Presentation is loading. Please wait.

Presentation is loading. Please wait.

Emu wg, IETF 70 Steve Hanna, shanna@juniper.net EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Published byBrook Hood Modified over 8 years ago

Similar presentations

Presentation on theme: "Emu wg, IETF 70 Steve Hanna, shanna@juniper.net EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,"— Presentation transcript:

1 emu wg, IETF 70 Steve Hanna, shanna@juniper.net
EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

2 EAP-TTLS for IETF EMU WG
TLS-based tunneled EAP method Phase 1: like EAP-TLS Phase 2: AVP exchange Supports Tunneled authentication via many methods Multiple forms of authentication Endpoint integrity checks Other extensions Documented in Internet-Drafts since 2001 Widely implemented and deployed (eduroam, etc.) Cited by SDOs like WiMAX & 3GPP Heading for RFC status December 4, 2007 EAP-TTLS for IETF EMU WG

3 EAP-TTLS for IETF EMU WG
EAP-TTLS AVPs Diameter AVP format 32-bit type, 24-bit length M bit for Mandatory to support V bit and Vendor-ID for vendor-specific AVPs RADIUS and Diameter attributes carry over Easy to integrate with RADIUS servers Can translate AVPs into RADIUS packets Easy to tunnel existing EAP methods Easy to tunnel non-EAP authentication Easy to add new capabilities December 4, 2007 EAP-TTLS for IETF EMU WG

4 Changes in eap-ttls-v0-02
Added IANA Considerations Updated references Minor clarifications in response to reviews December 4, 2007 EAP-TTLS for IETF EMU WG

5 EAP-TTLS for IETF EMU WG
eap-ttls-agility-00 Optional AVPs for use with EAP-TTLS Provide Cryptographic algorithm agility Cryptographic binding of inner and outer auth Intermediate key confirmation Protected results December 4, 2007 EAP-TTLS for IETF EMU WG

6 Cryptographic Algorithm Agility
EAP-TTLSv0 already fairly agile Uses TLS ciphersuite negotiation But MSK and EMSK computation algorithm always uses TLS 1.1 PRF (based on SHA-1 and MD5) Solution New MSK-Computation AVP to negotiate alternative MSK and EMSK computation algorithms New MSK and EMSK computation algorithm (“Mixed”) Uses TLS PRF (negotiable in TLS 1.2) Based on new Composite Key, which mixes in MSKs exported by inner authentications December 4, 2007 EAP-TTLS for IETF EMU WG

7 Cryptographic Binding of Inner and Outer Authentications
Protect against MITM attacks like [Asokan] Mixed MSK computation gives some protection But only after EAP authentication completed, so... Key-Confirmation-Option AVP Negotiates use of Key-Confirmation AVP Key-Confirmation AVP Server MAY send any time, MUST send at end Server sends POP for Composite Key Client responds with similar POP December 4, 2007 EAP-TTLS for IETF EMU WG

8 EAP-TTLS for IETF EMU WG
Secure Completion Ensure secure completion of handshake Detect truncation attacks Detect forged EAP-Success or EAP-Failure Secure-Completion-Option AVP Negotiates use of Secure Completion TTLS-Success and TTLS-Failure AVPs Final exchange WITHIN tunnel December 4, 2007 EAP-TTLS for IETF EMU WG

9 Evaluation Against Requirements
Transport of encrypted password for support of legacy password databases: YES 2. Mutual authentication (specifically authentication of the server): YES 3. Resistance to offline dictionary attacks, man-in-the-middle attacks: YES 4. Compliance with RFC 3748, RFC 4017 and EAP keying (including EMSK and MSK generation): YES 5. Peer identity confidentiality: YES December 4, 2007 EAP-TTLS for IETF EMU WG

10 Evaluation Against Requirements
6. Crypto agility and ciphersuite negotiation: YES w TLS 1.2 7. Session resumption: YES 8. Fragmentation and reassembly: YES 9. Cryptographic binding: YES 10. Password/PIN change: YES when authentication method supports December 4, 2007 EAP-TTLS for IETF EMU WG

11 Evaluation Against Requirements
11. Transport Channel binding data: Can support with new AVPs 12. Protected result indication: YES 13. Support for certificate validation protocols: YES w TLS CertStatus extn 14. Extension mechanism: YES December 4, 2007 EAP-TTLS for IETF EMU WG

12 EAP-TTLS for IETF EMU WG
Summary EAP-TTLS Well-established EAP method Specified in Internet-Drafts since 2001 Widely implemented Used by other standards bodies No known substantial IPR problems Meets all stated requirements Easy to integrate with RADIUS servers Offers many other features Tunneled authentication via many methods Multiple forms of authentication Endpoint integrity checks (for NEA) December 4, 2007 EAP-TTLS for IETF EMU WG

Download ppt "Emu wg, IETF 70 Steve Hanna, shanna@juniper.net EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,"

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P1619.3 April 11, 2007 Andrea Doherty.

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.
PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.

PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.
Version 1 of EAP-TTLS draft-ietf-pppext-eap-ttls-05.txt Paul Funk Funk Software.

Version 1 of EAP-TTLS draft-ietf-pppext-eap-ttls-05.txt Paul Funk Funk Software.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.
TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.

TCG Confidential Copyright© 2005 Trusted Computing Group - Other names and brands are properties of their respective owners. Slide #1 TNC EAP IETF EAP.
無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – 802.11b  Security Mechanisms in 802.11b  Security Problems in 802.11b  Solutions for 802.11b.

無線區域網路安全 Wireless LAN Security. 2 Outline  Wireless LAN – b  Security Mechanisms in b  Security Problems in b  Solutions for b.
EAP-TTLS Status draft-funk-eap-ttls-v0-00.txt draft-funk-eap-ttls-v1-00.txt draft-funk-tls-inner-application-extension-01.txt Paul Funk Funk Software.

EAP-TTLS Status draft-funk-eap-ttls-v0-00.txt draft-funk-eap-ttls-v1-00.txt draft-funk-tls-inner-application-extension-01.txt Paul Funk Funk Software.
1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,

1 © NOKIA MitM.PPT/ 6/2/2015 / Kaisa Nyberg (NRC/MNW), N.Asokan (NRC/COM) The Insecurity of Tunnelled Authentication Protocols N. ASOKAN, VALTTERI NIEMI,
Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP 802.3802.5802.11 802.1x EAP API.

Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP x EAP API.
CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.
IEEE 802.11 Wireless Local Area Networks (WLAN’s).

IEEE Wireless Local Area Networks (WLAN’s).
WLAN Security:PEAP Sunanda Kandimalla. Intoduction The primary goals of any security setup for WLANs should include: 1. Access control and mutual authentication,

WLAN Security:PEAP Sunanda Kandimalla. Intoduction The primary goals of any security setup for WLANs should include: 1. Access control and mutual authentication,
Chapter 8 Web Security.

Chapter 8 Web Security.
July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16, 2003 1300 - 1500.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.
NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.

NEA Working Group IETF meeting Nov 17, 2011 IETF 82 - NEA Meeting1.

Similar presentations

Ads by Google