Presentation is loading. Please wait.

Presentation is loading. Please wait.

TLS authentication using ETSI TS and IEEE certificates

Published byReynold Hood Modified over 7 years ago

Similar presentations

Presentation on theme: "TLS authentication using ETSI TS and IEEE certificates"— Presentation transcript:

1 TLS authentication using ETSI TS 103 097 and IEEE 1609.2 certificates
IETF meeting 93 – Prague – TLS WG session Wednesday, July 22, 2015

2 Objective & Motivations
Objective: enable C/S authentication using C-ITS* certificates Motivations: C-ITS networks are highly mobile with a limited bandwidth X.509 certificates are not optimized for bandwidth and delay-sensitive applications Definition of new certificates for C-ITS US: IEEE EU: ETSI TS Use case: secured communication between a vehicle and a server on the Internet: e.g. vehicle data upload on a remote log server e.g. vehicle software update e.g. traffic light information via 3G/LTE communication (SPAT) Authentication between an ITS-Station and a server should be possible using C- ITS certificates e.g.1: rent company e.g.2: vehicle manufacturer SPAT = Signal Phase and Timing adapter = adjust *C-ITS: Co-operative Intelligent Transportation System

3 Modifications on TLS Handshake
Client Server ClientHello /* cert_type extension */ > ServerHello Certificate* ServerKeyExchange* CertificateRequest* Certificate < ServerHelloDone ClientKeyExchange CertificateVerify* [ChangeCipherSpec] Finished Application Data < > Restrictions on CertificateRequest message RFC 6091 (deprecated) RFC 7250 * Indicates optional or situation-dependent messages that are not always sent.

4 Technical modifications
ClientHello and ServerHello messages of the handshake protocol SHALL include the cert_type extension [RFC 6091] enum { X.509(0), OpenPGP(1), RawPublicKey(2), IEEE(TBD), ETSI(TBD), (255) }CertificateType; RFC 6091 (deprecated) RFC 7250

5 Technical specifications
CertificateRequest SHALL be filled with the following values: CertificateRequest as defined in [RFC 5246] enum { rsa_sign(1), dss_sign(2), rsa_fixed_dh(3), dss_fixed_dh(4), rsa_ephemeral_dh_RESERVED(5), dss_ephemeral_dh_RESERVED(6), fortezza_dms_RESERVED(20), ECDSA_sign(64), (255) }ClientCertificateType; opaque DistinguishedName<1..2^16-1>; struct { ClientCertificateType certificate_types<1..2^8-1>; SignatureAndHashAlgorithm supported_signature_algorithms<2^16-1>; DistinguishedName certificate_authorities<0..2^16-1>; }CertificateRequest; Filled values ClientCertificateType ECDSA_sign(64) SignatureAndHashAlgorithm {0x04,0x03} (ECDSA-SHA256) DistinguishedName List of HashedId8 [ETSI TS ] (The server informs the client about the certificate authorities it trusts to help the client to select a corresponding certificate)

6 Thank you!

7 Verification of ETSI certificate
ETSI TS certificate format: version signer_info subject_info verification /encryption keys assurance_level ItsAid_ssp list validity_restrictions signature 1. Verify that the certificate content is conform to one of ETSI profiles. 2. Verify the certificate’s signer identity: IF The certificate digest included in signer_info is known: Go to step 3. ELSE: IF It is a root certificate digest: Verification failed (error – untrusted root CA). Pause the current certificate verification process and start verification of the next certificate in the chain recursively by restarting from step 1. Once verified, resume the certificate verification. 3. Verify that the certificate is not in the Certificate Revocation List (CRL). 4. Verify the signature of the certificate (see [10] for details). 5. Verify subject_info: subject_name shall be a 32 bytes hash of the server URL. Note that this step is only done by clients. Servers shall ignore this step. 6. Verify validity_restrictions: only time validity is checked, space validity (geographical region) is ignored. 7. Verifity its_aid_ssp: ITS-AID included in the certificate shall be consistent with those included in the signer’s certificate (heritage).

Download ppt "TLS authentication using ETSI TS and IEEE certificates"

Similar presentations

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Web security (Spoofing & TLS & DNS) Ge Zhang. Web surfing yahoo IP of yahoo? 1.2.3.4 Get index.htm from 1.2.3.4 Response from 1.2.3.4.

Web security (Spoofing & TLS & DNS) Ge Zhang. Web surfing yahoo IP of yahoo? Get index.htm from Response from
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.

1 SSL/TLS 2 Web security Security requirements Secrecy to prevent eavesdroppers to learn sensitive information Entity authentication Message authentication.
COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?

COMP043-Cryptology Week 4 – Certs and Sigs. Digital Signatures Digital signatures provide –Integrity –Authenticity and –Non-repudiation How do they work?
ITA, 2.11.2011, 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.

ITA, , 8-TLS.pptx 1 Internet Security 1 (IntSi1) Prof. Dr. Andreas Steffen Institute for Internet Technologies and Applications (ITA) 8 Transport.
We leave the world of cryptography for a while.

We leave the world of cryptography for a while.
Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.

Mar 19, 2002Mårten Trolin1 This lecture On the assignment Certificates and key management SSL/TLS –Introduction –Phases –Commands.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani
Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs458-658 Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Intro to SSL/TLS Network Security Gene Itkis. 6/23/2015 cs Network Security (Gene Itkis) 2 Origins Internet Engineering Task Force (IETF) –
PKI & SSL Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.

PKI & SSL Dr. Andy Wu BCIS 4630 Fundamentals of IT Security.
Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.

Overview of Digital Signatures Introduction To Networks and Communications (CS 555) Presented by Bharath Kongara.
11 Secure Sockets Layer (SSL) Protocol (SSL) Protocol Saturday, 08.05. 2010 University of Palestine Applied and Urban Engineering College Information Security.

11 Secure Sockets Layer (SSL) Protocol (SSL) Protocol Saturday, University of Palestine Applied and Urban Engineering College Information Security.
Secure Socket Layer (SSL)

Secure Socket Layer (SSL)

Similar presentations

Ads by Google