Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris.

Slides:

Advertisements

Similar presentations

RadSec – A better RADIUS protocol

Advertisements

Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Internet Protocol Security (IP Sec)

Z39.50 and Cryptography ZIG July 13 th 2000 Poul Henrik Jørgensen, DBC

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Performance and Efficiency in Wireless Security Terry Fletcher, Senior Security Architect Chrysalis-ITS

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

IETF OAuth Proof-of-Possession

Lecture 23 Internet Authentication Applications

Cryptography and Network Security

Mobile Mobile OS and Application Team: Kwok Tak Chi Law Tsz Hin So Ting Wai.

Lesson 11-Virtual Private Networks. Overview Define Virtual Private Networks (VPNs). Deploy User VPNs. Deploy Site VPNs. Understand standard VPN techniques.

IEEE Wireless Local Area Networks (WLAN’s).

EECC694 - Shaaban #1 lec #16 Spring Properties of Secure Network Communication Secrecy: Only the sender and intended receiver should be able.

ACE – Design Considerations Corinna Schmitt IETF ACE WG meeting July 23,

Chapter 17 TACACS+.

SSL (Secure Socket Layer) and Secure Web Pages Rob Sodders, University of Florida CIS4930 “Advanced Web Design” Spring 2004

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

1 Confidential Authentication Session Hannes Tschofenig.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Directory and File Transfer Services Chapter 7. Learning Objectives Explain benefits offered by centralized enterprise directory services such as LDAP.

Authorization architecture sketches draft-selander-core-access-control-02 draft-gerdes-core-dcaf-authorize-02 draft-seitz-ace-design-considerations-00.

LEVERAGING UICC WITH OPEN MOBILE API FOR SECURE APPLICATIONS AND SERVICES Ran Zhou 1 9/3/2015.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

ACE BOF, IETF-89 London Authentication and Authorization for Constrained Environments (ACE) BOF Wed 09:00-11:30, Balmoral BOF Chairs: Kepeng Li, Hannes.

Report from the “Smart Object Security Workshop 23 rd March 2012, Paris” Presenter: Hannes Tschofenig.

Smart Object Security Workshop 23 rd March 2012, Paris.

1 Lecture 14: Real-Time Communication Security real-time communication – two parties interact in real time (as opposed to delayed communication like )

Transport Layer Security (TLS) in TWAMP ? New Mode for Control Protocol Al Morton November 9, 2008.

Andreas Steffen, , 11-SSH.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen M. Liebi Institute for Internet Technologies and Applications.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

Practices in Security Bruhadeshwar Bezawada. Key Management Set of techniques and procedures supporting the establishment and maintenance of keying relationships.

Learning Aid Type Text Page 206 MGS GROUP C Svitlana Panasik.

Encryption and Security Dylan Anderson Michael Huffman Julie Rothacher Dylan Anderson Michael Huffman Julie Rothacher.

(Preliminary) Gap Analysis Hannes Tschofenig. Goal of this Presentation The IETF has developed a number of security technologies that are applicable to.

Cryptography and Network Security (SSL)

IT:Network:Apps.  RRAS does nice job of routing ◦ NAT is nice ◦ BASIC firewall ok but somewhat weak  Communication on network (WS to SRV) is in clear.

IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.

Module 8: Designing Security for Authentication. Overview Creating a Security Plan for Authentication Creating a Design for Security of Authentication.

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

Middleware for Secure Environments Presented by Kemal Altıntaş Hümeyra Topcu-Altıntaş Osman Şen.

Public Key Encryption.

© 2006 Cisco Systems, Inc. All rights reserved. Network Security 2 Module 4: Configuring Site to Site VPN with Pre-shared keys.

CS 4244: Internet Programming Security 1.0. Introduction Client identification and cookies Basic Authentication Digest Authentication Secure HTTP.

SSL (TLS) Part 2 Generating the Premaster and Master Secrets + Encryption.

Guidelines for Cryptographic Algorithm Agility Russ Housley IETF 89 - SAAG Session.

©Stephen Kingham SIP Protocol overview SIP Workshop APAN Taipei Taiwan 23rd Aug 2005 By Stephen Kingham

Smart Objects and the Internet Architecture Fred Baker.

Potential vulnerabilities of IPsec-based VPN

EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.

Wireless and Mobile Security

SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Chapter 14 Network Encryption

© 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1 © 2010 Cisco and/or its affiliates. All rights reserved. Cisco Confidential.

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.

Dan Boneh Introduction Course Overview Online Cryptography Course Dan Boneh.

Cryptography and Network Security Chapter 1. Background  Information Security requirements have changed in recent times  traditionally provided by physical.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

TEE: TLS Authentication Using EAP draft-nir-tls-eap-02.txt Yoav Nir Yaron Sheffer (presenter) Hannes Tschofenig Peter Gutmann IETF-70, Vancouver, Dec.

Submission doc.: IEEE /313r1 March 2016 Guido R. Hiertz, Ericsson et al.Slide 1 The benefits of Opportunistic Wireless Encryption Date:

Lesson Introduction ●Authentication protocols ●Key exchange protocols ●Kerberos Security Protocols.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Phil Hunt, Hannes Tschofenig

Secure Sockets Layer (SSL)

SSH – the practical solution

Presentation transcript:

Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris

How do the communication relationships look like? For example: Does your smart object talk to only a small set of pre-defined servers?

Following the recommendations in RFC 4101 “Writing Protocol Models” helps to make these important design aspect transparent.

What security threats do you care about? What security services do you have to offer?

RFC 3552 “Guidelines for Writing RFC Text on Security Considerations” offers valuable guidance.

TLS (or DTLS) may be the right building block for your problem; it also offers a lot of flexibility. Different credentials (pre-shared secrets, passwords, asymmetric crypto, etc.) Various authentication and key exchange protocols Numerous algorithms for usage with data traffic protection Session Resumption (with and without server-side state) Alternative key validation techniques Possibility to replace record layer

Unfortunately, there is no magic! Lower footprint means fewer functions or more dependencies/assumptions

Note: The code was compiled under Ubuntu Linux using the -Os compiler flag setting for a 64- bit AMD machine.

Parts omitted by raw public key implementation