Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.

Slides:

Advertisements

Similar presentations

Wireless LAN  Setup & Optimizing Wireless Client in Linux  Hacking and Cracking Wireless LAN  Setup Host Based AP ( hostap ) in Linux & freeBSD  Securing.

Advertisements

Fundamental Elliptic Curve Cryptography Algorithms draft-mcgrew-fundamental-ecc-02

EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.

Doc.: IEEE /0041r1 Submission NameAffiliationsAddressPhone Robert Sun; Yunbo Li; Edward Au; Phillip Barber Huawei Technologies Co., Ltd.

Doc.: IEEE /1429r0 Submission November 2011 Dan Harkins, Aruba NetworksSlide 1 A Protocol for FILS Authentication Date: Authors:

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Small(er) Footprint for TLS Implementations Hannes Tschofenig Smart Object Security workshop, March 2012, Paris.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

PlutoPlus: Policy and PKI Plans for FY00 Sheila Frankel Systems and Network Security Group Computer Security Division NIST

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.

An Introduction to Security Concepts and Public Key Infrastructure (PKI) Mary Thompson.

This work is supported by the National Science Foundation under Grant Number DUE Any opinions, findings and conclusions or recommendations expressed.

CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 17 Jonathan Katz.

802.1x EAP Authentication Protocols

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.

IEEE Wireless Local Area Networks (WLAN’s).

CMSC 414 Computer and Network Security Lecture 23 Jonathan Katz.

WLAN Security:PEAP Sunanda Kandimalla. Intoduction The primary goals of any security setup for WLANs should include: 1. Access control and mutual authentication,

Master Thesis Proposal By Nirmala Bulusu Advisor – Dr. Edward Chow Implementation of Protected Extensible Protocol (PEAP) – An IEEE 802.1x wireless LAN.

SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.

PKI Network Authentication Dartmouth Applications Robert Brentrup Educause/Dartmouth PKI Summit July 27, 2005.

1 Wireless LAN Security Kim W. Tracy NEIU, University Computing

1 Authentication Protocols Celia Li Computer Science and Engineering York University.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

Windows 2003 and 802.1x Secure Wireless Deployments.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 1 ver.2 Module 7 City College.

WIRELESS LAN SECURITY Using

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Eugene Chang EMU WG, IETF 70

EMU BOF EAP Method Requirements Bernard Aboba Microsoft Thursday, November 10, 2005 IETF 64, Vancouver, CA.

© 2006 Cisco Systems, Inc. All rights reserved. Optimizing Converged Cisco Networks (ONT) Module 6: Implement Wireless Scalability.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

Introduction to Public Key Infrastructure January 2004 CSG Meeting Jim Jokl.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 Module 3 City College of San.

UMD D EPARTMENT OF C OMPUTER S CIENCE D O D L ABORATORY FOR T ELECOMMUNICATION S CIENCES EAP-PAX draft-clacy-eap-pax-05 T. Charles Clancy

Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.

The PAK proposal for sacred WG Alec Brusilovsky

SEND Linux Implementation Report Jonathan Wood DoCoMo USA Labs IETF 58 November 2003.

Doc.: IEEE /524r0 Submission November 2001 Bernard Aboba, MicrosoftSlide 1 Secure Remote Password (SRP) Bernard Aboba Dan Simon Tim Moore Microsoft.

EMU BOF EAP-TLS Experiment Report RFC 2716 Bernard Aboba Microsoft Thursday, November 10, 2005 IETF 64, Vancouver, CA.

November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.

EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.

March 17, 2003 IETF #56, SAN FRANCISCO1 Compound Authentication Binding Problem (EAP Binding Draft) Jose Puthenkulam Intel Corporation (

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Csci388 Wireless and Mobile Security – Key Hierarchies for WPA and RSN

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Wireless Network Security CSIS 5857: Encoding and Encryption.

N. Asokan, Kaisa Nyberg, Valtteri Niemi Nokia Research Center

1 Secure Key Exchange: Diffie-Hellman Exchange Dr. Rocky K. C. Chang 19 February, 2002.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.

