The Integrated Secure Communication Layer (ISCL) provides a means of adding security to DICOM communication. The security added targets three main areas:
- Computer or Entity Authentication.
- Confidentiality.
- Data Integrity.
Computer/Entity Authentication
Computer or entity authentication lets both the client and the server make sure the computer to which they are communicating (the peer computer) is "legitimate" for communication. This is accomplished by exchanging challenge codes and response codes. The following methods are used when performing computer or entity authentication:
The DicomNet.GetChallengeIscl method generates a random number.
The DicomNet.InternalAuthenticateIscl method generates a response code, based on the specified challenge code.
The DicomNet.ExternalAuthenticateIscl method determines whether the response code is a valid response for the challenge code.
This occurs during "mutual authentication". Currently, the only mutual authentication protocol is the "Three-pass-four-way" protocol. For a more detailed description of this protocol, refer to the "MEDIS-DC STANDARDS for Integrated Secure Communication Layer Protocols V 1.00".
The mutual authentication protocol lets both the client and the server verify that the computer to which each is connected is cleared to receive information. The server begins by issuing a GETCHALLENGE command. This generates a random number, which in turn is used to create a challenge code.
The challenge code is then sent to the client. The client issues an INTERNAL AUTHENTICATE command, which takes the challenge code and generates a response code. This response code is then returned to the server. The client has also generated its own GETCHALLENGE command and has generated a challenge code. This is sent to the server with the response code. This allows the client to verify that it should be communicating with the server.
The server receives the response code from the client and generates an EXTERNAL AUTHENTICATE command. The original challenge code and the response code returned from the client are compared. If the response code is found to be a legitimate response code for the challenge code, the server has authenticated the client. The server also takes the challenge code received from the client and generates an INTERNAL AUTHENTICATE command. This also generates a response code from the received challenge code. This response code is then sent back to the client.
The client receives the response code from the server and generates an EXTERNAL AUTHENTICATE command. The original challenge code is compared to this response code. If the response code is found to be a legitimate response code for the challenge code, the client has authenticated the server.
At this point, the client sends the server a message that the mutual authentication has been completed.
On the toolkit level each GETCHALLENGE command issued either by the server or the client is done through a call to the method DicomNet.GetChallengeIscl which will generate a random number.
If an INTERNAL AUTHENTICATE command is issued, the DicomNet.InternalAuthenticateIscl method will be called to generate a response code, based on the specified challenge code.
If an EXTERNAL AUTHENTICATE command is issued, the DicomNet.ExternalAuthenticateIscl method will be called to determine whether the response code is a valid response for the challenge code.
Currently, the only mutual authentication protocol is the "Three-pass-four-way" protocol. For a more detailed description of this protocol, refer to the "MEDIS-DC STANDARDS for Integrated Secure Communication Layer Protocols V 1.00".
Confidentiality
Communication confidentiality is achieved by encrypting the data sent over the communication channel. Currently, the encryption options are:
- No encryption.
- DES-CBC encryption. This is a 56 bit effective key length in a 64 bit key encryption in cipher block chaining mode.
For more information on encryption, refer to the "MEDIS-DC STANDARDS for Integrated Secure Communication Layer Protocols V 1.00".
Data Integrity
Data integrity is maintained by using message authentication codes for each message sent across a DICOM Network. These message authentication codes are encrypted using the same encryption mode used for encrypting data. Currently, ISCL uses DESMAC (64 bit) and MD5 (128 bit) message authentication codes.