Presentation is loading. Please wait.

Presentation is loading. Please wait.

The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006.

Published bySammy Fripp Modified over 9 years ago

Similar presentations

Presentation on theme: "The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006."— Presentation transcript:

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006

2 CT-KIP Primer A client-server protocol for initialization (and configuration) of cryptographic tokens with shared keys Intended for general use within computer and communications systems employing connected cryptographic tokens Objectives To provide a secure and interoperable method of initializing cryptographic tokens with secret keys To provide a solution that is easy to administer and scales well To provide a solution which does not require private-key capabilities in tokens, nor the existence of a public-key infrastructure

3 Current status Version 1.0 finalized in December 2005 Describes a 4-pass protocol for the initialization of cryptographic tokens with secret keys Includes a public-key variant as well as a shared-key variant

4 Principle of Operation (4-pass variant) CT-KIP server CT-KIP client Client Hello Server HelloClient NonceServer Finished

5 CT-KIP 1- and 2-pass New variants introduced in January draft To meet the needs of certain environments E.g. no communication path token  server, or high network latency Essentially key transport or key wrap Maintain the property that No other entity than the token and the server will have access to generated / distributed keys

6 CT-KIP 2-pass CT-KIP server CT-KIP client Client Hello Server Hello Client Nonce Server Finished

7 CT-KIP 2-pass New extension in ClientHello signals support for two-pass, and supported key transport/key wrapping schemes Payload could include a token public key Client includes nonce in ClientHello Will ensure Server is alive Server provides key wrapped (in symmetric key or token’s public key) in new extension in ServerFinished

8 CT-KIP 1-pass CT-KIP server CT-KIP client Client Hello Server Hello Client Nonce Server Finished

9 CT-KIP 1-pass Server MUST have a priori knowledge of token’s capabilities Server provides key wrapped in symmetric key or token’s public key in new extension in ServerFinished

10 Cryptographic properties Server authentication through MAC in ServerFinished if dedicated K_auth Otherwise MAC provides key confirmation With K_auth no key confirmation Server aliveness through MAC on client nonce Not present in 1-pass, however

11 Identified Issues Key confirmation Present in 4-pass version Shall it be required for 1-, 2-pass? Requires some more work for 1-pass Replay protection OK in 2- and 4-pass Method to use in 1-pass? Counter? Will require some additional capabilities in token, see mailing list discussion

12 Next Steps Decide on key confirmation, replay protection Resolve any other comments Produce new draft version Preferably within 4 – 5 weeks

Download ppt "The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006."

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Dynamic Symmetric Key Provisioning Protocol (DSKPP)
SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.

SSL/TLS Protocol Network Security Gene Itkis. Basic paradigmatic application: on-line purchase Client contacts Server (possibly for the first time) Spontaneity.
1 Kerberos Anita Jones November, 2006. 2 Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.

1 Kerberos Anita Jones November, Kerberos * : Objective Assumed environment Assumed environment –Open distributed environment –Wireless and Ethernetted.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
CT-KIP Magnus Nyström, RSA Security 23 May 2005. Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.

CT-KIP Magnus Nyström, RSA Security 23 May Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.
CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.
External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.
PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.

PKCS #15 v1.1 Magnus Nyström RSA Laboratories PKCS Workshop, 1999.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Secure Socket Layer.

Secure Socket Layer.
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.

Topic 7: Using cryptography in mobile computing. Cryptography basics: symmetric, public-key, hash function and digital signature Cryptography, describing.
Module 5: Configuring Access for Remote Clients and Networks.

Module 5: Configuring Access for Remote Clients and Networks.
Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.

Apr 2, 2002Mårten Trolin1 Previous lecture On the assignment Certificates and key management –Obtaining a certificate –Verifying a certificate –Certificate.
Internet Engineering Task Force Provisioning of Symmetric Keys Working Group www.oasis-open.org Hannes Tschofenig.

Internet Engineering Task Force Provisioning of Symmetric Keys Working Group Hannes Tschofenig.
Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.

Apr 22, 2003Mårten Trolin1 Agenda Course high-lights – Symmetric and asymmetric cryptography – Digital signatures and MACs – Certificates – Protocols Interactive.
More on AuthenticationCS-4513 D-term 20081 More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.

More on AuthenticationCS-4513 D-term More on Authentication CS-4513 Distributed Computing Systems (Slides include materials from Operating System.
1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Web Service Description KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Web Service Description KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

Similar presentations

Ads by Google