1 EAP-MAKE2: EAP method for Mutual Authentication and Key Establishment, v2 EMU BoF Michaela Vanderveen IETF 64 November 2005.

Slides:



Advertisements
Similar presentations
Doc.: IEEE /1186r0 Submission October 2004 Aboba and HarkinsSlide 1 PEKM (Post-EAP Key Management Protocol) Bernard Aboba, Microsoft Dan Harkins,
Advertisements

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.
EAP AKA Jari Arkko, Ericsson Henry Haverinen, Nokia.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Secure Socket Layer.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
CN8816: Network Security 1 Security in Wireless LAN i Open System Authentication Security Wired Equivalent Privacy (WEP) Robust Security Network.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 Pascal URIEN, IETF 61th, Washington DC, 10th November 2004 “draft-urien-eap-smartcard-type-00.txt” EAP Smart Card Protocol (EAP-SC)
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Cryptography and Network Security Chapter 17
CMSC 414 Computer (and Network) Security Lecture 21 Jonathan Katz.
CMSC 414 Computer and Network Security Lecture 16 Jonathan Katz.
IEEE Wireless Local Area Networks (WLAN’s).
Chapter 8 Web Security.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
Wireless security & privacy Authors: M. Borsc and H. Shinde Source: IEEE International Conference on Personal Wireless Communications 2005 (ICPWC 2005),
Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:
Wireless and Security CSCI 5857: Encoding and Encryption.
@Yuan Xue Network Security Review and Beyond Network Security.
Eugene Chang EMU WG, IETF 70
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
EMU BOF EAP Method Requirements Bernard Aboba Microsoft Thursday, November 10, 2005 IETF 64, Vancouver, CA.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.
Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)
Lecture 14 ISAKMP / IKE Internet Security Association and Key Management Protocol / Internet Key Exchange CIS CIS 5357 Network Security.
Cryptography and Network Security (CS435) Part Fourteen (Web Security)
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
Web Security : Secure Socket Layer Secure Electronic Transaction.
Cryptography and Network Security (SSL)
EAP Keying Problem Draft-aboba-pppext-key-problem-03.txt Bernard Aboba
Doc.: IEEE /1572r0 Submission December 2004 Harkins and AbobaSlide 1 PEKM (Post-EAP Key Management Protocol) Dan Harkins, Trapeze Networks
Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
UMD D EPARTMENT OF C OMPUTER S CIENCE D O D L ABORATORY FOR T ELECOMMUNICATION S CIENCES EAP-PAX draft-clacy-eap-pax-05 T. Charles Clancy
Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.
July 16, 2003AAA WG, IETF 571 EAP Keying Framework Draft-aboba-pppext-key-problem-07.txt EAP WG IETF 57 Vienna,
All Rights Reserved © Alcatel-Lucent 2007, ##### 1 | Presentation Title | January 2007 UMB Security Evolution Proposal Abstract: This contribution proposes.
Attacking IPsec VPNs Charles D George Jr. Overview Internet Protocol Security (IPSec) is a suite of protocols for authenticating and encrypting packets.
November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.
IEEE MEDIA INDEPENDENT HANDOVER DCN: Sec Title: Considerations on use of TLS for MIH protection Date Submitted: January 14, 2010.
EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.
EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.
SMUCSE 5349/7349 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.
Csci388 Wireless and Mobile Security – Key Hierarchies for WPA and RSN
Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,
Wireless Network Security CSIS 5857: Encoding and Encryption.
Presentation at ISMS WG Meeting1 ISMS – March 2005 IETF David T. Perkins.
RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.
KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.
1 SECMECH BOF EAP Methods IETF-63 Jari Arkko. 2 Outline Existing EAP methods Technical requirements EAP WG process for new methods Need for new EAP methods.
IETF-84 EMU TEAP Updates Nancy Joseph Salowey Hao Zhou
@Yuan Xue CS 285 Network Security Key Distribution and Management Yuan Xue Fall 2012.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
Cryptography CSS 329 Lecture 13:SSL.
Network security Presentation AFZAAL AHMAD ABDUL RAZAQ AHMAD SHAKIR MUHAMMD ADNAN WEB SECURITY, THREADS & SSL.
CSE 4905 IPsec II.
IETF-70 EAP Method Update (EMU)
The Tunneled Extensible Authentication Method (TEAM)
An EAP Authentication Method Based on Identity-Based Authenticated Key Exchange draft-cakulev-emu-eap-ibake-00 Violeta Cakulev
Presentation transcript:

1 EAP-MAKE2: EAP method for Mutual Authentication and Key Establishment, v2 EMU BoF Michaela Vanderveen IETF 64 November 2005

2 Key Features  Pre-shared keys –Separate for authentication and key derivation  MIC and key derivation use IEEE i PRF –Computationally light –No extra crypto code for terminals employing link- layer RSN based on IEEE  Secure ciphersuite negotiation –Encryption use is optional  Support for user identity privacy –Temporary user ID generation+delivery optional  Commercial deployment (v1)

3 Message Exchange (Bellare-Rogaway based) PeerServer Challenge(RANDS, ServerID) Challenge(RANDP, PeerID, SPIP, MIC) Confirm(SPIS, [EncrData], MIC) Confirm(MIC) EAP Success SPIP = Peer’s supported ciphers SPIS = Server’s chosen cipher EncrData = TempID, … MIC = computed over entire packet, both nonces and IDs

4 Identity Request/Response PeerServer MAKE/Identity(PermID_REQ, ServerID) MAKE/Identity(PeerID) Server obtains TempID but requires PermID Typical EAP-MAKE2 exchange follows

5 Authentication Failure PeerServer Challenge(RANDS, ServerID) Challenge(RANDP, PeerID, SPIP, MIC) EAP Failure Server finds MIC invalid

6 Authentication Failure (con’t) PeerServer Challenge(RANDS, ServerID) Challenge(RANDP, PeerID, SPIP, MIC) Confirm(SPIS, MIC) Auth-Reject EAP Failure Peer finds MIC invalid

7 Three-level Key Hierarchy Root Secret A pre-shared secret MAKE Master Secret (MMS-A) Transient EAP Keys (TEK-Auth, TEK-Cipher) Root Secret A pre-shared secret MAKE Master Secret (MMS-A) Session Keys (MSK, EMSK) RANDS RANDP cryptographically separate sign MIC encrypt attributes

8 Thank You

9 Security Claims & Vulnerabilities  Mutual Authentication  Integrity Protection  Replay protection  Confidentiality (optional)  Key derivation  Dictionary attack protection  Protected ciphersuite negotiation  No fragmentation  No channel binding  No crypto binding

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.