Presentation is loading. Please wait.

Presentation is loading. Please wait.

Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010

Published byAgnes Goodwin Modified over 8 years ago

Similar presentations

Presentation on theme: "Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010"— Presentation transcript:

1 Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010 rgm@labs.htt-consult.com

2 Items to Discuss Scope of Standard Editors Order of work Changes to 5201 Crypto Agility Cipher Suites LSI Space Diet HIP exchange

3 Scope of Standard Defined by RFCs  4423 - Host Identity Protocol (HIP) Architecture  5201 - Host Identity Protocol  5202 - Using ESP Transport Format with HIP  5203 - HIP Registration Extension  5204 - HIP Rendezvous Extension  5205 - HIP DNS Extensions  5206 - End-Host Mobility and Multihoming with HIP  4843 - IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers

4 Scope of Standard Document Editors  4423 – Robert Moskowitz  5201 – Tobias Heer, Robert Moskowitz  5202 – Jan Melen  5203 – Julien Laganier  5204 – Julien Laganier  5205 – Julien Laganier  5206 – Tom Henderson  4843 – Julien Laganier

5 Order of Work HIP core  Revise or update 4423, 5201-5205, 4823  Mobility portion of 5206  Certificates  Goal to have solid documents with most in workgroup last call at IETF 78 HIP part 2  Multihoming portion of 5206  NAT traversal  HIP proxies  Diet HIP exchange

6 Changes to 5201 Crypto Agility  Everything is negotiable  Cipher suites LSI space

7 Crypto Agility Originally HIP was envisioned as 'Simple'  Crypto events have outstripped that World View HIP crypto components  Host Identity  HIT generator  Puzzle mechanism  Master Key agreement  Key Derivation Function  Payload Encryption  Payload Authentication

8 Cipher Suites Desire to have a minimum set Need group's input Do we drop SHA-1 now? To what extend to we include SHA-384 & SHA-512? Which RSA/DSA key sizes do we support? Which ECC curves and sizes?  draft-mcgrew-fundamental-ecc-02.txt for guidance Which AES transforms?

9 LSI Space LSI space size  2^24 or 2^16?  127.n.x.x Old work on IKEv1 NAT traversal discovered challenges  RFC 1918 probes Problems with mobility

10 Diet HIP Exchange For highly constrained systems  e.g. IEEE 802.15.4 and 802.15.6 Minimum crypto components  AES CCM or similar mode of operation Includes CMAC  ECC, but not ECDH What to replace hashing?  HITs only need collision avoidance  CMAC for Puzzle?  CMAC for KDF requires uniformly distributed key Key generated by I, encrypted with R's EC PK?  No PFS, how to prove input from R?

11 Questions?

12

13 Crypto Agility Host Identity  Only Public key defined  RSA & DSA  ECC planned Only patent-free HIT generator  Only Hash functions defined  SHA-1  SHA-256 [, SHA-384, SHA-512]  NIST hash winner {SHA-3?}  'Simple' compressor that only offers collision avoidance

14 Crypto Agility Puzzle mechanism  Uses SHA-1 for puzzle  Will use SHA-256, etc next.  Can we develop a non-Hash puzzle e.g. CMAC based? Master Key agreement  DH Key Agreement  Will add EC DH Key Agreement  Light weight alternative to DH needed Sacrifice PFS Simple PK encrypt of Random secret?

15 Crypto Agility Key Derivation Function  Switch to draft-krawczyk-hkdf-01.txt  Per draft-irtf-cfrg-kdf-uses-00.txt Can only use CMAC with a uniformly distributed key Payload Encryption  Negotiated via HIP_TRANSFORM Deprecate MD5 transforms and SHA-1? Minimize new transforms Payload Authentication  If HI PK, the just PK signed

Download ppt "Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010"

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Doc.: IEEE 802.11-09/1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: 2009-09-15 Authors:

Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Doc.: IEEE 802.15-10-0412-06-wng0 Submission June 2010 Robert Moskowitz (ICSAlabs/VzB)Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal.

Doc.: IEEE wng0 Submission June 2010 Robert Moskowitz (ICSAlabs/VzB)Slide 1 Project: IEEE P Working Group for Wireless Personal.
GOPAS TechEd 2012 PKI Design Ing. Ondřej Ševeček | GOPAS a.s. |

GOPAS TechEd 2012 PKI Design Ing. Ondřej Ševeček | GOPAS a.s. |
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Lecture 6: Web security: SSL

Lecture 6: Web security: SSL
Transport Layer Security (TLS) Bill Burr November 2, 2001.

Transport Layer Security (TLS) Bill Burr November 2, 2001.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.

Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Doc.: IEEE privecsg-14-0026-01-Rnd-Modr-MAC-Addr Submission Jan 2015 Robert Moskowitz, HTT Consulting Slide 1 Project: IEEE 802 EC Privacy Recommendation.

Doc.: IEEE privecsg Rnd-Modr-MAC-Addr Submission Jan 2015 Robert Moskowitz, HTT Consulting Slide 1 Project: IEEE 802 EC Privacy Recommendation.
By Rod Lykins.  Background  Benefits  Security Advantages ◦ Address Space ◦ IPSec  Remaining Security Issues  Conclusion.

By Rod Lykins.  Background  Benefits  Security Advantages ◦ Address Space ◦ IPSec  Remaining Security Issues  Conclusion.
Cryptography and Network Security Chapter 12 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Chapter 12 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.

Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.

Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
HIP Working Group IETF 64 Gonzalo Camarillo David Ward.

HIP Working Group IETF 64 Gonzalo Camarillo David Ward.
SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.

SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.
Lecture 2: Message Authentication Anish Arora CSE5473 Introduction to Network Security.

Lecture 2: Message Authentication Anish Arora CSE5473 Introduction to Network Security.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

Similar presentations

Ads by Google