STIR Credentials IETF 88 (Vancouver) Wednesday Session Jon & Hadriel.

Slides:

Advertisements

Similar presentations

Chapter 14 – Authentication Applications

Advertisements

Key Management. Shared Key Exchange Problem How do Alice and Bob exchange a shared secret? Offline – Doesnt scale Using public key cryptography (possible)

Rfc4474bis-01 IETF 89 (London) STIR WG Jon & Cullen.

Off-the-Record Communication, or, Why Not To Use PGP

1 A Scalable Approach for the Secure and Authorized Tracking of the Availability of Entities in Distributed Systems Shrideep Pallickara, Jaliya Ekanayake.

A responsibility based model EDG CA Managers Meeting June 13, 2003.

Network Security Essentials Chapter 4

Authentication & Kerberos

DESIGNING A PUBLIC KEY INFRASTRUCTURE

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

16.1 © 2004 Pearson Education, Inc. Exam Planning, Implementing, and Maintaining a Microsoft® Windows® Server 2003 Active Directory Infrastructure.

 Authorization via symmetric crypto  Key exchange o Using asymmetric crypto o Using symmetric crypto with KDC  KDC shares a key with every participant.

November 1, 2006Sarah Wahl / Graduate Student UCCS1 Public Key Infrastructure By Sarah Wahl.

Presented by Xiaoping Yu Cryptography and PKI Cosc 513 Operating System Presentation Presented to Dr. Mort Anvari.

Copyright © B. C. Neuman, - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE Fall Security Systems Lecture notes Dr.

Copyright © Clifford Neuman - UNIVERSITY OF SOUTHERN CALIFORNIA - INFORMATION SCIENCES INSTITUTE CSci530: Computer Security Systems Authentication.

Key Management and Distribution. YSLInformation Security – Mutual Trust2 Major Issues Involved in Symmetric Key Distribution For symmetric encryption.

Domain Name System Security Extensions (DNSSEC) Hackers 2.

Identity in SIP (and in-band) STIR BoF Berlin, DE 7/30/2013.

IDENTITY MANAGEMENT Hoang Huu Hanh (PhD), OST – Hue University hanh-at-hueuni.edu.vn.

SIP Authorization Framework Use Cases Rifaat Shekh-Yusef, Jon Peterson IETF 91, SIPCore WG Honolulu, Hawaii, USA November 13,

Digital Certificates With Chuck Easttom. Digital Signatures  Digital Signature is usually the encryption of a message or message digest with the sender's.

Chapter 10: Authentication Guide to Computer Network Security.

Cisco Confidential © 2010 Cisco and/or its affiliates. All rights reserved. 1 SAN Certificate in Unity Connection Presenter Name: Bhawna Goel.

Chapter 14 Encryption: A Matter Of Trust. Awad –Electronic Commerce 2/e © 2004 Pearson Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic.

Trust Anchor Management Problem Statement 69 th IETF Trust Anchor Management BOF Carl Wallace.

Cryptography and Network Security Chapter 14 Fifth Edition by William Stallings Lecture slides by Lawrie Brown.

draft-kwatsen-netconf-zerotouch-01

General Key Management Guidance. Key Management Policy  Governs the lifecycle for the keying material  Hope to minimize additional required documentation.

1 Using EMV cards for Single Sign-On 26 th June st European PKI Workshop Andreas Pashalidis and Chris J. Mitchell.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian.

STIR Charter (discussion) STIR BoF Berlin, DE 7/30/2013.

Configuring Directory Certificate Services Lesson 13.

SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.

March 27, 2006TAGPMA - Rio de Janeiro1 Short Lived Credential Services Profile Tony J. Genovese The Americas Grid PMA DOEGridsATF/ESnet/LBNL.

1 Is DNSSEC a Burden? Thus far, DNSSEC adoption has been slow –In part, immaturity of the standards has been a past issue –Many trials, and some signed.

Credentials Roadmap STIR WG IETF 90 (Toronto) Sean Turner

Certificate Credentials STIR WG IETF 91 (Honolulu) Sean Jon.

Lecture 13 Page 1 Advanced Network Security Authentication and Authorization in Local Networks Advanced Network Security Peter Reiher August, 2014.

Public Key Infrastructure (X509 PKI) Presented by : Ali Fanian

1 caGrid Security Overview Mark Grand Senior Engineer caGrid Knowledge Center February 7, 2011.

Who’s watching your network The Certificate Authority In a Public Key Infrastructure, the CA component is responsible for issuing certificates. A certificate.

Merkle trees Introduced by Ralph Merkle, 1979 An authentication scheme

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Security in DNS(DNSSEC) Yalda Edalat Pramodh Pallapothu.

