IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 1 Multicast Security  Quo Vadis?  René Struik.

Slides:



Advertisements
Similar presentations
Internet Security CSCE 813 IPsec
Advertisements

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Sri Lanka Institute of Information Technology
DICE BOF, IETF-87 Berlin DTLS In Constrained Environments (DICE) BOF Wed 15:10-16:10, Potsdam 3 BOF Chairs: Zach Shelby, Carsten Bormann Responsible AD:
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Chapter 5 Network Security Protocols in Practice Part I
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
Wired Equivalent Privacy (WEP)
Doc.: IEEE e Submission November 13, 2008 René Struik (Certicom Research)Slide 1 Project: IEEE P Working Group for Wireless.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
Submission January, 2005 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.
1 Accounting, Authentication and Authorization Issues in “Well Managed” IP Multicasting Services November 9, 2005 Tsunemasa Hayashi
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.
1 Network Security Lecture 8 IP Sec Waleed Ejaz
IPSec IPSec provides the capability to secure communications across a LAN, across private and public wide area networks (WANs) and across the Internet.
Chapter 15: Electronic Mail Security
Network Security. 2 SECURITY REQUIREMENTS Privacy (Confidentiality) Data only be accessible by authorized parties Authenticity A host or service be able.
Dr. Reuven Aviv, Nov 2008 Conventional Encryption 1 Conventional Encryption & Message Confidentiality Acknowledgements for slides Henric Johnson Blekinge.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
Submission January, 2005 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.
IP Security: Security Across the Protocol Stack. IP Security There are some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS.
Stein-67 Slide 1 PWsec draft-stein-pwe3-pwsec-00.txt PWE3 – 67 th IETF 7 November 2006 Yaakov (J) Stein.
Draft-ietf-fecframe-config-signaling-02 1 FEC framework Configuration Signaling draft-ietf-fecframe-config-signaling-02.txt IETF 76 Rajiv Asati.
ROLL RPL Security IETF 77 status
Doc.: IEEE Submission September 16, 2004 Poor & Struik / Ember & CerticomSlide 1 Project: IEEE P Working Group for Wireless Personal.
PGP & IP Security  Pretty Good Privacy – PGP Pretty Good Privacy  IP Security. IP Security.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Encapsulated Security Payload Header ● RFC 2406 ● Services – Confidentiality ● Plus – Connectionless integrity – Data origin authentication – Replay protection.
Submission November, 2003 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.
Doc.: IEEE Submission March 17, 2005 Poor & Struik / Ember & CerticomSlide 1 Project: IEEE P Working Group for Wireless Personal.
Cryptography and Network Security Chapter 16 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.
Doc.: IEEE Submission November 16, 2004 Poor & Struik / Ember & CerticomSlide 1 Project: IEEE P Working Group for Wireless Personal.
Doc.: IEEE Submission November 18, 2004 Poor & Struik / Ember & CerticomSlide 1 Project: IEEE P Working Group for Wireless Personal.
Doc.: IEEE /174r0 Submission March, 2003 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.
Internet Security CSCE 813 IPsec. CSCE813 - Farkas2 TCP/IP Protocol Stack Application Layer Transport Layer Network Layer Data Link Layer.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
Doc.: Submission March 21, 2013 René Struik (Struik Security Consultancy)Slide 1 FILS Handling of Large Objects Date: Authors:
Doc.: IEEE /610r0 Submission November 2001 Tim Moore, Microsoft 802.1X and key interactions Tim Moore.
OSPF WG Security Extensions for OSPFv2 when using Manual Keying Manav Bhatia, Alcatel-Lucent Sam Hartman, Huawei Dacheng Zhang, Huawei IETF 80, Prague.
Copyright 2004 MayneStay Consulting Group Ltd. - All Rights Reserved Jan-041 Security using Encryption Security Features Message Origin Authentication.
1 IPSec: An Overview Dr. Rocky K. C. Chang 4 February, 2002.
K. Salah1 Security Protocols in the Internet IPSec.
Doc.: Submission February 5, 2013 René Struik (Struik Security Consultancy)Slide 1 FILS Handling of Large Objects Date: Authors:
Doc.: Submission May 14, 2013 Rene Struik (Struik Security Consultancy)Slide 1 FILS Piggy-Backing Aspects Date: Authors: NameCompanyAddressPhone .
@Yuan Xue CS 285 Network Security IP Security Yuan Xue Fall 2013.
1 Network Security. 2 Security Services Confidentiality: protection of any information from being exposed to unintended entities. –Information content.
June 16, 2018 doc.: IEEE r0 January, 2005
June 17, 2018 doc.: IEEE r0 January, 2005
In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia
ROLL RPL Security IETF 77 status
IPSec IPSec is communication security provided at the network layer.
FILS Handling of Large Objects
FILS Handling of Large Objects, FILS Piggy-Backing
FILS Handling of Large Objects
December 7, 2018 doc.: IEEE r0 July, 2003
FILS Handling of Large Objects
February 24, 2019 doc.: IEEE r0 July, 2003
FILS Handling of Large Objects
doc.: IEEE <doc#>
Presentation transcript:

IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 1 Multicast Security  Quo Vadis?  René Struik

IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 2 Outline 1.Multicast Security:  Confidentiality  Authentication  Replay Protection 2.Suggested approach:  Use of DTLS record layer format as is  Security processing  Compatibility of multicast security with DTLS 3.Changes to:  draft-keoh-dice-multicast-security-08  draft-kumar-dice-groupcomm-security-00

IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 3 Multicast Security:  Confidentiality  Authentication  Replay Protection

IETF-91, DICE Working Group November 10, 2014 Multicast Security Objectives Security services defined in terms of  Group membership  Sender of multicast message  Recipient(s) of multicast message  Locally maintained status information Security services:  Confidentiality: Assurance that received information is only available to group members  Authentication:  Group authentication: assurance that source of information is group member  Source authentication: assurance of precise originator of received information  Replay protection: Assurance that information from specific source is received at most once  Timeliness:not provided Assurance that received information is “relatively fresh” (not “stale”)

IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 5 Suggested approach:  Reuse of DTLS record layer format as is  Security processing  Coexistence with DTLS1.2

IETF-91, DICE Working Group November 10, 2014 Slide 6 DTLS Record Layer format: Multicast Security Record Layer format (group authentication): Multicast Security Record Layer format (source authentication): Ciphertext Content type EpochVersion Ma | Mi Sequence number Length 12262n Ciphertext Content type EpochVersion Ma | Mi Sequence number Length 12262n Ciphertext (w/ signature) Content type EpochVersion Ma | Mi Sequence number Length 12262n Format comparison

IETF-91, DICE Working Group November 10, 2014 Slide 7 DTLS Record Layer:  Look-up key = G(sender, {sender, recipient}, key id)  Apply inverse AEAD cipher (decrypt/check authenticity) Multicast Security Record Layer format (group authentication):  Look-up key = G(sender, group, group key id)  Apply inverse AEAD cipher (decrypt/check authenticity) Multicast Security Record Layer format (source authentication):  Look-up key = G(sender, group, group key id)  Look-up signature verification key = L(sender, local info)  Apply inverse AEAD cipher (decrypt/check authenticity)  Apply signature verification operation (check signature) Processing comparison (at recipient’s end)

IETF-91, DICE Working Group November 10, 2014 Slide 8 Device implementing multicast security:  DTLS traffic received as is (since unicast)  Multicast traffic received and processed as proposed  Same AEAD processing Device implementing DTLS, but not implementing multicast security:  DTLS traffic received as is (since unicast)  Multicast traffic dropped on the floor Coexistence (at recipient’s end)

IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 9 Changes to:  draft-keoh-dice-multicast-security-08  draft-kumar-dice-groupcomm-security-00

IETF-91, DICE Working Group November 10, 2014 Changes to draft-keoh-dice-multicast-security-08 Changes:  Align record format so as to coincide with TLS record format  Remove SenderID (this re-instates 6-octet SequenceNumber)  Make sure nonce reuse does not occur  Use derived key f(group key, sender), rather than using group key directly NOTE1: here, group key is determined from{Multicast IP destination address, port} NOTE2: sender is originator’s IP address (which assumes role of SenderID)  Define local logic for key look-up  Look-up group key = G(sender, group, group key id) NOTE: with DTLS, key = G(sender, key id) = G’(sender, recipient, key id), So one can use uniform local key look-up NOTE:  No changes to replay protection (via comparison of SequenceNumber of packet and locally maintained status information) required

IETF-91, DICE Working Group November 10, 2014 Changes to draft-kumar-dice-groupcomm-security-00 Changes:  Align record format so as to coincide with TLS record format  Use same format as suggested with draft-keoh-dice-multicast-security-08  Make sure nonce reuse does not occur  Use derived key f(group key, sender), rather than using group key directly NOTE1: here, group key is determined from{Multicast IP destination address, port} NOTE2: sender is originator’s IP address (which assumes role of SenderID)  Define local logic for key look-up  Look-up group key = G(sender, group, group key id) NOTE: with DTLS, key = G(sender, key id) = G’(sender, recipient, key id), So one can use uniform local key look-up  Define local logic for signature look-up  Look-up signature verification key = L(sender, local info) NOTE:  No changes to replay protection (via comparison of SequenceNumber of packet and locally maintained status information) required

IETF-91, DICE Working Group November 10, 2014 Next Steps Write new draft, borrowing from current discussion

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.