Ahmad Alsadeh, 12-05-2015 Augmented SEND: Aligning Security, Privacy, and Usability Dr. Ahmad Alsadeh Birzeit University Palestine.

Slides:



Advertisements
Similar presentations
A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,
Advertisements

SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.
Internet Protocol Security (IP Sec)
Chapter 14 – Authentication Applications
10: ICMPv6 Neighbor Discovery
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
ZyXEL Confidential Address Autoconfiguration Feng Zou SW2 ZyXEL Communications Corp. 04/11/2006.
Neighbor Discovery for IPv6 Mangesh Kaushikkar. Overview Introduction Terminology Protocol Overview Message Formats Conceptual Model of a Host.
1 IPv6. 2 Problem: 32-bit address space will be completely allocated by Solution: Design a new IP with a larger address space, called the IP version.
Implementing IPv6 Module B 8: Implementing IPv6
IPv6 Network Security.
2: Comparing IPv4 and IPv6 Rick Graziani Cabrillo College
A Survey of Secure Wireless Ad Hoc Routing
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
1 Mobile IP Myungchul Kim Tel:
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)
An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.
An Authentication Service Against Dishonest Users in Mobile Ad Hoc Networks Edith Ngai, Michael R. Lyu, and Roland T. Chin IEEE Aerospace Conference, Big.
1 CS 194: Distributed Systems Security Scott Shenker and Ion Stoica Computer Science Division Department of Electrical Engineering and Computer Sciences.
Guide to TCP/IP Fourth Edition
Alexander Potapov.  Authentication definition  Protocol architectures  Cryptographic properties  Freshness  Types of attack on protocols  Two-way.
Bootstrapping Key Infrastructures Max Pritikin IETF 91, 10 Nov 2014 Aloha!
Masud Hasan Secure Project 1. Secure It uses Digital Certificate combined with S/MIME capable clients to digitally sign and.
Csci5233 Computer Security1 GS: Chapter 6 Using Java Cryptography for Authentication.
Wolfgang Schneider NSI: A Client-Server-Model for PKI Services.
Mobile IP: Introduction Reference: “Mobile networking through Mobile IP”; Perkins, C.E.; IEEE Internet Computing, Volume: 2 Issue: 1, Jan.- Feb. 1998;
CSCE 715: Network Systems Security Chin-Tser Huang University of South Carolina.
Summary of Certification Process (part 1). IPv6 Client IPv6 packets inside IPv4 packets.
7 IPv6: transition and security challenges Selected Topics in Information Security – Bazara Barry.
Masud Hasan Secue VS Hushmail Project 2.
Architectural Considerations for GEOPRIV/ECRIT Presentation given by Hannes Tschofenig.
Chapter 9: Using and Managing Keys Security+ Guide to Network Security Fundamentals Second Edition.
Module 3: Designing IP Addressing. Module Overview Designing an IPv4 Addressing Scheme Designing DHCP Implementation Designing DHCP Configuration Options.
SECURITY MANAGEMENT Key Management in the case of public-key cryptosystems, we assumed that a sender of a message had the public key of the receiver at.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Introduction1-1 Data Communications and Computer Networks Chapter 6 CS 3830 Lecture 31 Omar Meqdadi Department of Computer Science and Software Engineering.
King Mongkut’s University of Technology Faculty of Information Technology Network Security Prof. Reuven Aviv 6. Public Key Infrastructure Prof. R. Aviv,
Security Issues in PIM-SM Link-local Messages J.W. Atwood, Salekul Islam {bill, Department.
23-1 Last time □ P2P □ Security ♦ Intro ♦ Principles of cryptography.
1 Julien Laganier MEXT WG, IETF-79, Nov Authorizing MIPv6 Binding Update with Cryptographically Generated Addresses
Privacy Extensions for Stateless Address Autoconfiguration in IPv6(RFC 3041) 1.
ARSA: An Attack-Resilient Security Architecture for Multi-hop Wireless Mesh Networks Ki-Woong Park Computer Engineering Research Laboratory Korea Advanced.
Engineering Workshops Purposes of Neighbor Solicitation.
Matej Bel University Cascaded signatures Ladislav Huraj Department of Computer Science Faculty of Natural Sciences Matthias Bel University Banska Bystrica.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
Payment in Identity Federations David J. Lutz Universitaet Stuttgart.
Secure Neighbor Discovery in IPv6 Jari Arkko Ericsson Research James Kempf DoCoMo US Labs.
An Analysis of IPv6 Security CmpE-209: Team Research Paper Presentation CmpE-209 / Spring Presented by: Dedicated Instructor: Hiteshkumar Thakker.
CGA Extension Header for IPv6 draft-dong-savi-cga-header-03.txt Margaret Wasserman IETF 78, Maastricht July 2010.
A Source Address Validation Architecture (SAVA) and IETF SAVI Working Group Jun Bi Tsinghua University/CERNET Oct 20, 2008.
Security Patterns for Web Services 02/03/05 Nelly A. Delessy.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public BSCI Module 8 Lesson 3 1 BSCI Module 8 Lesson 3 Implementing Dynamic IPv6 Addresses.
Module 6: IPv6 Fundamentals. Introduction to IPv6 Unicast IPv6 Addresses Configuring IPv6.
ICMPv6 Error Message Types Informational Message Types.
Attacking on IPv6 W.lilakiatsakun Ref: ipv6-attack-defense-33904http://
Slide title In CAPITALS 50 pt Slide subtitle 32 pt SEND Certificate Profile draft-krishnan-cgaext-send-cert-eku-01 Suresh Krishnan Ana Kukec Khaja Ahmed.
Integrating Identity based Cryptosystem (IBC) with CGA in Mobile IPv6 draft-cao-mipshop-ibc-cga-00.txt Zhen Cao Hui Deng IETF #67.
DHCP Vrushali sonar. Outline DHCP DHCPv6 Comparison Security issues Summary.
2/25/2016CSI WG/IETF761 Open Source Project SEND & Extensions Beijing University of Posts & Telecommunications HUAWEI Yuhong LI (Speaker) Wendong WANG.
CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI.
IPv6 Security Issues Georgios Koutepas, NTUA IPv6 Technology and Advanced Services Oct.19, 2004.
Prof. Reuven Aviv, Nov 2013 Public Key Infrastructure1 Prof. Reuven Aviv Tel Hai Academic College Department of Computer Science Public Key Infrastructure.
Secure Proxy ND Support for SEND draft-krishnan-csi-proxy-send-00
Cryptography and Network Security
Ch.8 Dynamic IPv6 Address Allocation
Stateless Source Address Mapping for ICMPv6 Packets
Presentation transcript:

