03/22/10 draft-zhang-hip-privacy-protection- 00 Dacheng Zhang Miika Komu An Extension of HIP Base Exchange to Support Identity Privacy.

Slides:

Advertisements

Similar presentations

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.

Advertisements

Last Class: The Problem BobAlice Eve Private Message Eavesdropping.

Establishing Host Identity Protocol Opportunistic Mode with TCP Option draft-lindqvist-hip-opportunistic-01.txt Janne.

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005

IPSec In Depth. Encapsulated Security Payload (ESP) Must encrypt and/or authenticate in each packet Encryption occurs before authentication Authentication.

Hacking WLAN // BRUTE FORCE CRACKER // TCP/IP. WLAN HACK Wired Equivalent Privacy (WEP) encryption was designed to protect against casual snooping, but.

Security at the Network Layer: IPSec

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

K. Salah 1 Chapter 31 Security in the Internet. K. Salah 2 Figure 31.5 Position of TLS Transport Layer Security (TLS) was designed to provide security.

Explorations in Anonymous Communication Andrew Bortz with Luis von Ahn Nick Hopper Aladdin Center, Carnegie Mellon University, 8/19/2003.

Wired Equivalent Privacy (WEP)

Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.

IKE message flow IKE message flow always consists of a request followed by a response. It is the responsibility of the requester to ensure reliability.

SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.

1 Network Management and SNMP  What is Network Management?  ISO Network Management Model (FCAPS)  Network Management Architecture  SNMPv1 and SNMPv2.

1 /12 Pascal URIEN, IETF 72 rd, Monday July 28 th Dublin, Ireland draft-urien-hip-tag-00.txt HIP support for RFID

1 /11 Pascal URIEN, IETF 77 th, Monday March 22 nd Anaheim, California draft-urien-hip-tag-03.txt HIP support for RFID

Host Identity Protocol

Doc.: IEEE /1066r2 Submission July 2011 Robert Moskowitz, VerizonSlide 1 Link Setup Flow Date: Authors: NameCompanyAddressPhone .

IPsec: IKE, Internet Key Exchange IPsec does not use Public Key Infrastructure and exchanging keys before an IPsec connection is established is a problem.

“Security Weakness in Bluetooth” M.Jakobsson, S.Wetzel LNCS 2020, 2001 The introduction of new technology and functionality can provides its users with.

Guomin Yang et al. IEEE Transactions on Wireless Communication Vol. 6 No. 9 September

A History of WEP The Ups and Downs of Wireless Security.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 3: VPN and Encryption Technology.

COEN 350 Mobile Security. Wireless Security Wireless offers additional challenges: Physical media can easily be sniffed. War Driving Legal? U.S. federal.

1 Lecture 14: Real-Time Communication Security real-time communication – two parties interact in real time (as opposed to delayed communication like )

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

Doc.: IEEE Submission March 2012 Jani Pellikka, Andrei Gurtov (University of Oulu)Slide 1 Project: IEEE P Working Group.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

IP Security Lawrence Taub IPSEC IP security — security built into the IP layer Provides host-to-host (or router-to-router) encryption and.

Wireless Security Presented by: Amit Kumar Singh Instructor : Dr. T. Andrew Yang.

1 /10 Pascal URIEN, IETF 66 h, Wednesday July 12 th,Montreal, Canada draft-urien-badra-eap-tls-identity-protection-00.txt

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

1 /14 Pascal URIEN, IETF 75 th, Tuesday July 28th Stockholm, Sweden draft-urien-hip-tag-02.txt HIP support for RFID

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 Module 3 City College of San.

WEP AND WPA by Kunmun Garabadu. Wireless LAN Hot Spot : Hotspot is a readily available wireless connection.  Access Point : It serves as the communication.

Network Security David Lazăr.

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.

Problems in using HIP for P2PSIP Philip Matthews Avaya

William Stallings Data and Computer Communications Chapter 18 Network Security.

Attacking IPsec VPNs Charles D George Jr. Overview Internet Protocol Security (IPSec) is a suite of protocols for authenticating and encrypting packets.

