Presentation is loading. Please wait.

Presentation is loading. Please wait.

INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.

Published byCarol Lloyd Modified over 9 years ago

Similar presentations

Presentation on theme: "INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007."— Presentation transcript:

1 INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007 Vincent Roca (INRIA)

2 2 - INRIA - Planète Situation Reed-Solomon FEC draft-ietf-rmt-bb-fec-rs-05.txtupdated LDPC FEC draft-ietf-rmt-bb-fec-ldpc-07.txtupdated TESLA source authentication for ALC/NORM draft-ietf-msec-tesla-for-alc-norm-03.txtupdated Simple auth. schemes for ALC/NORM draft-roca-rmt-simple-auth-for-alc-norm-01updated

3 3 - INRIA - Planète Part 1: Reed-Solomon FEC BB

4 4 - INRIA - Planète What’s new with the R-S document? “publication requested” in Sept. 2007  “proposed standard” category two versions published  -04 (Oct. 2007) and -05 (Nov. 2007)  version -05 takes into account comments on mailing list (Igor Slepchin and Alfred Hoenes):  corrected error in “Determining the Max Src Block Length”  changed the way the max_n parameter is calculated (floor  ceil) from the target code rate for a better match

5 5 - INRIA - Planète What’s new with the R-S document (cont’)  clarified that the “max_n algorithm” is only RECOMMENDED to be used. Receivers can estimate “n” for a given block, but MUST be prepared to handle symbols with an ESI > “estimated n”  takes into account comment sent during IESG review (Magnus/Francis Dupont/Elwyn Davies/Stephen Kent/Russ Housley)  a brand new « Security » section (but too detailed ;-)  several details corrected… next step:  new version (-06) under progress

6 6 - INRIA - Planète Part 2: LDPC-staircase/triangle FEC BB

7 7 - INRIA - Planète What’s new with the LDPC-* document? “publication requested” in Sept. 2007  “proposed standard” category one versions published  -04 (Oct. 2007) and -05 (Nov. 2007)  version -05 takes into account comments on mailing list (Alfred Hoenes + Igor Slepchin indirectly)  better separation between mandatory and recommended procedures  changed the way the max_n parameter is calculated (floor  ceil) from the target code rate for a better match (no backward compatibility impact)

8 8 - INRIA - Planète What’s new with the LDPC-* document (cont’)  takes into account comment sent during IESG review (Magnus/Brian Carpenter/Russ Housley/Jari Arkko)  a brand new « Security » section (but too detailed ;-)  several details corrected…  removal of the C code’s copyright (with the permission of the authors and R. Neal)  updated PRNG section: the scaling in [0; maxv[ algorithm is mandatory C implementation moved in annex (will be replaced by a pointer in next version, as agreed with Robin Whittle) next step:  new version (-07) under progress

9 9 - INRIA - Planète Part 3: TESLA for ALC and NORM

10 10 - INRIA - Planète What’s new? most changes already done in -02 version (July 07)  reminder:  compact authentication tag without the “i” interval index field but instead one or two sub- fields when feasible  authentication tag without key disclosure to reduce packet’s overhead  optional embedded group MAC feature  current version only improves the text, no new feature

11 11 - INRIA - Planète (Very preliminary) performance results test conditions:  512000 packets send, 512 bytes/packet (total of 250 kB)  HMAC-SHA-1 with 160 bit keys  100 keys per TESLA key chain, 0.5s TESLA time interval  measure the time taken to send all packets (no receiver) results (sender):  TESLA (W/O group MAC): 6.362 s  Group MAC authentication: 6.063 s  Digital signatures authentication:776.548 s  TESLA is only 4.93% slower than Group MAC auth. more detailed performance analysis under progress

12 12 - INRIA - Planète Work under progress under progress…  we need to finish TESLA for ALC implementation (soon)  useful to check the accuracy of the document  we need to verify in particular the steps specified in  5.2 Authentication of received packets open points/questions to the group  do we keep the optional weak group MAC?  or do we add an external group MAC authentication scheme (I-D under progress) that can be used in the same session?  would simplify the specs, but adds more overhead  clarify what parameters are needed with digital signatures

13 13 - INRIA - Planète Part 4: Simple authentication schemes for ALC and NORM - slides already presented during IETF’69 -

14 14 - INRIA - Planète Simple auth schemes for ALC/NORM an I-D…  that defines two basic authentication schemes for group communications  shares the EXT_AUTH format  ASID field is used goal is to have an appropriate set of authentication schemes for group comm.  for per packet, transport level (i.e. within ALC/NORM) security  it’s complementary to IPsec layer 3 security