Ahmad Alsadeh, Augmented SEND: Aligning Security, Privacy, and Usability Dr. Ahmad Alsadeh Birzeit University Palestine

Ahmad Alsadeh, Neighbor Discovery Protocol (NDP) Fundamental protocol in IPv6 suite – Obtain configuration information – Determine when a neighbor is no longer reachable – Perform address resolution Local link protocol (subnet scope) Basic shield is not enough – NDP can suffer similar problems of ARP Spoofing IETF – RFC 4861 and RFC 4862 known as Neighbor Discovery Protocol (NDP) 2

Ahmad Alsadeh, Neighbor Discovery Protocol (NDP) NDP messages lack authentication Attacks might come from malicious – host – router NDP is vulnerable to many attacks – Spoofing – Replay – Rogue router Router Internet host Router 3

Ahmad Alsadeh, NDP Vulnerabilities (continue …) IETF efforts: – RFC 3756: IPv6 Neighbor Discovery (ND) Trust Models and Threats – RFC 3971: SEcure Neighbor Discovery (SEND) – RFC 3972: Cryptographically Generated Addresses (CGA) NDP Hacking Tools – Parasite6 – Alive6 – fake_router6 – detect-new-ip6 – dos-new-ip6 – flood_router6 – fake_advertiser6 – … THC-IPV6 : Attack toolkit 4

