Mobility Solutions BCMCS Key Derivation Procedure Harmonization with IETF SRTP.

Slides:

Advertisements

Similar presentations

Fall VoN 2000 SIP Servers SIP Servers: A Buyers Guide Jonathan Rosenberg Chief Scientist.

Advertisements

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.

MIKEY Capability Discovery Seokung Yoon (Korea Information Security Agency) draft-seokung-msec-mikey-capability-discovery-00.txt.

Time Synchronization Protocols and Security IETF tictoc working group 28 July 2011 Karen ODonoghue

Internet Protocol Security (IP Sec)

EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.

Sun Microsystems, Inc. Security for Mobile IP in the 3G Networks Pat R. Calhoun Network and Security Center Sun Microsystems, Inc.

H. 323 and firewalls: Problem Statement and Solution Framework Author: Melinda Shore, Nokia Presenter: Shannon McCracken.

1 Lecture 15: IPsec AH and ESP IPsec introduction: uses and modes IPsec concepts –security association –security policy database IPsec headers –authentication.

Doc.: IEEE /0408r0 Submission March 2004 Colin Blanchard, BTSlide 1 3GPP WLAN Interworking Security Colin Blanchard British Telecommunications.

Page 1 3GPP2 Broadcast and Multicast Service Contact: Jun Wang, Qualcomm Inc.

ICE Jonathan Rosenberg dynamicsoft. Issue 1: Port Restricted Flow This case does not work well with ICE right now Race condition –Works if message 13.

RTSP NAT Traversal Update Magnus Westlund (Ericsson) Thomas Zeng (PVNS, an Alcatel company) IETF-60 MMUSIC WG draft-ietf-mmusic-rtsp-nat-03.txt.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

WPA2 By Winway Pang. Overview  What is WPA2?  Wi-Fi Protected Access 2  Introduced September 2004  Two Versions  Enterprise – Server Authentication.

Introduction to Kerberos Kerberos and Domain Authentication.

Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.

SIP Security BY, Vivek Nemarugommula. vulnerabilities Registration Hijacking.

3Com Confidential Proprietary 3G CDMA AAA Function Yingchun Xu 3COM.

Improving MBMS Security in 3G Wenyuan Xu Rutgers University.

QUALCOMM Incorporated 1 Protocol Options for BSN- BSMCS Controller Interface Jun Wang, Kirti Gupta 05/16/2005 Notice: Contributors grant a free, irrevocable.

Presents Fall Forum H.235 Security Status Quo and Perspectives Presented by Martin Euchner, Rapporteur Q.G/16 Siemens AG.

16 June Lucent Technologies grants a free, irrevocable license to 3GPP2 and its Organizational Partners to incorporate text or other copyrightable.

1/19 BCMCS Support In IS-820-C (Stage 2) Lijun Zhao QUALCOMM July 20th, 2004.

1 3GPP2 GBA Overview Adrian Escott Chair, TSG-S WG4 24 May 2006.

Session Recording (SIPREC) Protocol (draft-ietf-siprec-protocol-09) Leon Portman Henry Lum

A Technical Review of ROC, Cryptographic Context, Indices, and Sliding Windows.

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,

EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.

EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

Audio/Video Transport Core Maintenance Working Group Magnus Westerlund Roni Even Jabber room:

ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.

Dec GPP2 TSG-X PDS 1 BCMCS Higher-Layer Encryption Raymond Hsu, Jun Wang Qualcomm Inc. Dec Notice QUALCOMM Incorporated grants a free, irrevocable.

Internet Key Exchange IKE ● RFC 2409 ● Services – Constructs shared authenticated keys – Establishes shared security parameters – Common SAs between IPSec.

11 IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-00-sec Title: Summary of Proposed Security Solutions Date Submitted: March 12, 2010 Present at.

CLUE RTP usage Andy Pepperell

SRI International 1 Topology Dissemination Based on Reverse-Path Forwarding (TBRPF) Richard Ogier September 21, 2002.

Csci388 Wireless and Mobile Security – Key Hierarchies for WPA and RSN

Magnus Westerlund 1 The RTSP Core specification draft-ietf-mmusic-rfc2326bis-06.txt Magnus Westerlund Aravind Narasimhan Rob Lanphier Anup Rao Henning.

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Session Traversal Utilities for NAT (STUN) IETF-92 Dallas, March 26, 2015 draft-ietf-tram-stunbis Marc Petit-Huguenin, Gonzalo Salgueiro.

1 3GPP2 GBA Overview Adrian Escott Chair, TSG-S WG4 24 May 2006.