1 EAP-MAKE2: EAP method for Mutual Authentication and Key Establishment, v2 EMU BoF Michaela Vanderveen IETF 64 November 2005.

1 SECMECH BOF EAP Methods IETF-63 Jari Arkko. 2 Outline Existing EAP methods Technical requirements EAP WG process for new methods Need for new EAP methods.

@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.

Introduction to Port-Based Network Access Control EAP, 802.1X, and RADIUS Anthony Critelli Introduction to Port-Based Network Access Control.

Port Based Network Access Control

CLASSe PROJECT: IMPROVING SSO IN THE CLOUD Alejandro Pérez Rafael Marín Gabriel López

1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 draft-urien-eap-smartcard-06.txt “EAP-Support in Smartcard”

Wireless Security - Encryption Joel Jaeggli For AIT Wireless and Security Workshop.

Implementing Network-Edge Security with 802.1x

EAP Password Authenticated eXchange (PAX)

The Tunneled Extensible Authentication Method (TEAM)

SECURING WIRELESS LANS WITH CERTIFICATE SERVICES

IETF Liaison Report May 2004 Dorothy Stanley – Agere Systems

An EAP Authentication Method Based on Identity-Based Authenticated Key Exchange draft-cakulev-emu-eap-ibake-00 Violeta Cakulev

Presentation transcript:

Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh Department of Computer Science University of Maryland, College Park IETF 61, EAP WG November 10, 2004 draft-clancy-eap-pax-01

{} Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE PAX Introduction 2 round-trip MAC-based mutual authentication Supports provisioning with a weak pre-shared key Optional server-side certificate provides secure provisioning Supports key management with forward secrecy using Diffie-Hellman Optional support for identity protection (requires server-side certificate) Extensible ciphersuite

{} Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE Major Changes from -00 to -01 Address Crypto Concerns –mutual authentication –multiple uses of certain keys with different primitives Protocol Implementation Issues –identity protection paradox –new identity protection subprotocol Paranoia with MD5 and TLS-PRF –extensible key derivation function –support for HMAC-SHA1 and AES-CBC-MAC

{} Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE PAX_STD (no identity protection) A, SID, [PK, Cert PK ] [Enc PK ] (B, CID, MAC CK (A, B, CID, SID)) ServerClient ACK MAC CK (B, CID, SID) X, Y = rand(2 256 ) If keyUpdate thenA = g X, B = g Y, E = g XY elseA = X, B = Y, E = (X || Y) {AK’, CK, SessionKeys} = KDF(AK || E || KeyName)

{} Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE PAX_IDP (identity protection) M, SID, PK, Cert PK Enc PK (M, N, CID) ServerClient B, MAC CK (A, B, CID, SID) A, MAC N (A, CID, SID) M, N, X, Y = rand(2 256 ) If keyUpdate thenA = g X, B = g Y, E = g XY elseA = X, B = Y, E = (X || Y) {AK’, CK, SessionKeys} = KDF(AK || E || KeyName)

{} Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE Cryptographic Primitives Extensible Key Derivation Function –KDF16 X (Y) = MAC X (Y || 1) –KDF64 X (Y) = MAC X (Y || 1) || MAC X (Y || 2) || MAC X (Y || 3) || MAC X (Y || 4) Currently supported: –MAC:HMAC-SHA1-128 AES-CBC-MAC-128 –DH:3072-bit MODP Group [RFC3526] –PubKey:RSA-OAEP-2048

{} Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE PAX Implementation Currently Supports: –FreeRADIUS –XSupplicant –Authentication, Key Update Plan to Support: –Microsoft IAS –Windows XP Supplicant –Provisioning, Identity Protection Timings Experiment: –Cisco 1200 AP –Pentium 3 1.2GHz, Linux

{} Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE PAX Implementation Timings ProtocolPK CryptoRTTime (ms) PAX, no update PAX, key update PAX, provision - DH-3072 DH-3072/RSA N/A EAP-TLS DH-512/RSA-512 DH-3072/RSA PEAP-MSCHAPv2 DH-512/RSA-512 DH-3072/RSA TLS/PEAP used OpenSSL DSA-DH parameters, PAX used bit prime and 256-bit exponent as recommended in [RFC3766]