Presentation is loading. Please wait.

Presentation is loading. Please wait.

SessIon LayEr SecuriTy Approach SIESTA

Published bySherman Burns Modified over 7 years ago

Similar presentations

Presentation on theme: "SessIon LayEr SecuriTy Approach SIESTA"— Presentation transcript:

1 SessIon LayEr SecuriTy Approach SIESTA
Robert Moskowitz Verizon November 7, 2013 1

2 Problem The present end-to-end application security context is tightly coupled with the underlying communication context. This is problematic for at least three reasons. Not flexible: when the underlying communication context changes, the application security context must change, too. Overhead associated with such coupling is prohibitively expensive over constrained networks (such as sensor or cellular networks). Probably most important: an attack on the communication context immediately effects the application security. 2

3 Goals This work aims at a solution to the above problems, with the objective of providing security context and security message format(s) for an application, which is fully decoupled from the underlying communication methodology and is thus resilient to attacks on the communication context. With that, the security context may need to have basic understanding of the communication context to be efficient with datagram overhead and communication synchronization issues (such as sequence window management), and so it is desirable that solution supports the "hooks" into the underlying protocol 3

4 Why yet another Security Layer?
What is the Session Layer? TCP/IP does not have a Session Layer From Wikipedia “The session layer provides the mechanism for opening, closing and managing a session between end-user application processes, i.e., a semi-permanent dialogue. Communication sessions consist of requests and responses that occur between applications. Session-layer services are commonly used in application environments that make use of remote procedure calls (RPCs).” So every communications application can be seen to have a Session Layer abstraction. 4

5 What is not needed Another Key Management Protocol (KMP)?
These are hard to do Instead, work out how to run existing independent KMPs e.g. IKEv2 and HIP Changes to existing security layers They each do the job they were invented for 5

6 Thus the Goals are Make network attacks uninteresting in that they do not disturb the security state Allow for very conservative message overhead while accommodating high performance networks Put the intelligence in the (independent) KMP, not the secure messaging format(s) Provide for security state survivablity and longevity Support mutli-flow, mulitcast, multipath, non- TCP/IP, and just about any other network design 6

7 Who is the Audience SDN M2M Expect other interest
Being discussed in ONF for OpenFlow Multiflows and Survivablity big concerns And thus ETSI NFV as well M2M SMS, particularly satellite SMS Multicast sensor nets Expect other interest 7

8 Security State Survivability
Security state loss is a significant threat Loss of state most commonly from reboot Thus rare in sensors, but expected on servers Significant time lost to detect state loss at peer Significant energy spent in sending packets that will be dropped due to loss of state at peer Implementations MAY maintain state in a secure store SHOULD when significant cost to peer to recover SHOULD refresh keys with peers for full recovery If Sequence # maintained, the key refresh MAY be delayed/scheduled 8

9 The State Machine An application using Session Security will
Start – call the KMP with the session identities and get the SPIs, key hierarchies, and ciphersuite Key refresh – on seq # consumption, call the KMP for fresh keys Secure – secure the message Reveal – decrypt and/or authenticate the message Teardown – tear down the security context State machine needs to handle responder Security setup and state loss recovery (e.g. after reboot) Some method is needed to connect a start or rekey with new SPIs to the SSE application that will use it. This could be internal to the KMP or KMP run over the eventual application port before any messages. 9

10 The Plan Use lessons learned with ESP to design a Session Security Envelope Move ESP up the stack and adjust accordingly Only provide for 'modern' ciphersuites e.g. AES with CCM, CMAC, GCM, GMAC Multiple formats tuned to differing requirements What about Additional Authenticated Data headers like HTTP stuff? 10

11 More the Plan This is so simple it SHOULD be done in 3 months! 3? RFCS
No 'working group', just do it and submit So far only slide deck describing SSE Already claimed one implementation on NETBSD But not exclusive design team Mailing list 3? RFCS SSE, IKEv2 support, HIP support Others like Kerberos? 11

12 Disclaimer I am currently working on a number of internal products using an SSE Why I am behind on my assignments for a number of standards works Management and Legal insisted on a patent application filing I will do IETF disclosure process once completed 12

13 Current work on 3 SSE Formats
Highly constrained networks have a high cost per byte Fast networks MUST be able to maintain message synchronization This dichotomy leads to two SSE formats Very high bandwidth networks in the future e.g. 400gbs ethernet Which exceeds 32 bit explicit sequence number capabilities Thus a third format Let the market decide what gets used 13

