Presentation is loading. Please wait.

Presentation is loading. Please wait.

CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI.

Published byAubrey Paul Modified over 8 years ago

Similar presentations

Presentation on theme: "CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI."— Presentation transcript:

1 CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI

2 CSI WG / IETF742/12 Planned SeND  Basic communications based on RFC3971  Extensions based on: draft-shen-csi-ecc (algorithm agility) draft-ietf-csi-hash-threat (algorithm agility) CGA and DHCPv6 interaction  Basic communications based on RFC3315 (Dibbler)  Extensions based on: draft-jiang-dhc-secure-dhcpv6 (DHCPv6 and CGA interaction) draft-jiang-sendcgaext-cga-config (DHCPv6 and CGA interaction )

3 CSI WG / IETF743/12 Rough Schedule Basic design and some testing so far Hope to have some code available by IETF75

4 CSI WG / IETF744/12 Platform Host Linux* RouterQuagga over Linux* SeND *Linux Distribution Ubuntu 8.04 Kernel version 2.6.24.6 DHCPv6 Client & ServerDibbler over Linux*

5 CSI WG / IETF745/12 System view – host

6 CSI WG / IETF746/12 SEND protocol module Implementation of SEND protocol in linux kernel –Process CPS/CPA message –Process ND message with SEND options –… Compatible to all specifications in RFC3971

7 CSI WG / IETF747/12 SEND config Tool A user mode configuration tool Provide command line interface to user Dynamically configure or control the behaviors of SEND protocol: –SEND option: whether SEND is used –Ignore option: whether unsecured message is silently discarded –… Options above is declared as module parameters in kernel

8 CSI WG / IETF748/12 SEND Daemon Perform secure related computations: – generation/verification of CGA address; – storage/verification of certificate paths and trust anchors; – generation/verification of RSA/ECC signatures. –… Flexible & scalable

9 CSI WG / IETF749/12 System view – router

10 CSI WG / IETF7410/12 Router Based on Quagga over Linux –Using the same OS kernel as host –The NDP implementation in Quagga is modified to support SEND features: CPS/CPA options processing CGA/RSA/ECC options processing –…

11 CSI WG / IETF7411/12 CGA and DHCPv6 interaction Extension of DHCPv6: –Add CGA and Signature options to DHCPv6 to verify messages –Server represents CGA address and CGA parameters in the IA option to assign address to client

12 CSI WG / IETF7412/12 Comments ?

Download ppt "CSI WG / IETF741/12 Implementation of SeND/CGA and Extensions Beijing University of Posts and Telecommunications HUAWEI."

Similar presentations

SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.

SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.
© 2003, Cisco Systems, Inc. All rights reserved..

© 2003, Cisco Systems, Inc. All rights reserved..
Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,

Dynamic Allocation of Shared IPv4 Addresses draft-csf-dhc-dynamic-shared-v4allocation-00 Q. Sun, Y. Cui, I. Farrer, Y. Lee, Q. Sun, M. Boucadair IETF 89,
Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.
COSC 541 Data and Computer Communications IPV6 OVERVIEW Professor:Mort Anvari Student: Fuqiang Chen Student ID:122647 Date:Mar.16.2002.

COSC 541 Data and Computer Communications IPV6 OVERVIEW Professor:Mort Anvari Student: Fuqiang Chen Student ID: Date:Mar
DHCP -Ameeta and Haripriya -cmsc 691x. DHCP ► Dynamic Host Configuration Protocol ► It controls vital networking parameters of hosts with the help of.

DHCP -Ameeta and Haripriya -cmsc 691x. DHCP ► Dynamic Host Configuration Protocol ► It controls vital networking parameters of hosts with the help of.
© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.

© 2008 Cisco Systems, Inc. All rights reserved.Cisco ConfidentialPresentation_ID 1 Chapter 10: DHCP Routing & Switching.
MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.

MCTS Guide to Microsoft Windows Server 2008 Network Infrastructure Configuration Chapter 4 Installing and Configuring the Dynamic Host Configuration Protocol.
1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.

1 Linux Networking and Security Chapter 2. 2 Configuring Basic Networking Describe how networking devices differ from other Linux devices Configure Linux.
12/2/2003chow1 Network and System Support for Multi-Level Security C. Edward Chow Department of Computer Science University of Colorado At Colorado Springs.

12/2/2003chow1 Network and System Support for Multi-Level Security C. Edward Chow Department of Computer Science University of Colorado At Colorado Springs.
COS 420 Day 15. Agenda Assignment 3 Due Assignment 4 Posted Chap 16-20 Due April 6 Individual Project Presentations Due IEPREP - Jeff MANETS - Donnie.

COS 420 Day 15. Agenda Assignment 3 Due Assignment 4 Posted Chap Due April 6 Individual Project Presentations Due IEPREP - Jeff MANETS - Donnie.
Investigations into BIND Dynamic Update with OpenSSL by David Wilkinson.

Investigations into BIND Dynamic Update with OpenSSL by David Wilkinson.
TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.

TCP/IP Tools Lesson 5. Objectives Skills/ConceptsObjective Domain Description Objective Domain Number Using basic TCP/IP commands Understanding TCP/IP3.6.
APACHE SERVER By Innovationframes.com »

APACHE SERVER By Innovationframes.com »
Automatic Router Configuration Protocol (ARCP) v1.1, 18 Nov. 2002 Jeb Linton, EarthLink

Automatic Router Configuration Protocol (ARCP) v1.1, 18 Nov Jeb Linton, EarthLink
Host Identity Protocol

Host Identity Protocol
Linux Operations and Administration

Linux Operations and Administration
DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) BY: SAMHITA KAW IS 373.

DYNAMIC HOST CONFIGURATION PROTOCOL (DHCP) BY: SAMHITA KAW IS 373.
Operating Systems Operating System

Operating Systems Operating System
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 9: Securing Network Traffic Using IPSec.

70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 9: Securing Network Traffic Using IPSec.

Similar presentations

Ads by Google