairs: John L. (Jack) Cole (Lead), Information Assurance Sta
17、ndards Committee Curtis Anderson, Storage Systems Standards Committee vi Copyright 2007 IEEE. All rights reserved. When the IEEE-SA Standards Board approved this application guide on 6 December 2006, it had the following membership: Steve M. Mills, Chair Richard H. Hulett, Vice Chair Judith Gorman,
18、Secretary Mark D. Bowman Dennis B. Brophy Joseph Bruder Richard Cox Bob Davis Julian Forster* Joanna N. Guenin Mark S. Halpin Raymond Hapeman William B. Hopf Lowell G. Johnson Herman Koch Joseph L. Koepfinger* David J. Law Daleep C. Mohla Paul Nikolich T. W. Olsen Glenn Parsons Ronald C. Petersen Ga
19、ry S. Robinson Frank Stone Malcolm V. Thaden Richard L. Townsend Joe D. Watson Howard L. Wolfman *Member Emeritus Also included are the following nonvoting IEEE-SA Standards Board liaisons: Satish K. Aggarwal, NRC Representative Richard DeBlasio, DOE Representative Alan H. Cookson, NIST Representati
20、ve -,-,- vii Copyright 2007 IEEE. All rights reserved. Contents 1. Overview 1 1.1 Scope. 1 1.2 Purpose 1 2. Normative references 1 3. Definitions and acronyms. 2 3.1 Definitions. 2 3.2 Acronyms 3 3.3 Certificate names. 3 4. Authentication layer . 4 4.1 Stack 4 5. Host requirements. 4 5.1 PKI algorit
21、hm 5 5.2 Random number generator 5 5.3 Certificate store 5 5.4 XCh Host Certificate. 5 6. Channel. 5 7. TSD requirements. 5 8. ACT requirements 5 8.1 Probe silo requirements . 5 8.2 Authentication silo requirements. 6 8.3 Certificate Store. 6 8.4 Globally Unique Identifier. 6 8.5 Authentication Silo
22、 Key Pair. 6 8.6 Authentication Silo Certificates. 6 8.7 PKI algorithm 7 8.8 Random number generator 7 8.9 Silo Type Identifier (STID). 7 9. Certificate Store 7 9.1 Required features. 7 9.2 Authentication Silo Certificate Store. 7 9.3 Host Certificate Store 9 9.4 User Certificate Storage. 9 viii Cop
23、yright 2007 IEEE. All rights reserved. 10. Authentication Silo state machine 9 10.1 Initialized. 10 10.2 Not Provisioned. 11 10.3 Not Authenticated 12 10.4 Authenticated. 12 10.5 Non-IEEE 1667 host support. 13 11. Probe Silo actions. 13 11.1 Process of probing. 13 11.2 Probe command. 14 12. Authenti
24、cation Silo actions. 14 12.1 Initialize (reset to manufacturing state). 14 12.2 Create Certificate Request. 14 12.3 Admin Authenticate. 14 12.4 Authenticate Host 16 12.5 Challenge Authentication Silo. 18 12.6 Verify Challenge 19 12.7 Get Certificate 20 12.8 Get State 20 12.9 Set Certificate 20 12.10
25、 Get Certificate count 21 12.11 Get Silo capabilities. 21 13. Authentication of ACTs . 22 14. Authentication Command sequences 22 14.1 Provisioning. 22 14.2 Host Authentication by the Authentication Silo 24 14.3 Authentication Silo Authentication by the host. 24 14.4 Authentication Silo Authenticati
26、on using ASCh. 25 Annex A (informative) SCSI Command Set 27 A.1 IEEE 1667 conventions 27 A.2 Non-IEEE 1667 silos 27 A.3 Acronyms 27 A.4 IEEE 1667 commands 27 A.5 Probe Silo commands. 28 A.6 Authentication Silo Commands 32 -,-,- 1 Copyright 2007 IEEE. All rights reserved. IEEE Standard Protocol for A
27、uthentication in Host Attachments of Transient Storage Devices 1. Overview 1.1 Scope This project defines a standard protocol for secure authentication and creation of trust between a secure host and a directly attached Transient Storage Device (TSD), such as a USB flash drive, portable hard drive,
28、or cellular phone. The protocol has only an indirect relationship with data integrity/security, and does not directly address issues of authorization and enforcement. The protocol also does not address devices that are attached using a network connection. However, a device that uses a point-to-point
29、 wireless connection such as WUSB may comply with this protocol. 1.2 Purpose Industry has witnessed explosive private and corporate growth in use of TSDs. These devices serve much the same functionality that floppy disks once did, but at much higher capacities and with greater reliability and functi
30、onality. Although floppy disks never required authentication before being read or written by a host, TSDs have arrived in the marketplace at a time when security has become a much greater issue than before. Enterprises are now beginning to require authentication of devices before connection by a hos
31、t is permitted. No standard way of accomplishing that authentication exists for these devices. This standard will act to insure the security of the enterprise using these devices while allowing a continued robust market and a convenient method of transporting information for the user. The stakeholde
32、rs are primarily companies that are chip manufacturers or vendors that incorporate memory chips into memory solutions for mobile and embedded systems, personal and portable secure data storage, as well as operating system and enterprise security application vendors. 2. Normative references The follo
