1. A Secure Network Access Protocol (SNAP) A. F. Al Shahri, D. G. Smith and J. M. Irvine Proceedings of the Eighth IEEE International Symposium on Computers and Communication (ISCC’03)

2. outline  Introduction  Tools: secret sharing and quorum systems  Secure Network Access Protocol (SNAP)  Conclusion

3. Introduction  network security  network sizes↑, interconnectivity↑  Sol: Authentication, access control  centralized authentication protocols  Most existing protocols  trust↑  risk↑, security↓, and availability↓

4.  Distributed trust  open the bank vault  similar principal to network security  Secure Network Access Protocol (SNAP)  distributed trust  Secret sharing and quorum system features  strong authentication mechanism

5. Quorum systems  Quorum  subsets of nodes  non-empty intersection  act on behalf of the system  no quorum contains another quorum  quorum system  a collection of quorums  increasing reliability and availability

6. Secret sharing  Basic idea  secret  pieces (shares)  distributing  specific shares  original secret  qualified subsets  access structure  collection of all qualified subsets  Ex:  threshold secret sharing scheme  Quorum based secret sharing scheme

7. Secure Network Access Protocol (SNAP)  authentication models  Description  SNAP Messages  Security analysis  Overhead analysis

8. authentication models  centralized approach  low management, updating overhead   focused trust, high load  parallel approach  increasing availability, distributing the load   more points to attack, higher management overhead  distributed approach (SNAP)  distributed trust, increased availability, distributing load   increased management and signaling overhead

9. SNAP Description  User:  entity attempting to access the network resources  Authentication nodes:  a router, server, or any terminal used for network access.  network security manager (NSM)  supervises the network security services  construct the access code (AC)  using a secret sharing scheme (SSS) that has a quorum access structure  reconstruction function  local node (LN)  only LN will reconstruct the secret share AC.  User doesn’t know AC will increase security

10. NSM AC

11. SNAP Messages

12. SNAP Security analysis  Impersonation attacks:  time stamps, public key  Man in the middle:  sender’s ID is encrypted  Replay attacks:  time stamps, random numbers  Unauthorized access:  AC based on latest shares, NSM periodically inform all network authentication nodes about revoked authorization users  Denial of service (network flooding):  quorum, time stamps

13. SNAP Overhead analysis(1/3)  Message size, # of msg:  1: 36 bytes  2: 4~20 bytes  3: 128 bytes  4: 256 bytes  5: 128k + 26 bytes  6: 268 bytes  Msg size almost the same to centralized approaches  Msg # is the point  Increase (c+k)  c: # to contact the LN  k: quorum size

14. SNAP Overhead analysis(2/3)  Load distribution:  Quorum load = load / l  Node max. Load = (m * load) / l  m: intersection property,a node is a member of m quorums  l : number of quorums in the system  quorum size(k)↓, system quorums number(l)↑  whole network load↓, quorums load↓, nodes load↓

15. SNAP Overhead analysis(3/3)  Delay:  Simulation environment:  network simulator ns-2  two traffic streams :  background traffic  UDP agents : exponential traffic, 500 bytes fixed size packet, 1000 kb/s peak rate  authentication traffic  Ping agents : 256 bytes authentication packets  link capacity : 1Mb/s  link delay : 10 ms

17. Conclusion  network security  Authentication and access control  SNAP  secret sharing schemes with quorum access structure  Better than existing centralized authentication protocols  availability, security and distributed trust  Additional signaling overhead  Cost of additional security and availability