15 15 - INRIA - Planète Simple auth schemes for ALC/NORM… (cont’) pros/cons in short +----------------+-------------+--------------+-------------+-------+ | | RSA Digital | ECC Digital | Group MAC | TESLA | | | Signature | Signature | | | +----------------+-------------+--------------+-------------+-------+ | True auth and | Yes | Yes | No (group | Yes | | integrity | | | security) | | | Immediate auth | Yes | Yes | Yes | No | | Processing | -- | + | ++ | + | | load | | | | | | Transmission | -- | + | ++ | + | | overhead | | | | | | Complexity | ++ | ++ | ++ | -- | | IPR/patents | ++ | -- | ++ | ++ | +----------------+-------------+--------------+-------------+-------+

16 16 - INRIA - Planète Simple auth schemes for ALC/NORM… (cont’) example: 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HET (=1) | HEL (=33) | ASID | 0 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | + |.. Signature (128 bytes).. | + | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | HET (=1) | HEL (=4) | ASID | 0 | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | + | Group MAC (10 bytes) | + +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | Padding | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ Digital Signature EXT_AUTH header extension using 1024 bit signatures Group MAC EXT_AUTH header extension using HMAC-SHA-1. 128 bytes 12 bytes

17 17 - INRIA - Planète To conclude with simple auth schemes it’s the logical follow-up to TESLA I-D  provides a comprehensive set of techniques for the most basic security feature: source authentication and packet integrity a WG Item?

Download ppt "INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007."

Similar presentations

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
Web security: SSL and TLS

Web security: SSL and TLS
Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.

Note Well Any submission to the IETF intended by the Contributor for publication as all or part of an IETF Internet-Draft or RFC and any statement made.
IETF 76 – November 8-14 – Hiroshima, Japan RMT LCT draft-rmt-pi-alc-revised-10 Mark Watson.

IETF 76 – November 8-14 – Hiroshima, Japan RMT LCT draft-rmt-pi-alc-revised-10 Mark Watson.
An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.

An Introduction to Secure Sockets Layer (SSL). Overview Types of encryption SSL History Design Goals Protocol Problems Competing Technologies.
INRIA Rhône-Alpes - Planète research group 1 Security and RMT Protocols: TESLA I-D simple-auth I-D rmt-sec I-D IETF 69 th – Chicago meeting, July 2007.

INRIA Rhône-Alpes - Planète research group 1 Security and RMT Protocols: TESLA I-D simple-auth I-D rmt-sec I-D IETF 69 th – Chicago meeting, July 2007.
FCAST update TESLA update IETF 76 – Hiroshima, November 2009 V. Roca (INRIA)

FCAST update TESLA update IETF 76 – Hiroshima, November 2009 V. Roca (INRIA)
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.

Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Gursharan Singh Tatla Transport Layer 16-May-2011 1

Gursharan Singh Tatla Transport Layer 16-May
Secure Socket Layer (SSL)

Secure Socket Layer (SSL)
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Simple LDPC-Staircase FEC Scheme for FECFRAME draft-roca-fecframe-ldpc-01 IETF 79 – Beijing, November 2010 V. Roca – M. Cunche (INRIA) J. Lacan (ISAE)

Simple LDPC-Staircase FEC Scheme for FECFRAME draft-roca-fecframe-ldpc-01 IETF 79 – Beijing, November 2010 V. Roca – M. Cunche (INRIA) J. Lacan (ISAE)
Application of Finite Geometry LDPC code on the Internet Data Transport Wu Yuchun Oct 2006 Huawei Hisi Company Ltd.

Application of Finite Geometry LDPC code on the Internet Data Transport Wu Yuchun Oct 2006 Huawei Hisi Company Ltd.
LDPC-Staircase FEC Schemes for FECFRAME draft-roca-fecframe-ldpc-00 IETF 75 – Stockholm, July 2009 V. Roca – M. Cunche (INRIA) J. Lacan (ISAE)

LDPC-Staircase FEC Schemes for FECFRAME draft-roca-fecframe-ldpc-00 IETF 75 – Stockholm, July 2009 V. Roca – M. Cunche (INRIA) J. Lacan (ISAE)
Audio/Video Transport Working Group 49th IETF, San Diego 13-14 December 2000 Stephen Casner -- Packet Colin Perkins -- ISI,

Audio/Video Transport Working Group 49th IETF, San Diego December 2000 Stephen Casner -- Packet Colin Perkins -- ISI,
Web Security : Secure Socket Layer Secure Electronic Transaction.

Web Security : Secure Socket Layer Secure Electronic Transaction.
Simple Authentication schemes for ALC and NORM draft-ietf-rmt-simple-auth-for-alc-norm-00 IETF 73 – Minneapolis, November 2008 Vincent Roca (INRIA)

Simple Authentication schemes for ALC and NORM draft-ietf-rmt-simple-auth-for-alc-norm-00 IETF 73 – Minneapolis, November 2008 Vincent Roca (INRIA)

Similar presentations

Ads by Google