July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16, 2003 1300 - 1500.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Advertisements

Internet Protocol Security (IP Sec)
Washinton D.C., November 2004 IETF 61 st – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena.
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
1Nokia Siemens Networks Presentation / Author / Date University of Twente On the Security of the Mobile IP Protocol Family Ulrike Meyer and Hannes Tschofenig.
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
AAA Mobile IPv6 Application Framework draft-yegin-mip6-aaa-fwk-00.txt Alper Yegin IETF 61 – 12 Nov 2004.
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
Overview of the Mobile IPv6 Bootstrapping Problem James Kempf DoCoMo Labs USA Thursday March 10, 2005.
SIPPING IETF51 3GPP Security and Authentication Peter Howard 3GPP SA3 (Security) delegate
Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
Eugene Chang EMU WG, IETF 70
Doc: Submission September 2003 Dorothy Stanley (Agere Systems) IETF Liaison Report September 2003 Dorothy Stanley – Agere Systems IEEE.
EMU BOF EAP Method Requirements Bernard Aboba Microsoft Thursday, November 10, 2005 IETF 64, Vancouver, CA.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.
DIME WG IETF 79 DIME WG Status & Other Stuff Thursday, November 11, 2010 Jouni Korhonen, Lionel Morand.
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.
EAP Key Framework Draft-ietf-eap-keying-01.txt IETF 58 Minneapolis, MN Bernard Aboba Microsoft.
EAP Keying Problem Draft-aboba-pppext-key-problem-03.txt Bernard Aboba
Doc.: IEEE /1572r0 Submission December 2004 Harkins and AbobaSlide 1 PEKM (Post-EAP Key Management Protocol) Dan Harkins, Trapeze Networks
July 16, Diameter EAP Application (draft-ietf-aaa-eap-02.txt) on behalf of...
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
July 16, 2003AAA WG, IETF 571 EAP Keying Framework Draft-aboba-pppext-key-problem-07.txt EAP WG IETF 57 Vienna,
IETF65 DIME WG V. Fajardo, A. McNamee, J. Bournelle and H. Tschofenig Diameter Inter Operability Test Suites (draft-fajardo-dime-interop-test-suite-00.txt)
AAA WG 47 th IETF Adelaide, Australia. Agenda Thursday Agenda, 3:30 – 5:30 PM –Agenda bashing –Document status Network access AAA requirements (AAA WG.
Guidelines for Cryptographic Algorithm Agility Russ Housley IETF 89 - SAAG Session.
Doc.: IEEE /1062r0 Submission September 2004 F. Bersani, France Telecom R&DSlide 1 Dominos, bonds and watches: discussion of some security requirements.
November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.
IEEE MEDIA INDEPENDENT HANDOVER DCN: Sec Title: Considerations on use of TLS for MIH protection Date Submitted: January 14, 2010.
EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.
ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,
IETF 57 PANA WG PANA Discussion and Open Issues (draft-ietf-pana-pana-01.txt) Dan Forsberg, Yoshihiro Ohba, Basavaraj Patil, Hannes Tschofenig, Alper Yegin.
Draft-ietf-aaa-diameter-mip-15.txt Tom Hiller et al Presented by Pete McCann.
RADEXT WG IETF 81 Agenda July 25, Please join the Jabber room:
March 19, 2003AAA WG, IETF 561 AAA WG Meeting IETF 56 San Francisco, CA March 19, 2003.
Washinton D.C., November 2004 IETF 61 st – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-02) Gerardo.
Wireless Network Security CSIS 5857: Encoding and Encryption.
Nov. 9, 2004IETF61 PANA WG PANA Specification Last Call Issues Yoshihiro Ohba, Alper Yegin, Basavaraj Patil, D. Forsberg, Hannes Tschofenig.
Presentation at ISMS WG Meeting1 ISMS – March 2005 IETF David T. Perkins.
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
Key Management in AAA Russ Housley Incoming Security Area Director.
N. Asokan, Kaisa Nyberg, Valtteri Niemi Nokia Research Center
Channel Binding Support for EAP Methods Charles Clancy, Katrin Hoeper.
RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.
1 Mobility for IPv6 [MIP6] November 12 th, 2004 IETF61.
San Diego, August 2004 IETF 60 th – mip6 WG MIPv6 authorization and configuration based on EAP (draft-giaretta-mip6-authorization-eap-01) Gerardo Giaretta.
IPSec is a suite of protocols defined by the Internet Engineering Task Force (IETF) to provide security services at the network layer. standard protocol.
Minneapolis, March 2005 IETF 62 nd – mip6 WG Goals for AAA-HA interface (draft-giaretta-mip6-aaa-ha-goals-00) Gerardo Giaretta Ivano Guardini Elena Demaria.
Transport Layer Security (TLS) IETF 73 Thursday, November Chairs: Eric Rescorla Joe Salowey.
1 EAP-MAKE2: EAP method for Mutual Authentication and Key Establishment, v2 EMU BoF Michaela Vanderveen IETF 64 November 2005.
1 Extensible Authentication Protocol (EAP) Working Group IETF-57.
K. Salah1 Security Protocols in the Internet IPSec.
7/24/2007IETF69 PANA WG1 PANA Issues and Resolutions draft-ietf-pana-pana-17.txt draft-ietf-pana-framework-09.txt Yoshihiro Ohba Alper Yegin.
11/20/2002AAA Agenda- IETF 55 Atlanta1 Authentication, Authorization, Accounting (AAA) WG Chairs: Bernard Aboba Dave Mitton.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-05.txt Bernard Aboba Microsoft IETF 62, Minneapolis, MN.
Open issues with PANA Protocol
RADEXT WG RADIUS Attributes for WLAN Draft-aboba-radext-wlan-00.txt
Phil Hunt, Hannes Tschofenig
Diameter NASReq Application Status
IETF-70 EAP Method Update (EMU)
PEKM (Post-EAP Key Management Protocol)
Presentation transcript:

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,

July 16, 2003AAA WG, IETF 572 Agenda Preliminaries (15 minutes) –Bluesheets –Minute Takers –Agenda Bashing –Document Status Diameter Mobile IPv4, Tom Hiller (15 minutes) – Diameter NASREQ, David Mitton (15 minutes) – Diameter EAP, Jari Arkko (15 minutes) – Diameter Credit Control Application, John Loughney (15 minutes) – Diameter Multimedia Application, Miguel Garcia (15 minutes) – AAA key management review, Bernard Aboba (15 minutes) Roadmap (15 minutes)

July 16, 2003AAA WG, IETF 573 Document Status Charter: Published as an RFC –Transport: RFC 3539 In RFC Editor Queue –Diameter Base-17 IESG Review completed –Diameter MIPv4-14 Completed AAA WG Last Call and comment resolution –NASREQ-12 Work in progress –Diameter EAP –Diameter Credit Control Initial reviews in progress –Diameter Multimedia Dropped due to lack of interest –Diameter CMS

July 16, 2003AAA WG, IETF 574 AAA Key Management Review Bernard Aboba Microsoft IETF 57 Vienna, Austria

July 16, 2003AAA WG, IETF 575 Key Management Overview Key Management requirements presented by Russ Housley at IETF 56 EAP Key Management Framework document to provide system analysis –EAP, AAA, Secure Association requirements –Detailed discussion in EAP WG 2 nd session AAA documents can no longer reference Diameter CMS (work discontinued) –Best alternative is Diameter Re-direct Outstanding Issues –Key naming/binding (EAP Key Framework) –Re-direct authorization

July 16, 2003AAA WG, IETF 576 Acceptable solution MUST… –Be algorithm independent protocol For interoperability, select at least one suite of algorithms that MUST be implemented –Response Diameter supports IKE, TLS security –Can negotiate ciphersuites, security parameters for protecting AAA sessions EAP provides algorithm, media independence –Any EAP method can work with any media and ciphersuite EAP provides a mandatory-to-implement method –Issue: Mandatory method does not support key derivation or mutual authentication

