Presentation is loading. Please wait.

Presentation is loading. Please wait.

Ahmad Alsadeh, 12-05-2015 Augmented SEND: Aligning Security, Privacy, and Usability Dr. Ahmad Alsadeh Birzeit University Palestine.

Published byRose Butler Modified over 9 years ago

Similar presentations

Presentation on theme: "Ahmad Alsadeh, 12-05-2015 Augmented SEND: Aligning Security, Privacy, and Usability Dr. Ahmad Alsadeh Birzeit University Palestine."— Presentation transcript:

1 Ahmad Alsadeh, 12-05-2015 Augmented SEND: Aligning Security, Privacy, and Usability Dr. Ahmad Alsadeh Birzeit University Palestine

2 Ahmad Alsadeh, 12-05-2015 Neighbor Discovery Protocol (NDP) Fundamental protocol in IPv6 suite – Obtain configuration information – Determine when a neighbor is no longer reachable – Perform address resolution Local link protocol (subnet scope) Basic shield is not enough – NDP can suffer similar problems of ARP Spoofing IETF – RFC 4861 and RFC 4862 known as Neighbor Discovery Protocol (NDP) 2

3 Ahmad Alsadeh, 12-05-2015 Neighbor Discovery Protocol (NDP) NDP messages lack authentication Attacks might come from malicious – host – router NDP is vulnerable to many attacks – Spoofing – Replay – Rogue router Router Internet host Router 3

4 Ahmad Alsadeh, 12-05-2015 NDP Vulnerabilities (continue …) IETF efforts: – RFC 3756: IPv6 Neighbor Discovery (ND) Trust Models and Threats – RFC 3971: SEcure Neighbor Discovery (SEND) – RFC 3972: Cryptographically Generated Addresses (CGA) NDP Hacking Tools – Parasite6 – Alive6 – fake_router6 – detect-new-ip6 – dos-new-ip6 – flood_router6 – fake_advertiser6 – … THC-IPV6 : Attack toolkit http://www.thc.org/thc-ipv6/ 4

5 Ahmad Alsadeh, 12-05-2015 SEcure Neighbor Discovery (SEND) SEND is an integral part of NDP SEND offers three functionalities to NDP – Address Authentication (Address Ownership Proof) – Replay Protection – Authorization Delegation Discovery (ADD) 5

6 Ahmad Alsadeh, 12-05-2015 Hash (Kpub, Parameters) Interface IdentifierSubnet Prefix Source address = CGA (IPv6 address) CGA option= Kpub + other parameters Nonce option Timestamp option RSA Signature Option = Signature Sign(ND message) Verify signature with Kpub Verify Hash (Kpub, Parameters) = Interface Identifier SEND options are sent with the NDP message Host A Host B 64 bits 6 SEND (Simplified)

7 Ahmad Alsadeh, 12-05-2015 NDP Message Protected by SEND 7

8 Ahmad Alsadeh, 12-05-2015 RFC 3972: CGAs Generate/ Obtain an RSA key pair Pick a random Modifier Select a Sec value Set Collision Count to 0 Modifier (128 bits) 0 (64 bits) 0 (8bits) RSA Kpub (variable) SHA-1 Hash2 (112 bits) 0 16xSec leftmost Hash2 bits must be zero 16xSec =0? Increment Modifier No Final Modifier (128 bits) Subnet prefix (64 bits) Collision Count (8bits) RSA Kpub (variable) SHA-1 Hash1 (160 bits) 64 bits Subnet prefix Yes Secug CGA Hash Extension CGA parameters Check the uniqueness of IPv6 address (DAD) 8 Address authentication (Address ownership proof) Sender’s public key is bounded to IPv6 address CGA generation algorithm

9 Ahmad Alsadeh, 12-05-2015 Problem Statement There are several factors that limit SEND deployment – SEND is compute-intensive and bandwidth-consuming – SEND high time complexity may lead to privacy-related attacks – Router Authorization Delegation Discovery (ADD) mechanism is at initial stage – SEND has not mature implementation for end user operating systems Publication: – Ahmad AlSa'deh, Christoph Meinel, "Secure Neighbor Discovery: Review, Challenges, Perspectives, and Recommendations," IEEE Security & Privacy, July-Aug. 2012. 9

10 Ahmad Alsadeh, 12-05-2015 WinSEND: Windows SEND It is the first SEND implementation for Windows Ahmad Alsadeh and Hosnieh Rafiee – Winners of the 1st place in the International IPv6 Application Contest 2011, German IPv6 Council, Germany 10

