Challenge-Response New Authentication Scheme

Slides:



Advertisements
Similar presentations
1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Advertisements

Adding SASL to HTTP/1.1 draft-nystrom-http-sasl-07.txt Magnus Nyström, RSA Security Alexey Melnikov, Isode Limited
SIP Authentication using EC- SRP5 Protocol draft-liu-sipcore-ecc-srp5-00.txt Authors: Fuwen Liu, Minpeng Qi and Min Zuo.
Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.
Module 5: TLS and SSL 1. Overview Transport Layer Security Overview Secure Socket Layer Overview SSL Termination SSL in the Hosted Environment Load Balanced.
SSH : The Secure Shell By Rachana Maheswari CS265 Spring 2003.
ACE – Design Considerations Corinna Schmitt IETF ACE WG meeting July 23,
RADIUS Server PAP & CHAP Protocols. Computer Security  In computer security, AAA protocol commonly stands for authentication, authorization and accounting.
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
SSH Secure Login Connections over the Internet
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
.Net Security and Performance -has security slowed down the application By Krishnan Ganesh Madras.
Internet Research Task Force Crypto Forum Research Group IETF 89 March 3, 2014 London List: Chairs:
TLS 1.2 and NIST SP A Tim Polk November 10, 2006.
SIP OAuth Rifaat Shekh-Yusef IETF 90, SIPCore WG, Toronto, Canada July 21,
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Roy Bahian, Sean Maxon, Brian Seo, Michael Rojas, Daniel Sherry, Nor Rabi’ah Mohd Nawawi Client: Dr. Ali Mostashari.
Authentication Key HMAC(MK, “auth”) Server Encryption Key HMAC(MK, “server_enc”) User Password Master Key (MK) Client Encryption Key HMAC(MK, “client_enc”)
BetterAuth: Web Authentication Revisited Martin Johns, Sebastian Lekies, Bastian Braun, Benjamin Flesch In ACSAC /01/08 A.C. ADL.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Message Authentication Code July Message Authentication Problem  Message Authentication is concerned with:  protecting the integrity of a message.
December 2008Prof. Reuven Aviv, SSL1 Web Security with SSL Network Security Prof. Reuven Aviv King Mongkut’s University of Technology Faculty of information.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.
DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.
DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.
Roy Bahian, Sean Maxon, Brian Seo, Michael Rojas, Daniel Sherry, Nor Rabi’ah Mohd Nawawi Client: Dr. Ali Mostashari.
SIP Digest Access Authentication Rifaat Shekh-Yusef IETF 89, SIPCore WG, London March 6, Rifaat Shekh-Yusef - SIP Digest Auth.
Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.
All Rights Reserved © Alcatel-Lucent 2006, ##### 2G IMS CAVE Based Security Replay Protection Alec Brusilovsky, Zhibi Wang Alcatel-Lucent, July 24, 2007.
1 Standardizing Key Derivation Functions Hugo Krawczyk IBM Research Or: google kdf hmac.
Cryptographic Hash Functions and Protocol Analysis
All Rights Reserved © Alcatel-Lucent 2006, ##### 2G IMS CAVE Based Security Replay Protection Zhibi Wang January, 2007.
PKCS #5: Password-Based Cryptography Standard
SACRED REQUIREMENTS DOCUMENT Stephen Farrell, Baltimore Alfred Arsenault, Diversinet.
ANSI X9.44 and IETF TLS Russ Housley and Burt Kaliski RSA Laboratories November 2002.
1 3GPP2 GBA Overview Adrian Escott Chair, TSG-S WG4 24 May 2006.
3GPP GBA Overview Adrian Escott.
Subject Identification Method August, 2004 Tim Polk, NIST.
PKCS #5 v2.0: Password-Based Cryptography Standard
Roy Bahian, Sean Maxon, Brian Seo, Michael Rojas, Daniel Sherry, Nor Rabi’ah Mohd Nawawi Client: Dr. Ali Mostashari.
Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
RSA Laboratories’ PKCS Series - a Tutorial
PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt)
OAuth WG Conference Call, 11th Jan. 2013
Phil Hunt, Hannes Tschofenig
Tutorial on Creating Certificates SSH Kerberos
CII Badging Program for CLAMP Xue Gao, Pierre Close, Anael Closson
RPSEC WG Issues with Routing Protocols security mechanisms
Secure Sockets Layer (SSL)
IS-IS WG IS-IS Cryptographic Authentication Requirements
CMSC 414 Computer and Network Security Lecture 15
Understand Networking Services
Tutorial on Creating Certificates SSH Kerberos
CSE 4095 Transport Layer Security TLS
– Chapter 5 (B) – Using IEEE 802.1x
Discussion of Some Letter Ballot 52 Comments
SSH: SECURE LOGIN CONNECTIONS OVER THE INTERNET
The Secure Sockets Layer (SSL) Protocol
Pre-Association Negotiation of Management Frame Protection (PANMFP)
Exercise: Hashing, Password security, And File Integrity
CS5220 Advanced Topics in Web Programming Secure REST API
Security Activities in IETF in support of Mobile IP
Jesse Walker, Intel Corporation Russ Housley, Vigil Security
Cryptography and Network Security
Rifaat Shekh-Yusef IETF105, OAuth WG, Montreal, Canada 26 July 2019
Blockchains Lecture 4.
Presentation transcript:

Challenge-Response New Authentication Scheme Rifaat Shekh-Yusef IETF 90, CFRG WG, Toronto, Canada July 23, 2014

Overview Goal Define a new scheme for the challenge-response framework to replace Basic/Digest. How The proposals do not introduce any novel cryptographic algorithms. The proposals use a combination of existing protocols and algorithms.

Challenge-Response Framework Client Server -------------------------------------------------------------------- | | | Initial-Request | |------------------------------------------------------------->| | Challenge [Scheme] | |<-------------------------------------------------------------| | Response [Scheme] | | Confirmation | Usage This framework is used by a variety of protocols; e.g. HTTP, SIP, OAuth, STUN,…

Basic/Digest Schemes Issues Weak protection of passwords at rest. Low entropy passwords. Password/password-hash sent on the wire. Optional support for mutual authentication. Susceptible to downgrade attack. Susceptible to replay attack (depends on qop) And more

PBKDF2-JPAKE-based Proposal Derive a key from the shared password. Store the key in the DB. JPAKE Three-pass Variant Key Confirmation To fit the above into the challenge-response framework, the proposal: Uses the PBKDF2 key as an input to JPAKE. Utilizes the Initial-Request. Combines the Key Confirmation procedure with the Three-pass Variant procedure.

Key-Derivation Proposal Scrypt-based scheme: Derive a key from the shared password. Store the key in the DB. Use the key to establish mutual authentication. Never send the password or the key on the wire. Key-derived data will be sent on the wire WPS-PSK uses the following: Iteration = 4096 HMAC-Hash function = HMAC-SHA1

Questions Can the WG agree on one or more PAKE protocols to consider? Should the Key-Derivation proposal be considered and discussed here?

References PBKDF2 SCRYPT JPAKE "NIST Special Publication 800-132 - Recommendations for Password-Based Key Derivations", December 2010. http://csrc.nist.gov/publications/nistpubs/800-132/nist-sp800-132.pdf SCRYPT Percival, C., Josefsson, S., "The scrypt Password-Based Key Derivation Function", "draft-josefsson-scrypt-kdf-01" (Work In Progress), September 2012. JPAKE Hao, F., "J-PAKE: Password Authenticated Key Exchange by Juggling", draft-hao-jpake-01, (Work In Progress), December 2013.

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.