14 SSE Compact Format * Optional 0 1 2 3
| Security Parameters Index (SPI) | ^Integrity |Covered | Length | Sequence Number | | | ---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. |Covered* | | Padding* (0-255 bytes) | | | | | | | | Pad Length* | v v | Integrity Check Value - ICV (variable) | | | | Security Parameters Index (SPI) | ^Integrity |Covered | Length | Sequence Number | | | ---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. |Covered* | | Padding* (0-255 bytes) | | | | | | | | Pad Length* | v v | Integrity Check Value - ICV (variable) | | | | Security Parameters Index (SPI) | ^Integrity |Covered | Length | Sequence Number | | | ---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. |Covered* | | Padding* (0-255 bytes) | | | | | | | | Pad Length* | v v | Integrity Check Value - ICV (variable) | | | * Optional 14

15 SSE Large Format * Optional 0 1 2 3
| Security Parameters Index (SPI) | ^Integrity |Covered | Length | | | | Sequence Number | | | |---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. |Covered* | | Padding* (0-255 bytes) | | | | | | | | Pad Length* | v v | Integrity Check Value - ICV (variable) | | | * Optional 15

16 SSE Extreme Format * Optional 0 1 2 3
| Security Parameters Index (SPI) | ^Integrity |Covered | Length | | | | Sequence Number | | | | | | |---- | Payload Data (variable) | | ^ ~ ~ | | | | |Confident. |Covered* | | Padding* (0-255 bytes) | | | | | | | | Pad Length* | v v | Integrity Check Value - ICV (variable) | | | * Optional 16

17 Thank you for your time 17

Download ppt "SessIon LayEr SecuriTy Approach SIESTA"

Similar presentations

Intermediate TCP/IP TCP Operation.

Intermediate TCP/IP TCP Operation.
Transport Layer – TCP (Part1) Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF.

Transport Layer – TCP (Part1) Dr. Sanjay P. Ahuja, Ph.D. Fidelity National Financial Distinguished Professor of CIS School of Computing, UNF.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.

 The Open Systems Interconnection model (OSI model) is a product of the Open Systems Interconnection effort at the International Organization for Standardization.
Process-to-Process Delivery:

Process-to-Process Delivery:
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Transport Layer and UDP Tahir Azim Ref:

Transport Layer and UDP Tahir Azim Ref:
Networked & Distributed Systems TCP/IP Transport Layer Protocols UDP and TCP University of Glamorgan.

Networked & Distributed Systems TCP/IP Transport Layer Protocols UDP and TCP University of Glamorgan.
TCP/IP Protocols Contains Five Layers

TCP/IP Protocols Contains Five Layers
The Transport Layer application transport network data link physical application transport network data link physical application transport network data.

The Transport Layer application transport network data link physical application transport network data link physical application transport network data.
CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.

CCNA 1 v3.0 Module 11 TCP/IP Transport and Application Layers.
IPsec. 18.1 Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.

IPsec Introduction 18.2 Security associations 18.3 Internet Security Association and Key Management Protocol (ISAKMP) 18.4 Internet Key Exchange.
MULTIPLEXING/DEMULTIPLEXING, CONNECTIONLESS TRANSPORT.

MULTIPLEXING/DEMULTIPLEXING, CONNECTIONLESS TRANSPORT.
Doc.: IEEE 802.15-11-0650-00-0kmp Submission September 2011 Robert Moskowitz, Verizon Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal.

Doc.: IEEE kmp Submission September 2011 Robert Moskowitz, Verizon Slide 1 Project: IEEE P Working Group for Wireless Personal.
1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.

1 Transport Layer: Basics Outline Intro to transport UDP Congestion control basics.
Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems July 30, 2009 Slides presented.

Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems July 30, 2009 Slides presented.
2: Transport Layer 11 Transport Layer 1. 2: Transport Layer 12 Part 2: Transport Layer Chapter goals: r understand principles behind transport layer services:

2: Transport Layer 11 Transport Layer 1. 2: Transport Layer 12 Part 2: Transport Layer Chapter goals: r understand principles behind transport layer services:
Establishing Host Identity Protocol Opportunistic Mode with TCP Option

Establishing Host Identity Protocol Opportunistic Mode with TCP Option
IPSec Detailed Description and VPN

IPSec Detailed Description and VPN

Similar presentations

Ads by Google