11 Ahmad Alsadeh, 12-05-2015 Time-Based CGA (TB-CGA) Select a Time Parameter Modifier (128 bits) 0 (64 bits) 0 (8bits) RSA Kpub (variable) SHA-1 Hash2 (112 bits) 0 8xSec Exceed time? Increment Modifier No -Store the Modifier -Store the best Hash2 Select a Sec Modifier (128 bits) 0 (64 bits) 0 (8bits) RSA Kpub (variable) SHA-1 Hash2 (112 bits) 0 16xSec 16xSec = 0? Increment Modifier No Time-Based CGAStandard CGA 11 TB-CGA: Modifications to standard CGA – Select “time parameter” as an input – Keep track of the best found security level within determined time – Reduce the granularity of the security level from “16” to “8”

12 Ahmad Alsadeh, 12-05-2015 Privacy Concerns High Sec value may cause unacceptable delay It is likely that once a host generates an acceptable CGA, it will continue to use – this same address – the same public key Hosts using CGAs could be susceptible to privacy related attacks 12

13 Ahmad Alsadeh, 12-05-2015 CGA Privacy Extensions Three main modifications – Setting a CGA Address lifetime – Reducing the granularity of CGA security levels – Automatic key pair generation 13

14 Ahmad Alsadeh, 12-05-2015 SEND Router Authorization (Simplified) – Hosts provisioned with trust anchor(s) (TA) – Router has certificates from a TA – Two ICMPv6 messages – Certificate Path Solicitation (CPS) – Certificate Path Advertisement (CPA) – Two ICMPv6 Options – Trust anchor Option – Certificate Option – Hosts pick routers that can show a certificate chain to TA (1)(2) (3) Cert. Request Trust Anchor (TA0) Router R Host A CPS: I trust TA0, who are you? (4) CPA: I am R, here my Cert. Signed by TA0 (5) Trust Anchor X.509 cert Verify the Cert. aganst TA0 (6) If valid, use R as trust router (7) 14

15 Ahmad Alsadeh, 12-05-2015 Router Authorization Challenges CA Router Host Administrative boundary. CA A chain of trust is not easy to establish outside administrative boundaries 15

16 Ahmad Alsadeh, 12-05-2015 RPKI for SEND Certificate validation may be more complex – Long chain certificate authorization – It requires Public Key Infrastructure – No global root to authorized routers – Routers are required to perform a large number of operations Resource PKI (RPKI) can provide an attractive hierarchical infrastructure for SEND path discovery and validation Many ISPs do not support RPKI 16

17 Ahmad Alsadeh, 12-05-2015 Conclusion SEND is a promising technique to secure NDP SEND is still in trial stage Enhancing CGAs & SEND and make it simple and lightweight is very important. Otherwise, IPv6 network will be vulnerable to IP spoofing related attacks Among our contributions we hope to bring more usage and deployment of SEND and CGA in IPv6 networks 17

18 Ahmad Alsadeh, 12-05-2015 List of Publication Book Chapters – Ahmad AlSa'deh, Hosnieh Rafiee, and Christoph Meinel, SEcure Neighbor Discovery Review: a Cryptographic Solution for Securing IPv6 Local Link Operations. In CRYPSIS, pp. 178 -198, IGI Global, May 2013. – Tayo Arulogun, Ahmad AlSa'deh and Christoph Meinel. "Mobile IPv6: Mobility Management and Security Aspects." In Architectures and Protocols for Secure Information Technology Infrastructures, pp. 71-101, 2014. Journals & Magazines – Ahmad AlSa'deh, Christoph Meinel, "Secure Neighbor Discovery: Review, Challenges, Perspectives, and Recommendations," IEEE Security & Privacy, vol. 10, no. 4, pp. 26-34, July-Aug. 2012 Conferences – Ahmad AlSa'deh, Christoph Meinel, Florian Westphal, Marian Gawron, and Björn Groneberg. “CGA integration into IPsec/IKEv2 authentication”. SIN '13. ACM, pp. 326-330. 2013. – Ahmad AlSa'deh, Hosnieh Rafiee, and Christoph Meinel, "IPv6 stateless address autoconfiguration: Balancing between security, privacy and usability," Foundations and Practice of Security, vol. 7743 of Lecture Notes in Computer Science, pp.149--161. 2013. – Ahmad AlSa’deh, Hosnieh Rafiee, Christoph Meinel, "Cryptographically Generated Addresses (CGAs): Possible Attacks and Proposed Mitigation Approaches," cit, pp.332-339, 2012 IEEE 12th International Conference on Computer and Information Technology, 2012. – Ahmad AlSa'deh, Hosnieh Rafiee, Christoph Meinel, "Stopping time condition for practical IPv6 Cryptographically Generated Addresses," icoin, pp.257-262, The International Conference on Information Network 2012, 2012. – Ahmad AlSa'deh, Feng Cheng, Christoph Meinel, "CS-CGA: Compact and more Secure CGA," icon, pp.299-304, 2011. – Ahmad AlSa’deh, Feng Cheng, Sebastian Roschke, and Christoph Meinel, “IPv4/IPv6 Handoff on Lock-Keeper for High Flexibility and Security,” in 4th IFIP International Conference onNew Technologies, Mobility and Security (NTMS), 2011, pp. 1–6. – Hosnieh Rafiee, Ahmad Alsa’deh, and Christoph Meinel, “WinSEND: Windows SEcure Neighbor Discovery,” SIN 2011, 2011, pp. 243–246. – Hosnieh Rafiee, Ahmad Alsa'deh, Christoph Meinel, "Multicore-based auto-scaling SEcure Neighbor Discovery for Windows operating systems," icoin, pp.269- 274, 2012. – Tayo Arulogun, Ahmad AlSa’deh, and Christoph Meinel. "IPv6 Private Networks: security Consideration and Recommendations." In the Proceedings of the 4th International Conference on Mobile e-Services (ICOMeS) Oct. 16 – 17, 2012. Volume 4, ISBN: 978-2902-43-8. 18

