An EAP Authentication Method Based on Identity-Based Authenticated Key Exchange draft-cakulev-emu-eap-ibake-00 Violeta Cakulev Violeta.Cakulev@alcatel-lucent.com.

Slides:

Advertisements

Similar presentations

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Advertisements

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

Internet Security CSCE 813 IPsec. CSCE Farkas2 Reading Today: – Oppliger: IPSec: Chapter 14 – Stalllings: Network Security Essentials, 3 rd edition,

Chapter 8 Web Security.

ASYMMETRIC CIPHERS.

Security using Encryption Security Features Message Origin Authentication - verifying that the sender is who he or she says they are Content Integrity.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Web Security : Secure Socket Layer Secure Electronic Transaction.

Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)

Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.

UMD D EPARTMENT OF C OMPUTER S CIENCE D O D L ABORATORY FOR T ELECOMMUNICATION S CIENCES EAP-PAX draft-clacy-eap-pax-05 T. Charles Clancy

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

Chapter 3 (B) – Key Management; Other Public Key Cryptosystems.

Authentication of Signaling in VoIP Applications Authors: Srinivasan et al. (MIT Campus of Anna University, India) Source: IJNS review paper Reporter:

EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Secure Messenger Protocol using AES (Rijndael) Sang won, Lee

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced.

1 Secure Key Exchange: Diffie-Hellman Exchange Dr. Rocky K. C. Chang 19 February, 2002.

1 EAP-MAKE2: EAP method for Mutual Authentication and Key Establishment, v2 EMU BoF Michaela Vanderveen IETF 64 November 2005.

Pertemuan #8 Key Management Kuliah Pengaman Jaringan.

Network Security Chapter 8 roadmap 8.1 What is network security? 8.2 Principles of cryptography (confidentiality) 8.3 Message integrity 8.4 End-point authentication.

SSL: Secure Socket Layer By: Mike Weissert. Overview Definition History & Background SSL Assurances SSL Session Problems Attacks & Defenses.

Richard EAP-WAI Authentication Protocol Stockholm, IETF 75th draft-richard-emu-wai-00.

VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.

Reviews Rocky K. C. Chang 20 April 2007.

Asymmetric-Key Cryptography

Symmetric Cryptography

OAuth WG Conference Call, 11th Jan. 2013

Phil Hunt, Hannes Tschofenig

Cryptography and Network Security

網路環境中通訊安全技術之研究 Secure Communication Schemes in Network Environments

Transmission of IPv6 Packets over IEEE OCB Networks

Cryptography and Network Security

Katrin Hoeper Channel Bindings Katrin Hoeper

Secure Sockets Layer (SSL)

Identity Based Encryption

for IP Mobility Protocols

ERP extension for EAP Early-authentication Protocol (EEP)

Discussions on New Work Item of Distributed Authentication

IETF-70 EAP Method Update (EMU)

The Tunneled Extensible Authentication Method (TEAM)

CSE 4095 Transport Layer Security TLS, Part II

Just Fast Keying (JFK) Protocol

Cryptography and Network Security

Cryptography Basics and Symmetric Cryptography

CS 465 TLS Last Updated: Oct 31, 2017.

draft-ipdvb-sec-01.txt ULE Security Requirements

Path key establishment using multiple secured paths in wireless sensor networks CoNEXT’05 Guanfeng Li University of Pittsburgh, Pittsburgh, PA Hui Ling.

پروتكلهاي توزيع كليد دوسويه Two-Parti Key Distribution Protocols

The Secure Sockets Layer (SSL) Protocol

Security Properties Straw Polls

Workshop on algorithms and parameters for Electronic Signatures draft ETSI TS V ( ) November 25, Brussels.

Pre-Association Negotiation of Management Frame Protection (PANMFP)

Wireless Access Points

Key Establishment Protocols ~

Date:2011/09/28 報告人：向峻霈出處: Ren-Chiun Wang Wen-Shenq Juang

Lecture 10: Network Security.

Install AD Certificate Services

Transport Layer Security (TLS)

Secure How do you do it? Need to worry about sniffing, modifying, end-user masquerading, replaying. If sender and receiver have shared secret keys,

Security Activities in IETF in support of Mobile IP

IEEE MEDIA INDEPENDENT HANDOVER DCN: Sec

Cryptography and Network Security

Presentation transcript:

An EAP Authentication Method Based on Identity-Based Authenticated Key Exchange draft-cakulev-emu-eap-ibake-00 Violeta Cakulev Violeta.Cakulev@alcatel-lucent.com Ioannis Broustis Ioannis.Broustis @alcatel-lucent.com ITEF 80 – Prague

EAP-IBAKE EAP method that leverages IBAKE IBAKE – Identity Based Authenticated Key Exchange Mutual authentication through the use of identity-based encryption Derivation of exportable keying material Perfect forward and backward secrecy Escrow-free key agreement Security formally proven

IBAKE Framework Based on an Identity Based asymmetric cryptographic framework Every participant has a public and a private key Public key is identity based Private key corresponding to Public key is issued by a trusted Key Generation Function (KGF) Participants obtain private keys from KGF offline Security association between KGF and participant is pre-provisioned Encryption and Decryption of messages during EAP exchange based on Identity Based Encryption (IBE) Reference: Boneh et al., RFC 5091, RFC 5408, RFC 5409

EAP-IBAKE Exchange EAP-Request/IBAKE-ID EAP-Response/IBAKE-Challenge Peer (p) EAP-Request/IBAKE-ID EAP Server (s) EAP-Response/IBAKE-Challenge EAP-Request/IBAKE-Challenge EAP-Response/IBAKE-Challenge EAP-Request/IBAKE-Confirm EAP-Response/IBAKE-Confirm EAP-Success

EAP-IBAKE Messages SERVER PEER IDs, Crypto Proposals   Encr(K_PUBs,IDp), Encr(K_PUBs, Crypto Selection) Encr(K_PUBp, IDs, IDp, [Rs]P)   Encr(K_PUBp, IDs, IDp, [Rs]P, [Rp]P) Encr(K_PUBp, IDs, IDp, [Rp]P), Auth_S   Auth_P K_PUBp and K_PUBs - peer's and server's public keys Rp and Rs - random integers, chosen by Peer and Server Auth_S, Auth_P - signature fields to protect the integrity of the negotiated parameters P is a point on an elliptic curve Negotiated during IBAKE-ID exchange

EAP-IBAKE Features Identity Protection Ciphersuite negotiation Mutual authentication Reply protection Integrity protection Confidentiality Secure Key generation Session independence Fragmentation

Targeted Application European Telecommunications Standards Institute (ETSI) ETSI adopted IBAKE as a bootstrapping protocol (ETSI TS 102 690) ETSI is currently discussing what protocol to use to carry IBAKE messages EAP is one of the proposals

Next Step Does this fit current working group charter?