SessIon LayEr SecuriTy Approach SIESTA

Slides:



Advertisements
Similar presentations
Intermediate TCP/IP TCP Operation.
Advertisements

Transport Layer – TCP (Part1) Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
Process-to-Process Delivery:
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Transport Layer and UDP Tahir Azim Ref:
Networked & Distributed Systems TCP/IP Transport Layer Protocols UDP and TCP University of Glamorgan.
TCP/IP Protocols Contains Five Layers
The Transport Layer application transport network data link physical application transport network data link physical application transport network data.
CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
MULTIPLEXING/DEMULTIPLEXING, CONNECTIONLESS TRANSPORT.
Doc.: IEEE kmp Submission September 2011 Robert Moskowitz, Verizon Slide 1 Project: IEEE P Working Group for Wireless Personal.
1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.
Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems July 30, 2009 Slides presented.
2: Transport Layer 11 Transport Layer 1. 2: Transport Layer 12 Part 2: Transport Layer Chapter goals: r understand principles behind transport layer services:
Establishing Host Identity Protocol Opportunistic Mode with TCP Option
IPSec Detailed Description and VPN
How Do Users Share Computer Files?
Chapter 3 Transport Layer
Introduction to Networks
Chapter 3 Transport Layer
IPSecurity.
The Transport Layer Implementation Services Functions Protocols
Master’s Project Presentation
Chapter 3 outline 3.1 Transport-layer services
CSE 4905 IPsec.
Encryption and Network Security
In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia
Layered Architectures
06- Transport Layer Transport Layer.
Understand the OSI Model Part 2
IPSec IPSec is communication security provided at the network layer.
TCP Transport layer Er. Vikram Dhiman LPU.
CS 1652 Jack Lange University of Pittsburgh
Introduction to Networks
Net 431: ADVANCED COMPUTER NETWORKS
Transport Layer Our goals:
Transport Protocols Relates to Lab 5. An overview of the transport protocols of the TCP/IP protocol suite. Also, a short discussion of UDP.
September 19th, 2013 CS1652 Jack Lange University of Pittsburgh
Chapter 3: Open Systems Interconnection (OSI) Model
Process-to-Process Delivery:
Robert Moskowitz, Verizon
Nov 2013 Robert Moskowitz, Verizon
Robert Moskowitz, Verizon
Robert Moskowitz, Verizon
Robert Moskowitz, Verizon
Robert Moskowitz, Verizon
Advanced Computer Networks
Robert Moskowitz, Verizon
Robert Moskowitz, Verizon
Nov 2013 Robert Moskowitz, Verizon
Net 323 D: Networks Protocols
Building A Network: Cost Effective Resource Sharing
CS4470 Computer Networking Protocols
Computer Networking A Top-Down Approach Featuring the Internet
HIP DEX for Fast Initial Authentication in
Transport Protocols: TCP Segments, Flow control and Connection Setup
Robert Moskowitz, Verizon
Transport Protocols: TCP Segments, Flow control and Connection Setup
Process-to-Process Delivery: UDP, TCP
Chapter 3 Transport Layer
HIP DEX for Fast Initial Authentication in
NET 323D: Networks Protocols
Transport Layer 9/22/2019.
Transport Layer Our goals:
Lecture 36.
Lecture 36.
Presentation transcript:

SessIon LayEr SecuriTy Approach SIESTA Robert Moskowitz Verizon November 7, 2013 1

Problem The present end-to-end application security context is tightly coupled with the underlying communication context. This is problematic for at least three reasons. Not flexible: when the underlying communication context changes, the application security context must change, too. Overhead associated with such coupling is prohibitively expensive over constrained networks (such as sensor or cellular networks). Probably most important: an attack on the communication context immediately effects the application security. 2

Goals This work aims at a solution to the above problems, with the objective of providing security context and security message format(s) for an application, which is fully decoupled from the underlying communication methodology and is thus resilient to attacks on the communication context. With that, the security context may need to have basic understanding of the communication context to be efficient with datagram overhead and communication synchronization issues (such as sequence window management), and so it is desirable that solution supports the "hooks" into the underlying protocol 3

Why yet another Security Layer? What is the Session Layer? TCP/IP does not have a Session Layer From Wikipedia “The session layer provides the mechanism for opening, closing and managing a session between end-user application processes, i.e., a semi-permanent dialogue. Communication sessions consist of requests and responses that occur between applications. Session-layer services are commonly used in application environments that make use of remote procedure calls (RPCs).” So every communications application can be seen to have a Session Layer abstraction. 4