Ahmad Alsadeh, SEcure Neighbor Discovery (SEND) SEND is an integral part of NDP SEND offers three functionalities to NDP – Address Authentication (Address Ownership Proof) – Replay Protection – Authorization Delegation Discovery (ADD) 5

Ahmad Alsadeh, Hash (Kpub, Parameters) Interface IdentifierSubnet Prefix Source address = CGA (IPv6 address) CGA option= Kpub + other parameters Nonce option Timestamp option RSA Signature Option = Signature Sign(ND message) Verify signature with Kpub Verify Hash (Kpub, Parameters) = Interface Identifier SEND options are sent with the NDP message Host A Host B 64 bits 6 SEND (Simplified)

Ahmad Alsadeh, NDP Message Protected by SEND 7

Ahmad Alsadeh, RFC 3972: CGAs Generate/ Obtain an RSA key pair Pick a random Modifier Select a Sec value Set Collision Count to 0 Modifier (128 bits) 0 (64 bits) 0 (8bits) RSA Kpub (variable) SHA-1 Hash2 (112 bits) 0 16xSec leftmost Hash2 bits must be zero 16xSec =0? Increment Modifier No Final Modifier (128 bits) Subnet prefix (64 bits) Collision Count (8bits) RSA Kpub (variable) SHA-1 Hash1 (160 bits) 64 bits Subnet prefix Yes Secug CGA Hash Extension CGA parameters Check the uniqueness of IPv6 address (DAD) 8 Address authentication (Address ownership proof) Sender’s public key is bounded to IPv6 address CGA generation algorithm

Ahmad Alsadeh, Problem Statement There are several factors that limit SEND deployment – SEND is compute-intensive and bandwidth-consuming – SEND high time complexity may lead to privacy-related attacks – Router Authorization Delegation Discovery (ADD) mechanism is at initial stage – SEND has not mature implementation for end user operating systems Publication: – Ahmad AlSa'deh, Christoph Meinel, "Secure Neighbor Discovery: Review, Challenges, Perspectives, and Recommendations," IEEE Security & Privacy, July-Aug

Ahmad Alsadeh, WinSEND: Windows SEND It is the first SEND implementation for Windows Ahmad Alsadeh and Hosnieh Rafiee – Winners of the 1st place in the International IPv6 Application Contest 2011, German IPv6 Council, Germany 10

Ahmad Alsadeh, Time-Based CGA (TB-CGA) Select a Time Parameter Modifier (128 bits) 0 (64 bits) 0 (8bits) RSA Kpub (variable) SHA-1 Hash2 (112 bits) 0 8xSec Exceed time? Increment Modifier No -Store the Modifier -Store the best Hash2 Select a Sec Modifier (128 bits) 0 (64 bits) 0 (8bits) RSA Kpub (variable) SHA-1 Hash2 (112 bits) 0 16xSec 16xSec = 0? Increment Modifier No Time-Based CGAStandard CGA 11 TB-CGA: Modifications to standard CGA – Select “time parameter” as an input – Keep track of the best found security level within determined time – Reduce the granularity of the security level from “16” to “8”

Ahmad Alsadeh, Privacy Concerns High Sec value may cause unacceptable delay It is likely that once a host generates an acceptable CGA, it will continue to use – this same address – the same public key Hosts using CGAs could be susceptible to privacy related attacks 12

Ahmad Alsadeh, CGA Privacy Extensions Three main modifications – Setting a CGA Address lifetime – Reducing the granularity of CGA security levels – Automatic key pair generation 13

Ahmad Alsadeh, SEND Router Authorization (Simplified) – Hosts provisioned with trust anchor(s) (TA) – Router has certificates from a TA – Two ICMPv6 messages – Certificate Path Solicitation (CPS) – Certificate Path Advertisement (CPA) – Two ICMPv6 Options – Trust anchor Option – Certificate Option – Hosts pick routers that can show a certificate chain to TA (1)(2) (3) Cert. Request Trust Anchor (TA0) Router R Host A CPS: I trust TA0, who are you? (4) CPA: I am R, here my Cert. Signed by TA0 (5) Trust Anchor X.509 cert Verify the Cert. aganst TA0 (6) If valid, use R as trust router (7) 14