33、wing referenced documents are indispensable for the application of this document. For dated references, only the edition cited applies. For undated references, the latest edition of the referenced document (including any amendments or corrigenda) applies. -,-,- IEEE Std 1667-2006 IEEE Standard Proto
34、col for Authentication in Host Attachments of Transient Storage Devices 2 Copyright 2007 IEEE. All rights reserved. FIPS 180-2, (with change notice 1 dated February 25, 2004), “Secure Hash Standard”.1 IEEE 1667 Silo Type Identifier Tutorial, Available at: http:/grouper.ieee.org/groups/1667/stid. IET
35、F RFC 2828, Available at: http:/ IETF RFC 2459, Available at: http:/ IETF RFC 3280: Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile (4.2.1.3). Available at: http:/ NIST 800-22 standard (“A Statistical Test Suite For Random And Pseudorandom Number Ge
36、nerators For Cryptographic Applications”) from 15 May 2001. Available at: (http:/csrc.nist.gov/rng/SP800-22b.pdf ). RSA algorithm following the PKCS#1 v2.1 standard (“PKCS #1 v2.1: RSA Cryptography Standard”) from 14 June 2002. Available at: (ftp:/ ). Universal Serial Bus Mass Storage Class Specific
37、ation Overview,. Published by the U.S. Implementers Forum. Available at: http:/www.usb.org/developers/devclass_docs/usb_msc_overview_1.2.pdf. 3. Definitions and acronyms 3.1 Definitions For the purposes of this standard, the following terms and definitions apply. IETF RFC 2828 should be referenced f
38、or terms not defined in this clause. 3.1.1 Addressable Command Target (ACT): A uniquely addressable area in a storage device, to which commands can be routed based on the Transient Storage Devices native communications protocol. 3.1.2 Administration Signature: A signature generated based upon a valu
39、e shared between the host and the Authentication Silo that must be presented with each command used to administer the Authentication silo. This limits the use of administration commands to hosts that can complete the Administration Authentication sequence. The generation and use of the Administratio
40、n Signatures is defined in Clause 14. 3.1.3 authentication: The act of checking the identity or integrity of an entity. 3.1.4 Authentication Silo (AS): A silo that implements the full IEEE 1667 Authentication Command Set. 3.1.5 Authentication Silo Key Pair (ASKP): A pair of public and private keys,
41、associated with an Authentication Silo. The private key is stored securely on an ACT and cannot be retrieved by a host using any command including IEEE 1667 commands. However, it can be challenged by encrypting data with the public key, which is readily available using the Command Set. Each Authenti
42、cation Silo must have one and only one ASKP. All ASKPs must be unique within the Transient Storage Device. 3.1.6 authorization: The process of determining, by evaluating applicable access control information, whether an authenticated user, device, or host is allowed access to a particular host or de
43、vice. 1 FIPS publications are available from the National Technical Information Service (NTIS), U. S. Dept. of Commerce, 5285 Port Royal Rd., Springfield, VA 22161 (http:/www.ntis.org/). -,-,- IEEE Std 1667-2006 IEEE Standard Protocol for Authentication in Host Attachments of Transient Storage Devic
44、es 3 Copyright 2007 IEEE. All rights reserved. 3.1.7 Command Set: The protocol that facilitates authentication between a host and an ACT. The Command Set also includes commands that implement security features such as Certificate Store access, cryptography, and device authentication. 3.1.8 connect:
45、The process of establishing a connection between a host and a device, allowing the use of functionality in the ACT by the host, or allowing the use of functionality in the host by the ACT, depending on authorization. Generally, a device is connected to a host via a standard connector such as USB, Fi
46、reWire, WUSB, ATA, or a dedicated TCP/IP connection. The functionality provided by the TSD and the host may be limited prior to authentication of the TSD and the host. 3.1.9 device: See: Transient Storage Device. 3.1.10 Globally Unique Identifier (GUID): An immutable globally unique serial number. 3
47、.1.11 host: A computer, server, or other provider of services to a user that has a client-server relationship with an ACT in which the user primarily interacts with the host. 3.1.12 initialize: Return a device to its original manufactured state. 3.1.13 Mass Storage Class: USB device class for mass s
48、torage devices as defined in Universal Serial Bus Mass Storage Class Specification. 3.1.14 Probe Silo (PS): A silo that implements the 1667 Probe Command. Each ACT must implement a Probe Silo at the first silo index. 3.1.15 silo: A uniquely addressable receiver of commands on an ACT that is accessible using the IEEE 1667 protocol. One or more silos can exist in an ACT. 3.1.16 Silo Type Identifier (STID): A 4-byte value uniquely identifying th