What is not needed Another Key Management Protocol (KMP)? These are hard to do Instead, work out how to run existing independent KMPs e.g. IKEv2 and HIP Changes to existing security layers They each do the job they were invented for 5

Thus the Goals are Make network attacks uninteresting in that they do not disturb the security state Allow for very conservative message overhead while accommodating high performance networks Put the intelligence in the (independent) KMP, not the secure messaging format(s) Provide for security state survivablity and longevity Support mutli-flow, mulitcast, multipath, non- TCP/IP, and just about any other network design 6

Who is the Audience SDN M2M Expect other interest Being discussed in ONF for OpenFlow Multiflows and Survivablity big concerns And thus ETSI NFV as well M2M SMS, particularly satellite SMS Multicast sensor nets Expect other interest 7

Security State Survivability Security state loss is a significant threat Loss of state most commonly from reboot Thus rare in sensors, but expected on servers Significant time lost to detect state loss at peer Significant energy spent in sending packets that will be dropped due to loss of state at peer Implementations MAY maintain state in a secure store SHOULD when significant cost to peer to recover SHOULD refresh keys with peers for full recovery If Sequence # maintained, the key refresh MAY be delayed/scheduled 8

The State Machine An application using Session Security will Start – call the KMP with the session identities and get the SPIs, key hierarchies, and ciphersuite Key refresh – on seq # consumption, call the KMP for fresh keys Secure – secure the message Reveal – decrypt and/or authenticate the message Teardown – tear down the security context State machine needs to handle responder Security setup and state loss recovery (e.g. after reboot) Some method is needed to connect a start or rekey with new SPIs to the SSE application that will use it. This could be internal to the KMP or KMP run over the eventual application port before any messages. 9

The Plan Use lessons learned with ESP to design a Session Security Envelope Move ESP up the stack and adjust accordingly Only provide for 'modern' ciphersuites e.g. AES with CCM, CMAC, GCM, GMAC Multiple formats tuned to differing requirements What about Additional Authenticated Data headers like HTTP stuff? 10

More the Plan This is so simple it SHOULD be done in 3 months! 3? RFCS No 'working group', just do it and submit So far only slide deck describing SSE Already claimed one implementation on NETBSD But not exclusive design team Mailing list siesta@ietf.org 3? RFCS SSE, IKEv2 support, HIP support Others like Kerberos? 11

Disclaimer I am currently working on a number of internal products using an SSE Why I am behind on my assignments for a number of standards works Management and Legal insisted on a patent application filing I will do IETF disclosure process once completed 12

Current work on 3 SSE Formats Highly constrained networks have a high cost per byte Fast networks MUST be able to maintain message synchronization This dichotomy leads to two SSE formats Very high bandwidth networks in the future e.g. 400gbs ethernet Which exceeds 32 bit explicit sequence number capabilities Thus a third format Let the market decide what gets used 13

SSE Compact Format * Optional 0 1 2 3 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---- | Security Parameters Index (SPI) | ^Integrity +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered | Length | Sequence Number | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered* | | Padding* (0-255 bytes) | | | +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-| | | | | Pad Length* | v v +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------ | Integrity Check Value - ICV (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---- | Security Parameters Index (SPI) | ^Integrity +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered | Length | Sequence Number | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered* | | Padding* (0-255 bytes) | | | +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-| | | | | Pad Length* | v v +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------ | Integrity Check Value - ICV (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---- | Security Parameters Index (SPI) | ^Integrity +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered | Length | Sequence Number | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | ---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered* | | Padding* (0-255 bytes) | | | +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-| | | | | Pad Length* | v v +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------ | Integrity Check Value - ICV (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * Optional 14

SSE Large Format * Optional 0 1 2 3 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---- | Security Parameters Index (SPI) | ^Integrity +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered | Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Sequence Number | | +--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered* | | Padding* (0-255 bytes) | | | +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-| | | | | Pad Length* | v v +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------ | Integrity Check Value - ICV (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * Optional 15

SSE Extreme Format * Optional 0 1 2 3 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ---- | Security Parameters Index (SPI) | ^Integrity +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered | Length | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Sequence Number | | | | | +--+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+| |---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Covered* | | Padding* (0-255 bytes) | | | +-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-| | | | | Pad Length* | v v +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ------ | Integrity Check Value - ICV (variable) | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ * Optional 16

Thank you for your time 17

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.