This article was originally from the 2021 Alibaba Cloud Developers Conference, the open source operating system community and ecological sub-forum, after the interpretation of the sharing session entitled "National Secret Technology Development and Practice".
AnolisOS National Secret is a national secret technical solution made by the community on AnolisOS. Interested developers in the industry are very welcome to participate in the OpenAnolis community and contribute to the domestic basic software ecology.Speakers:
Yang Yang: Senior technical expert of Ant Group, led the development of BabaSSL, and is also the only OpenSSL maintainer in China. He participated in drafting and promoting the internationalization of the RFC8998 standard.
Zhang Tianjia: Alibaba Cloud technical expert, mainly responsible for the development and application of the national secret technology on AnolisOS, and participated in the realization of the national secret algorithm in libgcrypt and the SM2 algorithm in the linux kernel.
Let us travel back to the scene:
origin
Speaking of cryptographic algorithms, everyone must be very familiar with MD5, AES, RSA and other general international standard algorithms, which are also commonly used cryptographic algorithms at present. They are widely used in many fields such as data security, communication, and blockchain. .
As we all know, these algorithm standards are all formulated abroad, and in some cases this will have an adverse effect on domestic information security. Powerful countries and even some large companies have formulated their own algorithm standards.
As the name suggests, the national secret is the localization of cryptographic algorithms. Like other fields, the localization of cryptographic algorithms is overwhelming. This is what we must do. China's national secret algorithm provides us with a new choice. We can choose to replace those international mainstream algorithms when necessary, especially in the current international trade conflicts and technological blockades that cannot be ignored. Large-scale promotion and adoption of national secrets The algorithm will provide reliable data security guarantee for important domestic network infrastructure.
Introduction to National Secret
who am I and where do I come from
The national secret is a colloquial term. The official name is the national commercial password, abbreviated as Shang secret, and the pinyin abbreviation is SM. This is also the source of the specific algorithm name in the national secret standard. The national secret is a cryptographic technology used for commercial use and does not involve state secrets.
The national secret standards are completely formulated by the China Cryptography Administration, and the main technical implementations are basically completed by domestic developers. This is very beneficial for getting rid of the dependence on foreign cryptography technologies and products.
where to go
Since 2012, the national secret standards of SM2/3/4 have been announced one after another. At present, the national secret technology ecology is basically in a stage that is gradually becoming mature, but domestic cryptographic basic software is still in a fragmented state in adopting national secret algorithms. For example, we can often see libraries supporting national secret algorithms that are open source in the name of various individuals or organizations; in addition, the security updates and community activity of these open source projects are not well done. The promotion of the National Secret still requires the joint efforts of the developers and users of China's basic software.
On January 1, 2020, the "Cryptography Law of the People's Republic of China" was officially implemented, which regulates the application and management of national commercial passwords from the legal level, which also provides the necessary legal guarantee for the promotion and application of national secrets.
Comparison with international algorithms
Here is a comparison between the national secret algorithm and the international general algorithm, you can intuitively see a basic situation of the national secret:
For various commonly used international algorithm types, such as symmetric algorithm, public key algorithm and message digest algorithm, the national encryption standard defines the corresponding national encryption algorithm with the same function. For example, SM4 provides the same encryption strength as AES, and Supports various encryption modes; SM2 is a public key algorithm based on elliptic curve, and at the same time defines asymmetric encryption and decryption, digital signature and key exchange standards. Compared with RSA, SM2 has a shorter key, but supports a higher encryption strength. High; SM3 is a message digest algorithm standard defined by the state secrets. The digest length is fixed 256 bits, and the strength is equal to SHA256.
In addition to the basic algorithm, the national secret standard also defines the TLCP national secret dual certificate protocol to support the domestic transport layer security protocol. There is also good news here. In March of this year, the TLS1.3+ National Secret Single Certificate Protocol was officially recognized by international standards and was published in the RFC8998 standard, which means that we can choose to use the complete National Secret in the TLS1.3 protocol. Kit, we are currently contacting regular browser vendors to support the implementation and application of this standard.
At the same time, the national secret also defines the X509 certificate that uses the national secret algorithm, using the SM3 hash algorithm, and the SM2 algorithm as a digital signature. The certificate type is SM2-with-SM3.
For developers, the National Secret provides a choice, they can choose to smoothly migrate from the international general algorithm. In addition, the National Secret has other algorithm standards, which are not commonly used, such as SM9 and ZUC algorithms.
BabaSSL Past and Present
BabaSSL is a national secret cryptographic algorithm library, which is compatible with OpenSSL 1.1.1 and was born as a national secret cryptographic algorithm solution.
BabaSSL is based on the merger of the previous OpenSSL versions of Ant Group and Ali Group, and it is open sourced for the first time. The meaning of BabaSSL is: a smart, light and reliable cryptography and SSL/TLS tool library.
The green trademark of BabaSSL is based on a mixture of Ali's orange and Ant's blue, which also means that we hope to build BabaSSL into a flexible, compact and robust basic cryptography library.
BabaSSL is currently widely used within Alibaba Group and Ant Group. From the perspective of specific scenarios, there are three aspects as follows: storage, network, and device on the end. Among them, the network service scenario is the biggest support scenario for BabaSSL, such as Taobao, Tmall, Alibaba Cloud and other server-side links that involve encryption. In addition, mobile apps, such as Alipay's mobile app, integrate BabaSSL to achieve multiple cryptographic capabilities.
Open source
BabaSSL has been open sourced in October last year. The code is currently hosted on OpenAnolis. The current open source version is 8.2.0, which is also our latest stable version.