19 Ahmad Alsadeh, 12-05-2015 Contact Information Ahmad Alsadeh, PhD Electrical and Computer Engineering Department Faculty of Engineering and Technology Birzeit University P.O.Box 14-Birzeit, Palestine Mobile: +972 59 786 8474 Phone: +972 2 298 2935 Fax: +972 2 298 2125 Email: asadeh@birzeit.eduasadeh@birzeit.edu 19

20 Questions? 20

Download ppt "Ahmad Alsadeh, 12-05-2015 Augmented SEND: Aligning Security, Privacy, and Usability Dr. Ahmad Alsadeh Birzeit University Palestine."

Similar presentations

A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,

A CGA based Source Address Authentication Method in IPv6 Access Network(CSA) Guang Yao, Jun Bi and Pingping Lin Tsinghua University APAN26 Queenstown,
SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.

SeND Hash Threat Analysis CSI WG Ana Kukec, Suresh Krishnan, Sheng Jiang.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
10: ICMPv6 Neighbor Discovery

10: ICMPv6 Neighbor Discovery
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
ZyXEL Confidential Address Autoconfiguration Feng Zou SW2 ZyXEL Communications Corp. 04/11/2006.

ZyXEL Confidential Address Autoconfiguration Feng Zou SW2 ZyXEL Communications Corp. 04/11/2006.
Neighbor Discovery for IPv6 Mangesh Kaushikkar. Overview Introduction Terminology Protocol Overview Message Formats Conceptual Model of a Host.

Neighbor Discovery for IPv6 Mangesh Kaushikkar. Overview Introduction Terminology Protocol Overview Message Formats Conceptual Model of a Host.
1 IPv6. 2 Problem: 32-bit address space will be completely allocated by 2008. Solution: Design a new IP with a larger address space, called the IP version.

1 IPv6. 2 Problem: 32-bit address space will be completely allocated by Solution: Design a new IP with a larger address space, called the IP version.
Implementing IPv6 Module B 8: Implementing IPv6

Implementing IPv6 Module B 8: Implementing IPv6
IPv6 Network Security.

IPv6 Network Security.
2: Comparing IPv4 and IPv6 Rick Graziani Cabrillo College

2: Comparing IPv4 and IPv6 Rick Graziani Cabrillo College
A Survey of Secure Wireless Ad Hoc Routing

A Survey of Secure Wireless Ad Hoc Routing
Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.

Grid Security Infrastructure Tutorial Von Welch Distributed Systems Laboratory U. Of Chicago and Argonne National Laboratory.
© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.

© 2007 Levente Buttyán and Jean-Pierre Hubaux Security and Cooperation in Wireless Networks Chapter 4: Naming and addressing.
1 Mobile IP Myungchul Kim Tel: 042-866-6127.

1 Mobile IP Myungchul Kim Tel:
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.

IPv6 Address Provisioning In IPv6 world there are three provisioning aspects wich are independent of whether the IPv6 node is a Host or CE router: IPv6.
Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.

Environmental Council of States Network Authentication and Authorization Services The Shared Security Component February 28, 2005.
CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

CSCI283 Fall 2005 GWU All slides from Bishop’s slide set Public Key Infrastructure (PKI)

Similar presentations

Ads by Google