Presentation is loading. Please wait.

Presentation is loading. Please wait.

Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees –

Published byNoah Blair Modified over 10 years ago

Similar presentations

Presentation on theme: "Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees –"— Presentation transcript:

1 Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees – PFS? – Mutual authentication – Identity hiding for supplicant/end-user – No key re-use – Fast re-key – Fast handoff – Efficiency not an overarching concern: Protocol runs only 1/2^N-1 packets, on average – DOS resistance

2 Credentials flexibility Local security policy dictates types of credentials used by end-users Legacy authentication compatibility extremely important in market Examples: – username/password – Tokens (SecurID, etc) – X.509 certificates

3 Algorithms Algorithms must provide confidentiality and integrity of the authentication and key agreement. Public-key encryption/signature – RSA – ECC – DSA PFS support – D-H

4 Freshness Most cryptographic primitives require strong random material that is fresh. – Not a protocol issue, per se, but a design requirement nonetheless

5 Mutual Authentication Both sides of authentication/key agreement must be certain of identity of other party. Symmetric RSA/DSA schemes (public-keys on both sides) Asymmetric schemes – Legacy on end-user side – RSA/DSA on authenticator side

6 Identity hiding Important to hide end-user identity in some situations (public shared networks, for example). – DISTINCT from hiding MAC address IPSEC has gone down this road, and has much experience. Not as easy as it soundsactive attacks make it harder.

7 Fast rekey/fast handoff Ability to create fresh keying material without undergoing slow authentication path (requiring username/password again, for example). In mobile environments, ability to transition without re-doing initial authentication.

8 Efficiency CPU efficiency not a serious concern, since this protocol will be used relatively infrequently. On-the-wire efficiency may be important in low-bandwidth scenarios, but again protocol is not run that often, compared to MACsec.

9 DOS resistance Modern key-agreement protocols fertile ground for DOS attacks. Look to other schemes (IKE, for example) to provide guidance. No perfect anti-DOS schemes – Increase unpleasantnesss for attacker – Detect and throw away bogosity at the earliest, cheapest point in the protocol.

Download ppt "Authentication and Key Agreement – Flexibility in credentials – Modern, publically analysed/available cryptographic primitives – Freshness guarantees –"

Similar presentations

Technical Presentation AIAC 2010-2011 Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.

Technical Presentation AIAC Group 11. System Rationale System Architecture Secure Channel Establishment Username/Password Cartão Cidadão Digital.
Secure Mobile IP Communication

Secure Mobile IP Communication
1 CCSDS Security Architecture Key Management 13 th April 2005 Athens.

1 CCSDS Security Architecture Key Management 13 th April 2005 Athens.
CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukCryptographic Authentication1 Cryptographic Authentication Protocols CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
Digital Signatures and Hash Functions. Digital Signatures.

Digital Signatures and Hash Functions. Digital Signatures.
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.

IPsec: Internet Protocol Security Chong, Luon, Prins, Trotter.
CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:

CS470, A.SelcukReal-Time Communication Issues1 Real-Time Communication Security IPsec & SSL Issues CS 470 Introduction to Applied Cryptography Instructor:
Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas

Lesson Title: Introduction to Cryptography Dale R. Thompson Computer Science and Computer Engineering Dept. University of Arkansas
SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.

SMUCSE 5349/73491 Authentication Protocols. SMUCSE 5349/73492 The Premise How do we use perfect cryptographic mechanisms (signatures, public-key and symmetric.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.
CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine

CS 239: Advanced Security Spring 04 Security in Pervasive and Ubiquitous Environments Sam Irvine
W O R L D W I D E L E A D E R I N S E C U R I N G T H E I N T E R N E T IKE Tutorial.

W O R L D W I D E L E A D E R I N S E C U R I N G T H E I N T E R N E T IKE Tutorial.
Hybrid Signcryption with Outsider Security

Hybrid Signcryption with Outsider Security
Internet Protocol Security (IPSec)

Internet Protocol Security (IPSec)
Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.

Chapter 8.  Cryptography is the science of keeping information secure in terms of confidentiality and integrity.  Cryptography is also referred to as.
ASYMMETRIC CIPHERS.

ASYMMETRIC CIPHERS.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
OV 11 - 1 Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.

OV Copyright © 2011 Element K Content LLC. All rights reserved. System Security  Computer Security Basics  System Security Tools  Authentication.
Security Considerations for Wireless Sensor Networks Prabal Dutta (614) 975-3658 Security Considerations for Wireless Sensor Networks.

Security Considerations for Wireless Sensor Networks Prabal Dutta (614) Security Considerations for Wireless Sensor Networks.

Similar presentations

Ads by Google