At present, there are certain differences between the internal version of BabaSSL used in Ali and the open source version. We are currently gradually migrating the features of the internal version to the open source version for open source, and eventually become a unified open source version. It is completely dependent on this open source version, and will no longer retain the internal closed source version.
Special feature
The following are the main features of the latest stable version of BabaSSL 8.2.0:
- Based on OpenSSL 1.1.1, with all the capabilities of OpenSSL 1.1.1 and maintaining compatibility
- Supports national secrets SM2, SM3 and SM4, and complements the SM2 capabilities that are lacking in OpenSSL 1.1.1, such as the issuance and verification of X509 certificates
- GM/T 0024 and TLCP dual-certificate TLS protocol
- Support RFC 8998: TLS 1.3 + national secret certificate
- Provides Delegated Credentials that are in the process of standardization by the IETF
- Support IETF QUIC API underlying cryptography capabilities
- More complete SM2 algorithm support, such as support for X.509 certificate issuance and verification
- Applying for first-level qualification of software password module
Compared with OpenSSL
Next is the difference between BabaSSL and OpenSSL, which are of great concern to everyone, between the old cryptographic algorithm libraries:
Some main differences can be seen from the picture:
For some new cryptography technical standards, BabaSSL will adopt a relatively radical strategy to follow up quickly. For example, some technical solutions in the IETF standardization process, such as delegated credentials, compact TLS, etc., will be prototyped and quickly implemented. Follow up, while OpenSSL is relatively conservative, because the strategy of the OpenSSL community is in principle to only implement published international and national standards.
In terms of national secret algorithms, national secret protocols, national secret regulatory compliance, deep integration of cloud computing vendors, and localized hardware, BabaSSL will provide more in-depth and extensive support, while OpenSSL supports relatively limited.
Regarding the ease of use of the API, since there is no historical burden, BabaSSL can provide a simpler and easier-to-use API, while the OpenSSL API is relatively complex. For embedded devices with limited resources, BabaSSL will carry out volume reduction and memory usage planning, while OpenSSL clearly stated that there is no relevant plan.
future plan
This is a follow-up BabaSSL future version planning and feature support. It is basically a version every six months. It covers the support of a variety of new cryptographic technologies, including the implementation of several IETF draft RFCs, support for localized hardware, and Future support for cutting-edge technologies such as post-quantum cryptography and homomorphic encryption:
- Support MPK
- Encrypted SNI
- Compressed Certificate
- Compact TLS
- SM algorithm optimization
- Support the national secret algorithm instruction set of the localized CPU
- Volume trimming, memory usage optimization
- Tink API
- ZUC,SM9
- PQC
- Homomorphic encryption algorithm
National secret ecological structure
Everything is ready, with the support of the basic national secret algorithm, we can build a basic software ecosystem around the national secret algorithm. This is a vertical scenario of the national secret ecology, and it is also our national secret ecological architecture on AnolisOS. At the same time, it is also a full-stack national secret solution: from the underlying firmware, kernel, to the basic cryptographic library, it is done on the main link. The transformation of the national secrets will eventually form a complete security trust chain based on the national secrets.
On the right side of the figure are some vertical national secret application scenarios, such as SecureBoot, IMA, kernel module signature, file integrity verification, etc.
So far, we have supported the national secret algorithm in mainstream basic components such as the linux kernel, BabaSSL, libgcrypt, gnulib, etc. The work in this part has been fed back to the upstream open source community, and interested developers can use it directly or For reference, these features and functions will also be first output on AnolisOS, reaching an out-of-the-box OS that natively supports National Secrets.
It can also be seen that there are many software stacks involved in the national secret ecology, and there are also various forms. There is still a long way to go to gradually improve this ecology. The international technology blockade in recent years has also given us the determination and motivation to do this.
At present, we have cooperated with Tongxin, Haiguang and other vendors. We also welcome interested developers in the industry to participate in the community and do this together. After that, our work will be operated in the Anolis community in an open source manner, with openness. Tolerant attitudes, continue to complement and improve this ecology, and finally achieve a goal: the entire security trust chain is completely based on the national secret algorithm.
Application of National Secret in IMA and modsign
We know that cryptographic algorithms have always served security. Let’s take a look at two specific examples of the transformation of national secrets in the security field.
IMA is a file integrity measurement framework provided by the linux kernel to detect whether files have been maliciously tampered with. The purpose of the kernel module signature is similar, and it is used to detect whether the source of the module is trusted. They all provide their own signature tools, which rely on the SM2 signature file capability provided by BabaSSL for signing in user mode.
The verification of the file signature is completed in the kernel. Since the kernel cannot directly use the application layer library, in order to support the verification of the file signature in the Linux kernel, we have implemented the national secret SM2/3/4 algorithm and the national secret certificate in the kernel. Support, used to verify whether the signature is legal.
Through the transformation of the corresponding software stack, we built a security mechanism for IMA and kernel module signatures based entirely on the national secret algorithm, which was previously guaranteed by international algorithms.
Full Stack National Secret SIG
The following is our full-stack national secret SIG on OpenAnolis. Interested developers are very welcome to participate in the community and contribute to the security of basic software in China.
SIG address: https://openanolis.cn/sig/crypto
Code base: https://codeup.openanolis.cn/codeup/crypto
Recommended reading this week
- Exploration and Practice of Ant Cloud Native Application Runtime-ArchSummit Shanghai
- takes you into cloud native technology: exploration and practice of cloud native open operation and maintenance system
- data security: Ant and Intel work together to create a verification PPML solution
- Financial-level capabilities become core competitiveness, service grid drives enterprise innovation
For more articles, please scan the QR code to follow the "Financial Grade Distributed Architecture" public account
**粗体** _斜体_ [链接](http://example.com) `代码` - 列表 > 引用。你还可以使用@来通知其他用户。