Rfc4474bis-01 IETF 90 (Toronto) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed,

1 IETF 88 (Vancouver) November 6, 2013 Cullen Jennings V3.

Advanced CAMP: BoF Summaries. 2 Role-based Access Control (RBAC)

Security fundamentals Topic 5 Using a Public Key Infrastructure.

Module 13: Enterprise PKI Active Directory Certificate Services (AD CS)

X.509 Proxy Certificates for Dynamic Delegation Ian Foster, Jarek Gawor, Carl Kesselman, Sam Meder, Olle Mulmo, Laura Perlman, Frank Siebenlist, Steven.

Rfc4474bis-03 IETF 92 (Texas) STIR WG Jon. First principles (yet again) Separating the work into two buckets: 1) Signaling – What fields are signed, signer/verifier.

Ch 6: DNSSEC and Beyond Updated DNSSEC Objectives of DNSSEC Data origin authentication – Assurance that the requested data came from the genuine.

User Authentication  fundamental security building block basis of access control & user accountability  is the process of verifying an identity claimed.

Fall 2006CS 395: Computer Security1 Key Management.

Csci5233 Computer Security1 Bishop: Chapter 14 Representing Identity.

Draft-peterson-modern- problems-04 Jon Peterson MODERN WG IETF 95 (Buenos Aires)

CRLite: A Scalable System for Pushing All TLS Revocations to All Browsers By Kartik Patel.

draft-rescorla-fallback-01

TeRI and the MODERN Framework

Cryptography and Network Security

Chris Wendt, David Hancock (Comcast)

Doug Bellows – Inteliquent 10/4/2018

IPNNI SHAKEN Enterprise Models: LEMON TWIST

STIR Certificate delegation

Enterprise Use Cases and A-Level Attestation

Enterprise Certificates DRAFT

Enterprise Use Cases and A-Level Attestation

Remote ATtestation ProcedureS (RATS)

Presentation transcript:

STIR Credentials IETF 88 (Vancouver) Wednesday Session Jon & Hadriel

Requirements Discussion Trying to identify some of the primary design decisions Credentials will require public and private keys – How we provision private keys and publish public keys Differences between proposed solutions can be elusive Let’s level-set and get on the same page

Enrollment How do signers get credentials? – Delegation from above? May be from regulators, or from other number holders Might be thousand blocks, or individual numbers – Proof of possession? Per Whatsapp, VIPR, etc. Weaker assertion, but still useful enough? Credential strength a critical dimension of this – Is there any usability story for weak credentials? – “Golden root” versus “silver sprouts” National-level delegation roots

Req: Delegation Much discussed on the list – Premise: anyone with a credential for a number may delegate to someone below them Non-exclusive, may delegate to multiple parties – Delegation may be all of the delegators authority, or only part of it If I have a thousand block, I can give you 999 numbers or just 1 Temporary delegation – One-time use – Doctor’s office case – Call centers – Need accountability for temporary delegation

Req: Credentials for Ranges Some entities will have authority over multiple numbers – Administrative domains could control millions of numbers In non-continuous ranges – Includes service providers, enterprises, resellers, etc. – Some entities will only have one number Ideally, a service provider should not have to have one credential per number – Expressing those ranges is an important decision here

Expiry, Revocation and Rollover All credentials will have a lifetime – Caching expressed as a TTL or similar lifetime indicator – Numbers change owners, get ported, transfer normally Sometimes keys will be compromised before their expiry – Some sort of real-time checking required DNS could set TTLs very low OCSP checks, but with some overhead Are these two forms of overhead equal?

Signer Provisioning How do signers acquire and manage private keys? – Self-generated and provisioned at the authority – Generated by the authority and downloaded to devices Intermediaries and enterprises – Provision keys for number blocks, sign on behalf of calls/texts passing by – May possess many keys End user terminals – Built into the device? – Downloaded from the authority? In both cases, may need keys for the same authority range provisioned in multiple places

Verifier Credential Acquisition Different methods of acquiring credentials – Push (credential arrives with the request) Caching unlikely – Pull (verifier acquires credential on receipt of request) Either dereferencing a URI or creating a fetch based on the originating number With caching – Prefetch (verifier gets top 500 keys) with pull Maybe pub/sub service – Others? Probably

Which credentials do verifiers need? Can we uniquely identify the needed credential based on TN alone? – Depends on how many authorities there are How many authorities and delegates per number? – Some kind of hint needed to disambiguate Identity-Info CIDER “public key index value”

Public or Confidential Database? How much information are we willing to make public? – Will we reveal the carrier of record? Okay when a call is received to know the originating carrier? – Receiving user vs. receiving carrier may be different More seriously, can an attacker mine a public database to reveal who owns all numbers? – Will we introduce VIPR-like privacy leaks If we make the database where verifiers get credentials confidential, how limiting will that prove? – How important is endpoint verification? Does trust become transitive if endpoints rely on intermediary verifiers?