|
Information Security
< Previous Next >
re: Information security in FIX
Alex Lim / SGX
31 Aug 2002 11:10AM ETThanks, Ryan.
With regards to using PGP keys for authentication, is this a common practice in the financial industry? If it is, is also a norm to expire the keys after perhaps 1-2 years? I am curious how the keys are being managed ..
> > Hi, I am looking for updated info describing the information security controls that are in place within FIX. The controls should address security objectives like confidentiality (encryption), integrity (message digest), authentication (userid/password handling and digital certificates) and non-repudiation (digital signatures).
>
> First, user/password really isn't a part of the FIX protocol. FIX isn't designed as an end-user protocol, but rather is a B2B protocol. The primary concern with FIX is firm-to-firm security, not authenticating individual end-users.
>
> The current officially-approved PGP security mechanisms are:
>
> 1. DES ECB. This is a symmetric key system, with the key decided out of band.
>
> 2. PGP-DES-MD5. In this system, PGP keys are used to perform an authenticated key exchange, and DES in CBC mode is used for confidentiality while MD5 is used as part of a hash function, the inputs of which are the secret session key and the ciphertext.
>
> While these approaches address authentication, confidentiality and integrity, they do nothing to address non-repudiation. First, I'd like to state that non-repudiation, according to most security professionals, is impossible to achieve. What we're really talking about doing is making repudiation of a transaction much harder. PGP, in this case, is NOT used to provide individual transaction signatures. The MD5 hash can be computed by either party, so no cryptographic protection against fraudulent repudiation exists.
>
> The current project of the Encryption Working Group is to investigate and standardize upon SSLv3 and/or TLS for engine to engine security. This provides for certificates defining identity on a per-session basis, but similarly does nothing to make repudiation more difficult.
>
> The only attempt to my knowledge to make repudiation more difficult through digital signatures of FIX messages was done by EMX. (I'd be interested if anyone else has done something similar.) This business function is something that the Encryption Working Group will consider after standardization of SSLv3 and/or TLS has been completed.
>
re: Information security in FIX
Alex Lim / SGX 31 Aug 2002 11:10AM ET
|
