Presentation is loading. Please wait.

Presentation is loading. Please wait.

Weak Identifier Multihoming Protocol (WIMP) draft-ylitalo-multi6-wimp-00.txt J. Ylitalo, V. Torvinen, E. Nordmark Vesa Torvinen Ericsson Research Nomadiclab,

Published byRuth West Modified over 9 years ago

Similar presentations

Presentation on theme: "Weak Identifier Multihoming Protocol (WIMP) draft-ylitalo-multi6-wimp-00.txt J. Ylitalo, V. Torvinen, E. Nordmark Vesa Torvinen Ericsson Research Nomadiclab,"— Presentation transcript:

1 Weak Identifier Multihoming Protocol (WIMP) draft-ylitalo-multi6-wimp-00.txt J. Ylitalo, V. Torvinen, E. Nordmark Vesa Torvinen Ericsson Research Nomadiclab, Finland 59th IETF - Seoul, Korea

2 Overview Experiments with "weak" authentication and light cryptographic operations –Up to 2000-4000 times faster than public key operations? Context establishment and re-addressing separated –Initiation phase stateless for responder –Locators can change dynamically, and be private End-point identifiers are (currently) not routable –Initiator: ephemeral ID (hash of nonce) –Responder: hash of FQDN draft-ylitalo-multi6-wimp-00.txt

3 Basic operations Reverse hash chain H n = Hash(random) H n-1 = Hash(H n ) … H 0 = Hash(H 1 ) = anchor Secret splitting X xor pad = e(X) draft-ylitalo-multi6-wimp-00.txt INITIATOR RESPONDER INIT: mac(H0(I)) --------------------------> CC: temporary_H0(R) <------------------------- CCR: H0(I) --------------------------> CONF: H0(R) <-------------------------- REA: H1(I), mac(H2(I)), locators --------------------------> AC1: H1(R)_piece_1 <------------------------- ACn: H1(R)_piece_n <------------------------- ACR: H1(R), H2(I) -------------------------->

4 Major issues End-point & flow IDs –Flow-id not inline with draft-ietf-ipv6-flow-label-09.txt –End-point IDs should be routable (cf. SIP) –Hijacking attack; attacker establish state in victim so that when victim tries to send packets to server, he will actually send them to attacker –DoS attack; easy generation of a storm of INIT messages (statelessness helps) Adopt solution from other drafts, e.g. NOID? draft-ylitalo-multi6-wimp-00.txt

Download ppt "Weak Identifier Multihoming Protocol (WIMP) draft-ylitalo-multi6-wimp-00.txt J. Ylitalo, V. Torvinen, E. Nordmark Vesa Torvinen Ericsson Research Nomadiclab,"

Similar presentations

Security Issues In Mobile IP

Security Issues In Mobile IP
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.

ECE454/CS594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall 2011.
CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.

CIS 725 Key Exchange Protocols. Alice ( PB Bob (M, PR Alice (hash(M))) PB Alice Confidentiality, Integrity and Authenication PR Bob M, hash(M) M, PR Alice.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.
Web Security (SSL / TLS)

Web Security (SSL / TLS)
1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

1 Network Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
IEEE 802.11i IT443 Broadband Communications Philip MacCabe October 5, 2005

IEEE i IT443 Broadband Communications Philip MacCabe October 5, 2005
Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.

Slides by Kent Seamons and Tim van der Horst Last Updated: Nov 8, 2013.
CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),
December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.

December 2006Prof. Reuven Aviv, SSL1 Web Security with SSL Prof. Reuven Aviv Dept. of Computer Science Tel Hai Academic College.
IKEv2 extension: MOBIKE Faisal Memon Erik Weathers CS 259.

IKEv2 extension: MOBIKE Faisal Memon Erik Weathers CS 259.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
1/32 Internet Architecture Lukas Banach Tutors: Holger Karl Christian Dannewitz Monday 26.09.2005 C. Today I³SI³HIPHI³.

1/32 Internet Architecture Lukas Banach Tutors: Holger Karl Christian Dannewitz Monday C. Today I³SI³HIPHI³.
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
NISNet Winter School Finse 2008 1 Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology

NISNet Winter School Finse Internet & Web Security Case Study 2: Mobile IPv6 security Dieter Gollmann Hamburg University of Technology

Similar presentations

Ads by Google