1 HIP 5201-bis Update Robert Moskowitz Verizon Telcom and Business Tobias Heer RWTH Aachen University March 31, 2011

Slides:



Advertisements
Similar presentations
Doc.: IEEE /147March 2000 TGe SecuritySlide 1 The Status of TGe S Draft Text Jesse Walker Intel Corporation (503)
Advertisements

IETF 71: NETLMM Working Group – Proxy Mobile IPv6 1 Proxy Mobile IPv6 111 draft-ietf-netlmm-proxymip6-11.txt IETF 71: NETLMM Working Group – Proxy Mobile.
Doc.: IEEE wng0 Submission June 2010 Robert Moskowitz (ICSAlabs/VzB)Slide 1 Project: IEEE P Working Group for Wireless Personal.
Crypto Agility and Key Wrap Attributes for RADIUS Glen Zorn Joe Salowey Hao Zhou Dan Harkins.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Henric Johnson1 Ola Flygt Växjö University, Sweden IP Security.
IPsec – IKE CS 470 Introduction to Applied Cryptography
Configuration of a Site-to-Site IPsec Virtual Private Network Anuradha Kallury CS 580 Special Project August 23, 2005.
Creating an IPsec VPN using IOS command syntax. What is IPSec IPsec, Internet Protocol Security, is a set of protocols defined by the IETF, Internet Engineering.
1 Workshop on algorithms and parameters for Electronic Signatures November 25, Brussels.
CMS Interoperability Matrix Jim Schaad Soaring Hawk Security.
IETF 77 1 HIP mobility (RFC 5206bis) issue review March 31, 2011 Tom Henderson (editor)
WG RAQMON Internet-Drafts RMON MIB WG Meeting Washington, Nov. 11, 2004.
1 Notification Rate Control draft-ietf-sipcore-event-rate-control th IETF,
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Simple Authentication schemes for ALC and NORM draft-ietf-rmt-simple-auth-for-alc-norm-00 IETF 73 – Minneapolis, November 2008 Vincent Roca (INRIA)
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 Module 3 City College of San.
IPsec IPsec (IP security) Security for transmission over IP networks –The Internet –Internal corporate IP networks –IP packets sent over public switched.
1 Authentication Algorithm Document Discussions CCSDS Security Working Group Fall 2007 Meeting 3-5 October 2007 ESA/ESOC, Darmstadt Germany (Hotel am Bruchsee,
March 15, 2005 IETF #62 Minneapolis1 EAP Discovery draft-adrangi-eap-network-discovery-10.txt Farid Adrangi ( )
Transport Layer Security (TLS) IETF-72, Dublin July 27, 2008 Chairs: Eric Rescorla Joseph Salowey.
Certificate Requests to HIP Jani Pellikka 80 th IETF Mar 27 th – Apr 1 st 2011 Prague, Czech Republic.
Draft-ietf-dime-ikev2-psk-diameter-0draft-ietf-dime-ikev2-psk-diameter-08 draft-ietf-dime-ikev2-psk-diameter-09 in progress Diameter IKEv2 PSK: Pre-Shared.
Node Information Queries July 2002 Yokohama IETF Bob Hinden / Nokia.
Doc.: IEEE Submission November 2009 Robert Moskowitz (ICSAlabs/VzB)Slide 1 Project: IEEE P Working Group for Wireless Personal.
Doc.: IEEE HIP-over-TG9 Submission May 2012 Robert Moskowitz, Verizon Slide 1 Project: IEEE P Working Group for Wireless Personal.
1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,
1 /10 Pascal URIEN, IETF 80 th, Tuesday 29 th March 2011, Prague, Czech Republic draft-irtf-hiprg-rfid-02 HIP support for RFIDs
Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010
1 The HIP Diet Exchange HIP DEX Robert Moskowitz Verizon Telcom and Business Innovation Group March 29, 2011
1 The HIP Diet Exchange HIP DEX Robert Moskowitz ICSA labs an Independent Division of Verizon Business July 26, 2010
ANSI X9.44 and IETF TLS Russ Housley and Burt Kaliski RSA Laboratories November 2002.
Session Traversal Utilities for NAT (STUN) IETF-92 Dallas, March 26, 2015 draft-ietf-tram-stunbis Marc Petit-Huguenin, Gonzalo Salgueiro.
Currently Open Issues in the MIPv6 Base RFC MIPv6 security design team.
July 2007 CAPWAP Protocol Specification Editors' Report July 2007
Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems July 30, 2009 Slides presented.
Public Key Infrastructure Using X.509 (PKIX) Working Group March 20,
KeyProv PSKC Specification Philip Hoyer Mingliang Pei Salah Machani 74 nd IETF meeting, San Francisco Nov
Slide 1 August 2005, Paris, FranceIETF DNSEXT 2929bis etc. Donald E. Eastlake 3 rd
ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.
RSA Data Security, Inc. PKCS #13: Elliptic Curve Cryptography Standard Burt Kaliski RSA Laboratories PKCS Workshop October 7, 1998.
Slide 1 November 2005, Vancouver, BCIETF DNSEXT 2929bis etc. Donald E. Eastlake 3 rd
Traceroute Storage Format and Metrics draft-niccolini-ippm-storetraceroutes-03 Saverio Niccolini, Sandra Tartarelli, Juergen Quittek Network Laboratories,
1 Randomized Hashing: Secure Digital Signatures without Collision Resistance Shai Halevi and Hugo Krawczyk IBM Research
03/22/10 draft-zhang-hip-privacy-protection- 00 Dacheng Zhang Miika Komu An Extension of HIP Base Exchange to Support Identity Privacy.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
KeyProv PSKC Specification Mingliang Pei Authors: P. Hoyer, M. Pei and S. Machani 73 nd IETF meeting, Minneapolis, Nov
Draft-ietf-ccamp-lmp-02.txt Link Management Protocol (LMP) LMP draft updates…  draft-ietf-ccamp-lmp-07.txt  draft-ietf-ccamp-lmp-wdm-01.txt  draft-ietf-ccamp-lmp-test-sonet-sdh-00.txt.
Module 4: Configuring Site to Site VPN with Pre-shared keys
September 2009 doc.: IEEE June 2010
VPNs and IPSec Review VPN concepts Encryption IPSec Lab.
RADEXT WG RADIUS Attribute Guidelines
Dan Brown, Certicom Research November 10, 2004
CSE 4905 IPsec II.
Donald E. Eastlake 3rd TSIG SHA etc. Donald E. Eastlake 3rd March.
IKEv2 Mobility and Multihoming Protocol (MOBIKE)
BPSEC Updates Edward Birrane
IBM Z Dataset Encryption: How does the mechanism encryption function?
September 2009 doc.: IEEE June 2010
September 2009 doc.: IEEE June 2010
Robert Moskowitz, Verizon
September 2009 doc.: IEEE November 2009
STIR WG IETF-100 PASSPorT Extension for Resource-Priority Authorization (draft-ietf-stir-rph-01) November, 2017 Ray P. Singh, Martin Dolly, Subir Das,
draft-ietf-dtn-bpsec-06
July 2013 Project: IEEE P Working Group for Wireless Personal Area Networks (WPANs) Submission Title: Technical Decisions for KMP transport Date.
Digital Signature Standard (DSS)
Chapter 6 IP Security.
Robert Moskowitz, Verizon
Presentation transcript:

1 HIP 5201-bis Update Robert Moskowitz Verizon Telcom and Business Tobias Heer RWTH Aachen University March 31, 2011

2 Purpose of this presentation An update on HIP BEX, rfc5201-bis progress – Crypto Agility – General Changes – Editorial Changes – What's Left

3 Crypto Agility Crypto Agility for signature algorithms Crypto Agility for hash functions Real Crypto Agility for DH (not just “pick one from two”) This also includes: – HIT, RHASH, HMAC ECC and SHA-X for HIP

4 General Changes Rename some Parameters (e.g. HIP_MAC) to make them more general Better Security Considerations Section (it seems rather outdated) Introduced lists for negotiation – DH List, HIT Suite List Increase Version Number and change title of document

5 Editorial Changes Many clarifications Better Terminology section Clearer Parameter descriptions Fixed some remaining bugs and inconsistencies from 5201

6 What's Left Use List-based negotiation for transport formats (ESP) – Requires changes to the ESP document RFC5202-bis OGA in ORCHID document – Note prefix NOT listed by IANA If so, BackToMyMAC MAY have used HIP instead of reinventing pieces of HIP IESG comments on 5201 datatracker.ietf.org/doc/draft-ietf-hip-base/writeup/ – Randomize hashing in signatures (should be quick) – Negotiation of KDF – Combine encryption modes

7 What's Left More IESG comments on 5201 – Different RSA mode OAEP/PSS – Crypto Agility for HMAC – SHA-1 is outdated (we covered that) – Use of incoming IP addresses Might affect MM draft, too – Interactions with complex SPDs may result in weird effects

8 Questions?

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2025 SlidePlayer.com. Inc. All rights reserved.