IETF #65 Network Discovery and Selection Problem draft-ietf-eap-netsel-problem-04 Farooq Bari Jouni Korhonen.

OSPF WG Cryptographic Algorithm Implementation Requirements for OSPF draft-bhatia-manral-crypto-req-ospf-00.txt Vishwas Manral, IPInfusion Manav Bhatia,

Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.

IPSec  general IP Security mechanisms  provides  authentication  confidentiality  key management  Applications include Secure connectivity over.

RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.

IPSec – IP Security Protocol By Archis Raje. What is IPSec IP Security – set of extensions developed by IETF to provide privacy and authentication to.

IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.

KERBEROS SYSTEM Kumar Madugula.

1 End-to-middle Security in SIP Kumiko Ono NTT Corporation March 1, 2004 draft-ietf-sipping-e2m-sec-reqs-01.txt draft-ono-sipping-end2middle-security-01.txt.

1 SAMSUNG BCMCS Security Architecture and Key Management JUNHYUK SONG SAMSUNG Incorporated grants a free, irrevocable license to 3GPP2 and its Organization.

1 BCMCS Framework Jun Wang, Philip Hawkes, Raymond Hsu, Paul Bender Sept. 12, 2002 Notice QUALCOMM Incorporated grants a free, irrevocable license to 3GPP2.

Erik Nicholson COSC 352 March 2, WPA Wi-Fi Protected Access New security standard adopted by Wi-Fi Alliance consortium Ensures compliance with different.

@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.

SDP Security Descriptions for Media Streams draft-ietf-mmusic-sdescriptions-02.txt November 14, 2003 Flemming Andreasen Mark Baugher.

1 BCMCS Framework TSG-X BCMCS Adhoc August 20, 2003.

End-to-middle Security in SIP

RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt

SBSM BOF Session-Based Security Model for SNMPv3

Phil Hunt, Hannes Tschofenig

J.W. Atwood PIM WG 2010/03/23 The KARP Working Group J.W. Atwood PIM WG 2010/03/23

CSE 4905 IPsec II.

IETF#67 – 5-10 November 2006 FECFRAME requirements (draft-ietf-fecframe-req-01) Mark Watson.

ERP extension for EAP Early-authentication Protocol (EEP)

Proposal for VoIP term project

Presentation transcript:

Mobility Solutions BCMCS Key Derivation Procedure Harmonization with IETF SRTP

Proprietary information - Lucent Technologies 2 SRTP Keying hierarchy Using BCMCS terms, SRTP keying starts at BAK –SRTP considers Key Management done by external protocols SRTP has two levels of key hierarchy: –Session-level Master key (equivalent to BAK) Delivered somehow by external means –Traffic level keys SK encrypt, SK auth, SK salt Derived locally from BAK and packet index Used to encrypt RTP, encrypt and authenticate RTCP

Proprietary information - Lucent Technologies 3 Comparison between BCMCS and SRTP BCMCS 1.Longer Term Session key (BAK) 2. One key (SK) for traffic protection Encryption only Key Derived from BAK 3.SK Manager (server) tells when to change SK 4.SK derivation is defined by 3GPP2 SRTP 1.Longer Term Session Key (Master Key) 2. Three keys for traffic protection SK encrypt, SK auth, SK salt Key Derived from MK 3. SK’s are changed by an internal counter - SRTP session parameter key_derivation_rate 4. SRTP RFC mandates its own key derivation algorithm BAK is equivalent to SRTP Master key both are allowed attributes (lifetime, key_id, etc) both are at most session-long, but can be changed sooner

Proprietary information - Lucent Technologies 4 Proposed solution – Preferred Modify proposed BCMCS SK derivation algorithm –Make it compliant with SRTP draft Advantages –Similar Key Hierarchy with current BAK (BAK->SK) –Compatibility with SRTP out-of-box –Need to deliver only BAK and parameters to SRTP and BCMCS BAK_id, BAK lifetime, SK derivation rate –Ability to secure both RTP and RTCP RTCP mandates authentication, so one SK not enough Disadvantages: –Requires change to BCMCS Security Framework document

Proprietary information - Lucent Technologies 5 Proposed solution – Alternative Use BCMCS SK as Master key (BAK equiv) in SRTP Advantages: –Avoids changing the current BCMCS Security Framework Disadvantages: –SK has no attributes (new work – add items) –SK is likely to change much more frequently than either BAK or SRTP Master key, so efficiency may suffer –Introduces unnecessary extra key level in the hierarchy Secondary short-term session keys