Key Management in AAA Russ Housley Incoming Security Area Director.

Slides:

Advertisements

Similar presentations

Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,

Advertisements

AUTHENTICATION AND KEY DISTRIBUTION

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Akshat Sharma Samarth Shah

The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

SSL Protocol By Oana Dini. Overview Introduction to SSL SSL Architecture SSL Limitations.

CS470, A.SelcukNeedham-Schroeder1 Needham-Schroeder Protocol Authentication & Key Establishment CS 470 Introduction to Applied Cryptography Instructor:

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

W i reless LAN Security Presented by: Pallavi Priyadarshini Student ID

Symmetric Key Distribution Protocol with Hybrid Crypto Systems Tony Nguyen.

An Initial Security Analysis of the IEEE 802.1x Standard Tsai Hsien Pang 2004/11/4.

WIRELESS SENSOR NETWORK SECURITY USING GROUP KEY MANAGEMENT SCHEME Presented By: Mohammed Saleh CS 599a Fall06.

Lecture 6 Networked Application Security IT 202—Internet Applications Based on notes developed by Morgan Benton.

1 CSE 651: Introduction to Network Security Steve Lai Spring 2010.

1 Wireless LAN Security Kim W. Tracy NEIU, University Computing

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,

What is in Presentation What is IPsec Why is IPsec Important IPsec Protocols IPsec Architecture How to Implement IPsec in linux.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

A History of WEP The Ups and Downs of Wireless Security.

IT 221: Introduction to Information Security Principles Lecture 6:Digital Signatures and Authentication Protocols For Educational Purposes Only Revised:

1 A Path Forward on Identity Agreement on a problem space –We all agree that E.164 numbers don’t work well with RFC4474 –Less agreement about the requirements.

Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.

© Synergetics Portfolio Security Aspecten.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.

1 Course Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt.

KAIS T Wireless Network Security and Interworking Minho Shin, et al. Proceedings of the IEEE, Vol. 94, No. 2, Feb Hyeongseop Shim NS Lab, Div. of.

EAP Keying Problem Draft-aboba-pppext-key-problem-03.txt Bernard Aboba

Karlstad University IP security Ge Zhang

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Doc.: IEEE /1867r1 Submission November r Security TeamSlide 1 TGr Security Requirements Notice: This document has been prepared to.

1 University of Palestine Information Security Principles ITGD 2202 Ms. Eman Alajrami 2 nd Semester

July 16, 2003AAA WG, IETF 571 EAP Keying Framework Draft-aboba-pppext-key-problem-07.txt EAP WG IETF 57 Vienna,

IM NTU Distributed Information Systems 2004 Security -- 1 Security Yih-Kuen Tsay Dept. of Information Management National Taiwan University.

Carrying Location Objects in RADIUS Hannes Tschofenig, Farid Adrangi, Avi Lior, Mark Jones.

The Impact of Evolving IT Security Concerns On Cornell Information Technology Policy.

EAP-PSK v8 IETF 63 – Paris, France August EAP-PSK: an independent submission to IESG Requested EAP method type number allocation Reviewed June 2005.

Topic 1 – Introduction Huiqun Yu Information Security Principles & Applications.

IEEE i Aniss Zakaria Survey Fall 2004 Friday, Dec 3, 2004

Guidelines for Cryptographic Algorithm Agility Russ Housley IETF 89 - SAAG Session.

Doc.: IEEE /1062r0 Submission September 2004 F. Bersani, France Telecom R&DSlide 1 Dominos, bonds and watches: discussion of some security requirements.

November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.

EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

Security in Wireless Sensor Networks by Toni Farley.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

Group 9 Chapter 8.3 – 8.6. Public Key Algorithms  Symmetric Key Algorithms face an inherent problem  Keys must be distributed to all parties but kept.

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

1 Number Theory and Advanced Cryptography 9. Authentication Protocols Chih-Hung Wang Sept Part I: Introduction to Number Theory Part II: Advanced.

March 19, 2003AAA WG, IETF 561 AAA WG Meeting IETF 56 San Francisco, CA March 19, 2003.

SSL(HandShake) Protocol By J.STEPHY GRAFF IIM.SC(C.S)

N. Asokan, Kaisa Nyberg, Valtteri Niemi Nokia Research Center

Dos and Don’ts of Client Authentication on the Web Kevin Fu, Emil Sit, Kendra Smith, Nick Feamster Presented: Jesus F. Morales.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

Extended QoS Authorization for the QoS NSLP Hannes Tschofenig, Joachim Kross.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

Cryptography CSS 329 Lecture 13:SSL.

RADIUS By: Nicole Cappella. Overview  Central Authentication Services  Definition of RADIUS  “AAA Transaction”  Roaming  Security Issues and How.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-05.txt Bernard Aboba Microsoft IETF 62, Minneapolis, MN.

1. Introduction In this presentation, we will review ,802.1x and give their drawbacks, and then we will propose the use of a central manager to replace.

OAuth WG Conference Call, 11th Jan. 2013

Phil Hunt, Hannes Tschofenig

The Tunneled Extensible Authentication Method (TEAM)

Component-Based Software Engineering: Technologies, Development Frameworks, and Quality Assurance Schemes X. Cai, M. R. Lyu, K.F. Wong, R. Ko.

Securing the CASP Protocol

CLIENT/SERVER COMPUTING ENVIRONMENT

Presentation transcript:

Key Management in AAA Russ Housley Incoming Security Area Director

Introduction Some people are concerned that a working group outside of the Security Area is designing a key management protocols. Why? –Key management protocols are subtle. –An expert can easily miss a flaw. –Peer review by multiple experts is essential.

Concerns with EAP Employs new key distribution architecture –Poorly understood security properties –Three party models have been well studied, but these do not align directly with AAA Select one end-to-end mechanism to protect distributed keys Needs robust key naming scheme Needs to establish fresh session keys Principle of least privilege not followed

Acceptable solution MUST… Be algorithm independent protocol –For interoperability, select at least one suite of algorithms that MUST be implemented Establish strong, fresh session keys –Maintain algorithm independence Include replay detection mechanism Authenticate all parties –Maintain confidentiality of authenticator –NO plaintext passwords

Acceptable solution MUST also … Perform client and NAS authorization Maintain confidentiality of session keys Confirm selection of “best” ciphersuite Uniquely name session keys Compromise of a single NAS cannot compromise any other part of the system, including session keys and long-term keys Bind key to appropriate context