Ahmad Alsadeh, Router Authorization Challenges CA Router Host Administrative boundary. CA A chain of trust is not easy to establish outside administrative boundaries 15

Ahmad Alsadeh, RPKI for SEND Certificate validation may be more complex – Long chain certificate authorization – It requires Public Key Infrastructure – No global root to authorized routers – Routers are required to perform a large number of operations Resource PKI (RPKI) can provide an attractive hierarchical infrastructure for SEND path discovery and validation Many ISPs do not support RPKI 16

Ahmad Alsadeh, Conclusion SEND is a promising technique to secure NDP SEND is still in trial stage Enhancing CGAs & SEND and make it simple and lightweight is very important. Otherwise, IPv6 network will be vulnerable to IP spoofing related attacks Among our contributions we hope to bring more usage and deployment of SEND and CGA in IPv6 networks 17

Ahmad Alsadeh, List of Publication Book Chapters – Ahmad AlSa'deh, Hosnieh Rafiee, and Christoph Meinel, SEcure Neighbor Discovery Review: a Cryptographic Solution for Securing IPv6 Local Link Operations. In CRYPSIS, pp , IGI Global, May – Tayo Arulogun, Ahmad AlSa'deh and Christoph Meinel. "Mobile IPv6: Mobility Management and Security Aspects." In Architectures and Protocols for Secure Information Technology Infrastructures, pp , Journals & Magazines – Ahmad AlSa'deh, Christoph Meinel, "Secure Neighbor Discovery: Review, Challenges, Perspectives, and Recommendations," IEEE Security & Privacy, vol. 10, no. 4, pp , July-Aug Conferences – Ahmad AlSa'deh, Christoph Meinel, Florian Westphal, Marian Gawron, and Björn Groneberg. “CGA integration into IPsec/IKEv2 authentication”. SIN '13. ACM, pp – Ahmad AlSa'deh, Hosnieh Rafiee, and Christoph Meinel, "IPv6 stateless address autoconfiguration: Balancing between security, privacy and usability," Foundations and Practice of Security, vol of Lecture Notes in Computer Science, pp – Ahmad AlSa’deh, Hosnieh Rafiee, Christoph Meinel, "Cryptographically Generated Addresses (CGAs): Possible Attacks and Proposed Mitigation Approaches," cit, pp , 2012 IEEE 12th International Conference on Computer and Information Technology, – Ahmad AlSa'deh, Hosnieh Rafiee, Christoph Meinel, "Stopping time condition for practical IPv6 Cryptographically Generated Addresses," icoin, pp , The International Conference on Information Network 2012, – Ahmad AlSa'deh, Feng Cheng, Christoph Meinel, "CS-CGA: Compact and more Secure CGA," icon, pp , – Ahmad AlSa’deh, Feng Cheng, Sebastian Roschke, and Christoph Meinel, “IPv4/IPv6 Handoff on Lock-Keeper for High Flexibility and Security,” in 4th IFIP International Conference onNew Technologies, Mobility and Security (NTMS), 2011, pp. 1–6. – Hosnieh Rafiee, Ahmad Alsa’deh, and Christoph Meinel, “WinSEND: Windows SEcure Neighbor Discovery,” SIN 2011, 2011, pp. 243–246. – Hosnieh Rafiee, Ahmad Alsa'deh, Christoph Meinel, "Multicore-based auto-scaling SEcure Neighbor Discovery for Windows operating systems," icoin, pp , – Tayo Arulogun, Ahmad AlSa’deh, and Christoph Meinel. "IPv6 Private Networks: security Consideration and Recommendations." In the Proceedings of the 4th International Conference on Mobile e-Services (ICOMeS) Oct. 16 – 17, Volume 4, ISBN:

Ahmad Alsadeh, Contact Information Ahmad Alsadeh, PhD Electrical and Computer Engineering Department Faculty of Engineering and Technology Birzeit University P.O.Box 14-Birzeit, Palestine Mobile: Phone: Fax:

Questions? 20

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.