July 16, 2003AAA WG, IETF 577 Acceptable solution MUST… Establish strong, fresh session keys –Maintain algorithm independence Include replay detection mechanism Response –Diameter security protocols (TLS, IKE) negotiate strong, fresh session keys to protect traffic, provide replay protection Key strength, replay protection can be provided regardless of key management algorithm –Key strength, Replay protection are security claims for EAP methods Issue: Not all methods will provide “strong” keys Issue: Not all methods will provide replay protection –Proposal to add Key freshness requirement Nonce exchange in EAP method guarantees MSK/EMSK freshness, unique key naming Nonce exchange in secure association protocol guarantees freshness of transient session keys even if MSK/EMSK is not fresh

July 16, 2003AAA WG, IETF 578 Acceptable solution MUST… Authenticate all parties –Maintain confidentiality of authenticator –NO plaintext passwords Response –EAP does not support PAP –Diameter requires mutual authentication between NAS and AAA server, supports confidentiality Issue: authorization issues being addressed –Mutual authentication required for key-deriving EAP methods, secure association protocol –Question: What does “maintain confidentiality of authenticator” mean? Support for identity privacy?

July 16, 2003AAA WG, IETF 579 Acceptable solution MUST also … Perform client and NAS authorization Response –Client authorization issues being addressed in RFC 2284bis –NAS/AAA server authorization issues being addressed in NASREQ, Diameter EAP

July 16, 2003AAA WG, IETF 5710 Acceptable solution MUST also … Maintain confidentiality of session keys Response –MSK transport is protected by Diameter transport security (IPsec, TLS) –Re-direct can restrict MSK access to those with “need to know” (NAS, AAA server, EAP peer) –Transient Session Keys are derived via secure association protocol

July 16, 2003AAA WG, IETF 5711 Acceptable solution MUST also … Confirm selection of “best” ciphersuite –Secure association protocol responsible for secure capabilities negotiation Used for communication of data between the EAP peer and NAS –Diameter security (IPsec, TLS) provides for secure negotiation of security parameters –EAP methods negotiate ciphersuites for use in protecting the EAP conversation Issue: Should we require that this negotiation be protected?

July 16, 2003AAA WG, IETF 5712 Acceptable solution MUST also … Uniquely name session keys Response –Work in progress EAP SA name: –Potential for multiple EAP SAs between an EAP peer and EAP server MK name: MSK name: –Binds the MSK to a particular NAS, avoids (inappropriate) reuse –Called-Station-Id best candidate for NAS Name since EAP peer may not know NAS-Identifier or NAS-IP-Address EMSK name: TSK name: Since names may be long, hash of the name used as a surrogate –Issue: How do the NAS, EAP peer and AAA server come to agree on the Key names? NAS operates in pass-through, does not have access to MK or EMSK

July 16, 2003AAA WG, IETF 5713 Acceptable solution MUST also … Compromise of a single NAS cannot compromise any other part of the system, including session keys and long-term keys Response –MK, EMSK only available to EAP peer, server, not to the NAS –Key freshness required in EAP method, secure association protocol –Requires that MSK, TEKs, TSKs at one NAS not be derivable based on quantities at another NAS For “fast handoff”, implies that master session keys be on different branches of the key hierarchy –Diameter security uses dynamic, not static session keys, and well understood ciphersuites Compromise of one NAS will not reveal Diameter session keys of another NAS Issue: Do we need to say not to use the same IKE pre-shared key for every NAS?

July 16, 2003AAA WG, IETF 5714 Acceptable solution MUST also … Bind key to appropriate context Response –Peer-Server Binding is implicit; no explicit key lifetime negotiation or EAP SA “delete” message –NAS-Peer Binding of TSKs to securely negotiated capabilities is the responsibility of the secure association protocol Binding of the key to the secure association SA the responsibility of the secure association protocol –AAA server-NAS Binding and context provided by Grouped Key AVP –Issue: Does the key name need to be provided along with the key in the Key Grouped AVP? –Issue: What other AVPs are needed to define the context?

July 16, 2003AAA WG, IETF 5715 Summary We are making progress Key naming and binding issues the most challenging System analysis work will occur in EAP WG as part of Key Management Framework document

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.