Access control for IP multicast T Petri Jokela

Contents ● Unicasting / multicasting ● HIP – User authentication ● Certificates – User authorization ● Certificate based Multicast Access Control - C-MAC ● Future work ● Summary

Multicasting ● Unicasting – Point-to-point connection – Multiple receivers -> resources wasted ● Multicasting – One outgoing stream, multiplied near recipients – How to control stream receiving?

I 3 based multicast ● Traffic is sent with a stream identifier – Chord routing protocol used for data routing ● End-user sets a trigger at an I 3 server – Receive a stream ● stream identifier in the trigger – Traffic unicasted from the server to the end-user

IP multicasting Source Router Host Join... Join multicast group X Multicast routing protocol Send to IPv4: /4 IPv6: ff00::/8 Join multicast group -IGMP Router broadcasts

HIP usage ● The end-user authentication – During HIP 4-way handshake – End-user sends HI (public key) – Use private key to prove HI ownership ● IPsec usage – Data decryption key information sent over IPsec ESP

Certificates ● SPKI certificates – RFC2693 ● Certificate – 5-tuple, containing: – Issuer: Who gives the rights – Subject: To who this certificate gives rights – Authorization: What this certificate authorizes the subject to do – Validity: How long this cert is valid – Delegation: Can the subject delegate this further? – Certificate signed with issuer’s private key

Certificate delegation ● Certificate delegated: new and old cert concatenated – Issuer: itself – Subject: next retailer or end-user – Authorization: subset of original – Validity: subset of original – Delegation: depends on subject – Signature over the whole certificate chain ● The receiver can validate – Knows the first public key – Goes through the certificate chain

C-MAC parties Source Router End-user Retailer Cert ok? Data stream Keying

C-MAC: certificate distribution Source Router End-user Retailer Cert ok? Data stream Keying

C-MAC operation: cert distribution ● The data source issues a certificate – Issuer: data source public key – Subject: retailer’s public key – Authorization: receive data multicasting X – Validity: how long valid – Delegation: yes ● Certificate given to a retailer ● Retailer can further delegate to another retailer ● Finally, certificate is sold to the end-user – Payment: VISA, other... – not specified here

C-MAC: authentication and authorization Source Router End-user Retailer Cert ok? Data stream HIP negotiation

C-MAC: end-user authentication and authorization ● End user joins a multicast group – HIP association with the router – Router learns end-hosts public key (HI) ● End user sends the certificate to the router – Router verifies the certificate chain – Verify the subject, must match the end-user HI – Make a verification to the last retailer – Retailer marks the certificate used

C-MAC: data transmission Source Router End-user Retailer Cert ok? Data stream Keying

C-MAC: Data transmission ● Data must be encrypted – IP multicast: sent to everyone on the link – Where? At the last router ● Valid receiver needs a key – The decryption key is sent to valid receivers – Key sent over the IPsec ESP ● Rekeying needed – How validity times are defined? – Minutes, hours, days,...? ● Problems – How to prevent end-user to redistribute the key? – And if prevented, how to prevent resending decrypted data?

Future work ● Trust relations between entities – How this system could be adopted in real business ● Security – No security analysis made on this (complex) system ● Performance optimization – Encoding of data – Key distribution ● Payment system – Not studied in this paper ● Prototyping

Summary ● Access Control system for IP multicast – IP multicasting – Certificates for access control ● certificate chain – User authentication ● HIP – Data encryption ● A lot of work to do

Thank you!