IPSec VPN: How does it really work? Yasushi Kono (ComputerLinks Frankfurt)

SPEAKER: HONG-JI WEI DATE: Secure Anonymous Authentication Scheme with Roaming for Mobile Networks.

Wireless Security Rick Anderson Pat Demko. Wireless Medium Open medium Broadcast in every direction Anyone within range can listen in No Privacy Weak.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Securing Data Transmission and Authentication. Securing Traffic with IPSec IPSec allows us to protect our network from within IPSec secures the IP protocol.

Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010

Ways to reduce the risks of Crowds and further study of web anonymity By: Manasi N Pradhan.

Wireless Network Security CSIS 5857: Encoding and Encryption.

HIP & MIP V 6 SECURITY Research: Security Architecture IRT Lab, Columbia University.

Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems July 30, 2009 Slides presented.

Giuseppe Bianchi Warm-up example WEP. Giuseppe Bianchi WEP lessons  Good cipher is far from being enough  You must make good USAGE of cipher.

KERBEROS SYSTEM Kumar Madugula.

Bluetooth Low Energy Security Manager CSOS 홍성화. content Security Manager Introduction Security Properties Cryptographic Functions Security Manager Protocol.

Secure Instant Messenger in Android Name: Shamik Roy Chowdhury.

SECURITY. Security Threats, Policies, and Mechanisms There are four types of security threats to consider 1. Interception 2 Interruption 3. Modification.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Cryptography CSS 329 Lecture 13:SSL.

- Richard Bhuleskar “At the end of the day, the goals are simple: safety and security” – Jodi Rell.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

CRYPTOGRAPHY Cryptography is art or science of transforming intelligible message to unintelligible and again transforming that message back to the original.

Advanced Block Cipher Characteristic. Introduction Published by NIST in 2001 Developed to overcome bottleneck of 3DES Block length is of 128 bits Key.

Establishing Host Identity Protocol Opportunistic Mode with TCP Option

Transmission of IPv6 Packets over IEEE OCB Networks

Presentation transcript:

03/22/10 draft-zhang-hip-privacy-protection- 00 Dacheng Zhang Miika Komu An Extension of HIP Base Exchange to Support Identity Privacy

03/22/10 Motivation HIP leaks identity-related information even though ESP protects the confidentiality of the data-plane In the current version of base exchange (BEX), the identities (HITs and HIs) of communicating partners are transported in plain text An active or passive attacker can eavesdrop a base exchange and track the identities and movement of communicating end-hosts As a consequence, privacy is hindered because the connectivity of a host can be traced securely

03/22/10 Solutions for Identity Privacy Ephemeral identities –Thrown away when used once –More overhead to generate new keys –Anonymous authentication Encrypted public keys –Non-anonymous authentication –Requires also emphemeral identities –Requires presharing of public keys Scrambled identities (aka “blind”) –Optimization of the previous approach –Only HITs are preshared

03/22/10 The BLIND Extension The proposed solution is based on the BLIND extension from Ylitalo et al The solution attempts to address the privacy issue by scrambling HI(T)s with nonces and exposing the real HI(T)s in the encrypted parts of HIP packets Scrambling of an identity is denoted by a flag The unscrambled HITs have to be known in advance (for full identity protection)

03/22/10 Generation of Scrambled HITs Before sending out an I1 packet, an initiator first selects a random number nonce N The initiator generates a scrambled HIT for it by SHA-1 hashing the concatenation of N and its HIT (HIT-I), that is, SHA-1(N, HIT-I) If the identity privacy of the responder has to be protected, the initiator generates a scrambled HIT for the initiator in the same way

03/22/10 Next Revision of the Draft Is this work interesting? Should we have a specific use scenario? Location privacy using HIP/ESP Relay? HICCUPS compatibility Analyze BLIND dependency to algo agility Encrypted public keys a better approach? –HIP-capable middleboxes can authenticate at least the ephemeral identities – Midbox throttles throughput or drops the connection

Thank you