Group Key Management for PIM-SM Routers

Slides:



Advertisements
Similar presentations
1 PIM-SM over UDLR 54 th IETF, 2002/07/16.
Advertisements

Akihiro Tanabe, Daisuke Andou, Kaori Izutsu, Tsunemasa Hayashi and Hiroshi Tohjo NTT Access Network Service Systems Laboratories {atanabe, dandou,
Router Identification Problem Statement J.W. Atwood 2008/03/11
Christophe Jelger – CS221 Network and Security - Universität Basel Christophe Jelger Post-doctoral researcher IP Multicasting.
EE689 Lecture 12 Review of last lecture Multicast basics.
ReturnLocation.com An Overview for Users: Equipment Providers and Motor Carriers.
Group Communications at Concordia J. William Atwood High Speed Protocols Laboratory Concordia University Montreal, Quebec, Canada.
Ethernet Basics - 5 IGMP. The Internet Group Management Protocol (IGMP) is an Internet protocol that provides a way for an Internet computer to report.
Security Issues in PIM-SM Link-local Messages J.W. Atwood, Salekul Islam {bill, Department.
Securing PIM-SM Link-Local Messages J.W. Atwood Salekul Islam Concordia University draft-atwood-pim-sm-linklocal-01.
Multicast Routing Protocols. The Need for Multicast Routing n Routing based on member information –Whenever a multicast router receives a multicast packet.
Group Communication A group is a collection of users sharing some common interest.Group-based activities are steadily increasing. There are many types.
Draft-ietf-pim-source- discovery-bsr-01 IJsbrand Wijnands, Stig Venaas, Michael Brig,
4.6 Multicast at the Network Layer Introduction: The Internet multicast abstraction and multicast groups The IGMP Protocol Multicast.
Link-local security J.W. Atwood, S. Islam PIM Working Group 2007/12/04
Group Key Management for PIM-SM Routers J.W. Atwood, Salekul Islam Concordia University supplement to draft-ietf-pim-sm-linklocal-00.
Tuning the Behavior of IGMP and MLD for Mobile Hosts and Routers draft‐asaeda‐multimob‐igmp‐mld‐optimization‐03 Hitoshi Asaeda, Yogo Uchida Keio University.
Unnecessary Multicast Flooding Problem Statement
Draft-ietf-pim-port-03 wglc. WGLC responses Thomas suggested a long list of changes, mostly editorial –I believe I addressed all Dimitri also had comments.
Link-local security J.W. Atwood, S. Islam PIM Working Group 2007/07/25
6DEPLOY. IPv6 Deployment and Support
Receiver Access Control in IGMP Thomas Hardjono, Verisign Haixiang He, Nortel Networks Brad Cain, Cereva Networks.
Multicasting EECS June Multicast One-to-many, many-to-many communications Applications: – Teleconferencing – Database – Distributed computing.
1 Relates to Lab 4. This module covers link state routing and the Open Shortest Path First (OSPF) routing protocol. Dynamic Routing Protocols II OSPF.
1 CMPT 471 Networking II Multicasting © Janice Regan,
Dynamic Routing Protocols II OSPF
Multicast Listener Discovery
Diagnosing PIM Protocol States PIM Working Group
Zueyong Zhu† and J. William Atwood‡
Multicast Outline Multicast Introduction and Motivation DVRMP.
J.W. Atwood PIM WG 2010/03/23 The KARP Working Group J.W. Atwood PIM WG 2010/03/23
80th IETF, March 2011, Prague, Czech Republic
Tuning the Behavior of IGMP and MLD for Mobile Hosts and Routers
Huajin Jeng, Jeffrey Haas, Yakov Rekhter, Jeffrey Zhang
Distributed Keyservers
Hitoshi Asaeda Nicolai Leymann
Hitoshi Asaeda Nicolai Leymann
Hitoshi Asaeda Nicolai Leymann
In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia
(draft-archana-pimwg-pim-ping-00.txt)
IP Multicast Fast Reroute follow-up on draft-dimitri-rtgwg-mfrr-framework-00 RTG Working Group IETF 75 meeting Stockholm (Sweden) July 2009.
draft-ietf-pim-source-discovery-bsr-05
Summary Issued adoption call for draft-zhou-pim-vrrp.
draft-lts-pim-hello-mtu-01
Multicast Outline Homework #4 - posted later today, due in one week
Dynamic Routing Protocols II OSPF
Reactive Android Development
Reactive Android Development
Deprecating ASM for Interdomain Multicast IETF 103 Bangkok 2018
Multicast Outline Multicast revisited
Reason Why L2 Per Frame Authentication Is Required
J. William Atwood Bing Li Concordia University, Montreal
PIM Null Register packing
BIER PIM SIGNALLING Hooman Bidgoli, Jayant Kotalwar, Andrew Dolganow (Nokia) Fengman Xu (Verizon) IJsbrand Wijnands, Mankamana Mishra (Cisco) Zhaohui.
Use of p2mp BFD in PIM-SM over shared-media segment draft-mirsky-pim-bfd-p2mp-use-case Greg Mirsky Ji Xiaoli
draft-pim-with-ipv4-prefix-over-ipv6-nh
draft-ietf-pim-ecmp-01 IETF 82, Taipei
Mobile IP Regional Registration
IETF SIP Interim Meeting, Feb. 2001
Implementing Multicast
Optional Read Slides: Network Multicast
PIM Backup DR Mankamana Mishra IETF-102
draft-pim-with-ipv4-prefix-over-ipv6-nh
Use of p2mp BFD in PIM-SM (over shared-media segment) draft-mirsky-pim-bfd-p2mp-use-case Greg Mirsky Ji Xiaoli
Use of p2mp BFD in PIM-SM (over shared-media segment) draft-mirsky-pim-bfd-p2mp-use-case Greg Mirsky Ji Xiaoli
draft-ietf-pim-ipv4-prefix-over-ipv6-nh
MVPN/MSDP SA Interoperation
draft-ietf-pim-ipv4-prefix-over-ipv6-nh-01
Dynamic Distribution of SSM ranges.
Presentation transcript:

Group Key Management for PIM-SM Routers J.W. Atwood, Salekul Islam Concordia University supplement to draft-ietf-pim-sm-linklocal-00

Multicast groups formed by PIM routers PIM routers will form a large number of small SSM groups The number of SSM groups will be equal to the number of routers in the region In each SSM group, one router will be the speaker, and all the adjacent routers will be the listeners.

Join/Leave mechanisms No explicit join/leave Join deemed following New router added Router rebooted/power restored Leave deemed following Router crashes Router shut down/power fails

Forward/backward secrecy For user applications, PFS and PBS can be important For PIM-SM, legitimate routers are allowed to receive future messages This will reduce the work of the GCKS and simplify the required group key management

Functions of GCKS Maintain membership information of all SSM groups Generate keys for each SSM group, and distribute keys to all pertinent routers Maintain key hygiene: re-key as necessary Authenticate individual routers

Functions 2 When new router joins region, it is speaker for its group, and its neighbors are listeners. Need to send new key to (n+1) routers. Refreshing the sequence numbers (for anti-replay) will be non-trivial Re-initialize SAs, or Inform new router of current sequence #s

Contact Information PPT/PDF of these slides are at www.cse.concordia.ca/~bill/internet-drafts/ IETF67-KeyManagement.ppt or IETF67-KeyManagement.pdf Email addresses bill@cse.concordia.ca salek_is@cse.concordia.ca

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.