Presentation is loading. Please wait.

Presentation is loading. Please wait.

EAP-TTLS Status draft-funk-eap-ttls-v0-00.txt draft-funk-eap-ttls-v1-00.txt draft-funk-tls-inner-application-extension-01.txt Paul Funk Funk Software.

Published by Modified over 9 years ago

Similar presentations

Presentation on theme: "EAP-TTLS Status draft-funk-eap-ttls-v0-00.txt draft-funk-eap-ttls-v1-00.txt draft-funk-tls-inner-application-extension-01.txt Paul Funk Funk Software."— Presentation transcript:

1 EAP-TTLS Status draft-funk-eap-ttls-v0-00.txt draft-funk-eap-ttls-v1-00.txt draft-funk-tls-inner-application-extension-01.txt Paul Funk Funk Software

2 Overview of Draft Set Names have changed –Previous name: draft-ietf-pppext-eap-ttls-nn. –Changed to individual submission, since pppext doesn’t do EAP any more. –Draft version reverted to 00. Relationship between drafts –TTLS v0 is original protocol –TTLS v1 is new version TTLS v1 is defined over TLS extension called TLS/IA –TLS/IA defined in separate draft: draft-funk-tls-inner-application-extension-01.txt

3 EAP-TTLS v1 Overview A version field is now defined in the Flag bits. EAP-TTLS v1 is defined over TLS/IA. –It’s a much shorter draft. –But the new TLS/IA draft more than makes up for this. –The same AVP encapsulation defined in EAP- TTLS v0 is now defined in TLS/IA. –TLS/IA includes enhanced security features.

4 TLS “InnerApplication” Extension (TLS/IA) TLS/IA defines a mechanism for embedding EAP authentication and other negotiations in TLS itself. –Allows any TLS-based protocol to use inner EAP authentication. Uses standard RFC 3546 extension mechanism –Inner Application extension appended to ClientHello, confirmed in ServerHello Defines new “Inner Application” record type. –Inner Application records follow immediately after TLS handshake, but prior to upper-layer data exchange. –New record type carries one or more “phases”. –Each phase consists of: exchange of AVPs permutation of Inner Secret exchange of PhaseFinished messages for confirmation. –TLS handshake plus Inner Application records can be thought of as an “extended handshake”.

5 Comparison of TLS Encapsulation Handshake msgsCCS/FinishedAVPs Handshake msgs CCS/FinishedAVPsPhaseFinishedThis space available In EAP-TTLS version 0 (as well as EAP-PEAP/FAST) In TLS/IA TLS handshakedata TLS handshake data Inner application Handshake msgs CCS/FinishedAVPsPhaseFinished In EAP-TTLS version 1 TLS handshake Inner application

6 TLS/IA Security Optional multi-phase negotiation. –Allows subsequent exchange to be predicated on success of prior exchange –Phases are optional in resumed sessions Additional “Inner Secret” is computed. –Mixes TLS master secret and all session keys from inner authentications. Prevents MitM attack. –Inner Secret is mutually confirmed at the end each phase. Result of inner authentication is securely exchanged. Prevents truncation attack. No change to TLS handshake itself or cipher usage within TLS.

7 Session Key Binding Inner Secret is initialized to master secret at conclusion of TLS handshake. Inner Secret is permuted in each phase –All inner session keys developed during phase are concatenated into a vector in order of value –PRF is applied to label, randoms, and session key vector, using current Inner Secret as key –48-octet result is new Inner Secret Inner Secret is confirmed by PhaseFinished message. Final Inner Secret from last phase is exported. –EAP-TTLS v1 derives MSK (i.e. MPPE keys) from Inner Secret.

8 Uses of TLS/IA Beyond TTLS TLS/IA can provide inner AVP capabilities to other protocols besides EAP-TTLS. Inner AVPs can be use for various purposes: –authentication –key exchange –endpoint integrity attestation –etc. Possible other applications for TLS/IA: –HTTP with EAP authentication –Alternative to IKE for IPsec key establishment –Setting up SSL VPN

Download ppt "EAP-TTLS Status draft-funk-eap-ttls-v0-00.txt draft-funk-eap-ttls-v1-00.txt draft-funk-tls-inner-application-extension-01.txt Paul Funk Funk Software."

Similar presentations

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
Web security: SSL and TLS

Web security: SSL and TLS
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
Version 1 of EAP-TTLS draft-ietf-pppext-eap-ttls-05.txt Paul Funk Funk Software.

Version 1 of EAP-TTLS draft-ietf-pppext-eap-ttls-05.txt Paul Funk Funk Software.
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.

SMUCSE 5349/49 SSL/TLS. SMUCSE 5349/7349 Layers of Security.
Secure Socket Layer.

Secure Socket Layer.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.

17.1 Copyright © The McGraw-Hill Companies, Inc. Permission required for reproduction or display. Chapter 17 Security at the Transport Layer: SSL and TLS.
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –www.ietf.orgwww.ietf.org.

Intro to SSL/TLS Network Security Gene Itkis. 6/14/2015 Gene Itkis: CS558 Network Security 2 Origins Internet Engineering Task Force (IETF) –
Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP 802.3802.5802.11 802.1x EAP API.

Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP x EAP API.
Ariel Eizenberg arielez@cs.huji.ac.il PPP Security Features Ariel Eizenberg arielez@cs.huji.ac.il.

Ariel Eizenberg PPP Security Features Ariel Eizenberg

Similar presentations

Ads by Google