Version 1 of EAP-TTLS draft-ietf-pppext-eap-ttls-05.txt Paul Funk Funk Software.

Slides:

Advertisements

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.

Advertisements

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

Web security: SSL and TLS

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

Lecture 6: Web security: SSL

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Secure Socket Layer.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.

EAP-TTLS Status draft-funk-eap-ttls-v0-00.txt draft-funk-eap-ttls-v1-00.txt draft-funk-tls-inner-application-extension-01.txt Paul Funk Funk Software.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

TCP/IP Protocol Suite 1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 30 Internet Security.

Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –

Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP x EAP API.

Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

Chapter 8 Web Security.

Seguridad en Sistemas de Información Francisco Rodríguez Henríquez SSL/TLS: An Introduction.

Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

Wireless and Security CSCI 5857: Encoding and Encryption.

32.1 Chapter 32 Security in the Internet: IPSec, SSL/TLS, PGP, VPN, and Firewalls Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction.

Eugene Chang EMU WG, IETF 70

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

_______________________________________________________________________________________________________________ E-Commerce: Fundamentals and Applications1.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

Proposed Transport Layer Security (TLS) Evidence Extensions Russ Housley IETF 67 – TLS WG Session.

1 /10 Pascal URIEN, IETF 66 h, Wednesday July 12 th,Montreal, Canada draft-urien-badra-eap-tls-identity-protection-00.txt

Cryptography and Network Security (SSL)

December 2008Prof. Reuven Aviv, SSL1 Web Security with SSL Network Security Prof. Reuven Aviv King Mongkut’s University of Technology Faculty of information.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.

SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

IETF 57 PANA WG PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.

Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.

Wireless Network Security CSIS 5857: Encoding and Encryption.

Secure Socket Layer SSL and TLS. SSL Protocol Peer negotiation for algorithm support Public key encryptionPublic key encryption -based key exchange and.

CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.

CSEN 1001 Computer and Network Security Amr El Mougy Mouaz ElAbsawi.

8-1 CSE 4707/5850 Network Security (2) SSL/TLS. 8-2 Think about Google or YouTube  Desired properties  Indeed the other side is Google or YouTube server.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

Page 1 of 17 M. Ufuk Caglayan, CmpE 476 Spring 2000, SSL and SET Notes, March 29, 2000 CmpE 476 Spring 2000 Notes on SSL and SET Dr. M. Ufuk Caglayan Department.

Apr 1, 2003Mårten Trolin1 Previous lecture Certificates and key management Non-interactive protocols –PGP SSL/TLS –Introduction –Phases –Commands.

PRESENTATION ON SECURE SOCKET LAYER (SSL) BY: ARZOO THAKUR M.E. C.S.E (REGULAR) BATCH

TLS/SSL Protocol Presented by: Vivek Nelamangala Includes slides presented by Miao Zhang on April Course: CISC856 - TCP/IP and Upper Layer Protocols.

PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt)

UNIT.4 IP Security.

CSCE 715: Network Systems Security

GSS-API based Authentication and Key Establishment in TLS

CSE 4095 Transport Layer Security TLS

SSL (Secure Socket Layer)

SSL Protocol Figures used in the presentation

Transport Layer Security (TLS)

Presentation transcript:

Version 1 of EAP-TTLS draft-ietf-pppext-eap-ttls-05.txt Paul Funk Funk Software

New Version of EAP-TTLS A version field is now defined in the Flag bits Previous version is 0, new version is 1. Version 1 features: –Session keys mixed with TLS master secret –Secure exchange of result of inner authentication –Exchange of inner AVPs moved from TLS data phase into TLS handshake New InnerApplication extension to TLS (TLS/IA) defined to carry inner AVPs within handshake TLS data phase is free for other uses EAP-TTLS v1 is one binding to TLS/IA Other protocols, such as HTTP, may also be bound to TLS/IA

TLS “InnerApplication” Extension (TLS/IA) Uses standard RFC 3546 extension mechanism –InnerApplication extension appended to ClientHello, confirmed in ServerHello TLS/IA handshake is multi-phase: –Initial phase: Normal TLS handshake Instantiate cipher suite to create tunnel –Application phase(s) (normally one, may be more): Exchange AVPs for authentication and other applications Permute TLS master secret based on session keys Instantiate cipher suite with new master secret Phase Transitions –PhaseFinished terminates each handshake phase prior to final –Finished terminates final handshake phase

Comparison of TLS Encapsulation Handshake msgsCCS/FinishedAVPs Handshake msgs CCS/PhaseFinishedAVPsCCS/FinishedThis space available In EAP-TTLS version 0 (as well as EAP-PEAP/FAST) In EAP-TTLS version 1 TLS handshakedata TLS/IA handshake data

Session Key Binding Inner session keys are mixed into master key and: –confirmed by Finished message –mixed into outer session keys (e.g. MPPE keys) TLS master secret permutation –Initial master key is derived as usual during initial handshake phase –Master key is permuted at the end of each application phase: PRF is applied to create 48-octet vector Any inner session keys developed during this phase are arithmetically added to vector Result is new master key –Master key at end of final phase is actual master key for session

Success/Failure Confirmation Handshake message confirmation: –Each PhaseFinished or Finished message confirms handshake messages in current and all previous handshake phases Inner authentication confirmation: –Success is signalled by exchange of Finished messages –Failure is signalled by TLS failure alert Exchange of Finished messages prevents truncation attack

Other Uses of TLS/IA As with previous version, inner AVPs can be use for various purposes: –authentication –key exchange –client integrity attestation –etc. TLS/IA can provide inner AVP capabilities to other protocols besides EAP-TTLS Possible other uses for TLS/IA: –HTTP with EAP authentication –Alternative to IKE for IPsec authenticated key establishment –Setting up SSL VPN

IETF Plans Split into 3 drafts: –EAP-TTLS v0, which is deployed and has several interoperable implementations –TLS/IA, the InnerApplication extension to TLS –EAP-TTLS v1, specified as an encapsulation of TLS/IA Submit each draft for RFC proposed standard status (weather permitting)