1 IETF Response To Pervasive Monitoring November 7 th 2013.

Slides:



Advertisements
Similar presentations
Russ Housley IETF Chair LACNOG 4 October 2011 Successful Internet Protocol Development.
Advertisements

Security Issues In Mobile IP
ICANN Strategic planning process Draft key priorities for the July 2006 – June 2009 Plan for community comment November 2005.
MPTCP – MULTIPATH TCP WG meeting #7 27 th July 2011 Quebec, IETF-81 Yoshifumi Nishida Philip Eardley.
© 2006 NEC Corporation - Confidential age 1 November SPEERMINT Security Threats and Suggested Countermeasures draft-ietf-speermint-voipthreats-01.
M2M Architecture Inge Grønbæk, Telenor R&I ETSI Workshop on RFID and The Internet Of Things, 3rd and 4th December 2007.
Fred P. Baker CCIE, CCIP(security), CCSA, MCSE+I, MCSE(2000)
PAWS BOF Protocol to Access White Space DB IETF 80 Gabor Bajko, Brian Rosen.
Why Is DDoS Hard to Solve? 1.A simple form of attack 2.Designed to prey on the Internet’s strengths 3.Easy availability of attack machines 4.Attack can.
Firewalls Steven M. Bellovin Matsuzaki ‘maz’ Yoshinobu 1.
ARP Cache Poisoning How the outdated Address Resolution Protocol can be easily abused to carry out a Man In The Middle attack across an entire network.
 IPv6 Has built in security via IPsec (Internet Protocol Security). ◦ IPsec Operates at OSI layer 3 or internet layer of the Internet Protocol Suite.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Network Security Introduction Security technologies protect mission-critical networks from corruption and intrusion. Network security enables new business.
CMSC 414 Computer and Network Security Lecture 26 Jonathan Katz.
 Natural consequence of the way Internet is organized o Best effort service means routers don’t do much processing per packet and store no state – they.
Network Isolation Using Group Policy and IPSec Paula Kiernan Senior Consultant Ward Solutions.
The State of Security Management By Jim Reavis January 2003.
Chapter 12 Network Security.
WiFi Security. What is WiFi ? Originally, Wi-Fi was a marketing term. The Wi-Fi certified logo means that the product has passed interoperability tests.
Chapter 1: Introduction Components of computer security Threats Policies and mechanisms The role of trust Assurance Operational Issues Human Issues Computer.
CMSC 414 Computer (and Network) Security Lecture 2 Jonathan Katz.
Secure communications Week 10 – Lecture 2. To summarise yesterday Security is a system issue Technology and security specialists are part of the system.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Circuit & Application Level Gateways CS-431 Dick Steflik.
Welcome to CS 395/495 Measurement and Analysis of Online Social Networks.
FIREWALL TECHNOLOGIES Tahani al jehani. Firewall benefits  A firewall functions as a choke point – all traffic in and out must pass through this single.
1 IETF and Internet Challenges and Opportunities Jari Arkko Expert, Ericsson Research Chair, IETF.
Lecture 22 Page 1 Advanced Network Security Other Types of DDoS Attacks Advanced Network Security Peter Reiher August, 2014.
Mixed-level English classrooms What my paper is about: Basically my paper is about confirming with my research that the use of technology in the classroom.
Lecture 7 Page 1 CS 236 Online Password Management Limit login attempts Encrypt your passwords Protecting the password file Forgotten passwords Generating.
Who am I? Mats Ohlin Swedish Defence Materiel Administration (FMV) IT Security area –International Standardisation: ISO/IEC JTC 1/SC 27/WG 3 (Security.
What is FORENSICS? Why do we need Network Forensics?
Lesson 20-Wireless Security. Overview Introduction to wireless networks. Understanding current wireless technology. Understanding wireless security issues.
Foundations of Network and Computer Security J J ohn Black CSCI 6268/TLEN 5550, Spring 2015.
1 C-DAC/Kolkata C-DAC All Rights Reserved Computer Security.
Discussion on IEEE metrics guidelines Document Number: IEEE R0 Date Submitted: Source: Antonio BovoVoice:
Done By : Ahmad Al-Asmar Wireless LAN Security Risks and Solutions.
1 Eliot Lear. 2 2 SCTP, DCP? DNSSEC, DANE, new RR types? Thought exercise: MPLS-ng.
1 AutoconfBOF2.PPT / Aug / Singh,Perkins,Clausen IETF Not Confidential Ad hoc network autoconfiguration: definition and problem statement (draft-singh-autoconf-adp-00.txt)
Thoughts on Firewalls: Topologies, Application Impact, Network Management, Tech Support and more Deke Kassabian, April 2007.
1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.
Internet Architecture Board; Report Back IAB Stack Evolution Programme: interaction with NFV Doc: TBA Source: Bob Briscoe, BT Agenda item: Liaisons For:
Russ Housley IETF Chair Internet2 Spring Member Meeting 28 April 2009 Successful Protocol Development.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
IETF Adrian Farrel & Scott Bradner. Apologies to those who have seen this before It cannot be said often enough It is fundamental to how the IETF.
PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG
NEWTRK WG Paris, August 5, Agenda 0 – agenda bashing – 10m 1 - introduction & status - chair- 10m discussion on the issues with ISD proposal.
Peering: A Minimalist Approach Rohan Mahy IETF 66 — Speermint WG.
Lecture 20 Page 1 Advanced Network Security Basic Approaches to DDoS Defense Advanced Network Security Peter Reiher August, 2014.
Protocol Privacy Considerations Russ Housley IETF Chair 8 December 2010.
ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.
Chapter 14 Network Encryption
1 draft-sidr-bgpsec-protocol-05 Open Issues. 2 Overview I received many helpful reviews: Thanks Rob, Sandy, Sean, Randy, and Wes Most issues are minor.
IETF sec - 1 Security Work in the IETF Scott Bradner Harvard University
SubmissionJoe Kwak, InterDigital1 Simplified 11k Security Joe Kwak InterDigital Communications Corporation doc: IEEE /552r0May 2004.
SECURITY REQUIREMENTS AND MANAGEMENT: Presentation By: Guillermo Dijk.
ADVANCED OG Prep Time, Content Generation, Framing, Meching, Role Division Training Session
1 cellhost-ipv6-52.ppt/ December 13, 2001 / John A. Loughney Minimum IPv6 Functionality for a Cellular Host John Loughney, Pertti Suomela, Juha Wiljakka,
DICE BOF, IETF-87 Berlin DTLS In Constrained Environments (DICE) BOF Wed 15:10-16:10, Potsdam 3 BOF Chairs: Zach Shelby, Carsten Bormann Responsible AD:
The Internet Engineering Task Force Security Area Kathleen Moriarty Stephen Farrell Security Area Directors.
Unit 2 Personal Cyber Security and Social Engineering Part 2.
Firewalls. Overview of Firewalls As the name implies, a firewall acts to provide secured access between two networks A firewall may be implemented as.
J.W. Atwood PIM WG 2010/03/23 The KARP Working Group J.W. Atwood PIM WG 2010/03/23
Consultation: Your Say ….
Web Privacy Chapter 6 – pp 125 – /12/9 Y K Choi.
Cryptography and Network Security
PAA-2-EP protocol PANA wg - IETF 58 Minneapolis
SMART (Stopping Malware and Researching Threats) Side Meeting
Presentation transcript:

1 IETF Response To Pervasive Monitoring November 7 th 2013

2 It's an attack The actions of NSA and their partners (nation-state or corporate, coerced or not) are a multi-faceted form of attack, or are indistinguishable from that Not unique, others are likely doing the same... or will The scale arguably makes this an example of a new pervasive monitoring threat model that is neither purely passive nor a classic Man-in-the-Middle and that we have not normally considered in protocol design A purely technical response will not solve the problem but we should treat an attack as we usually do and try mitigate it Will we have rough consensus on the above? – Be good to know, personally I think we will.

3 There are things we can do There are technical things we can do that might significantly affect the cost of pervasive monitoring and that can improve security and privacy generally Some of those are short-term point changes (or BCPs), others may take time to be agreed, mature and get deployed If we're serious about tackling the problem, some changes may affect IETF processes, long-held positions, deployments or business models – Mantatory-to-Implement (MTI) vs. more-than-MTI – Confidentiality vs packet inspection – Anonymity/pseudonymity vs authent/law enforcement/advertising

4 So let's do them There is a time element to some of this – it could be that we can get some changes made or started more easily while the news is fresh Equally, being seen not to act in this situation could inflict more damage We should do and be seen to be doing as much as we can to counter this attack, and now is the time – publicity counts and the attackers haven't just crossed a line, they've moved it NOTE: we in all the above means the IETF and each of us outside the IETF

5 Trusted Computing Base Dodgy Computing Base Crypto-implementation-worries++ – Some but nowhere near all paranoia justified: RNGs, side- channels, … – Affects IETF protocol design, implementation & deployment – Some significantly: DNSSEC, RPKI, others... – Turns assumptions about crypto APIs on their head a bit Idea: a set of IETFers and others help organise & fund a team of developers to make a high-assurance open-source h/w and s/w crypto engine platform – Only limited knowledge and funds needed to make small numbers of devices from COTS components – Meet the crypto requirements of a set of interesting IETF protocols and applications that use those – Think PKCS#11 + key-handling-ceremonies Not an IETF activity, but... – IETF & others generating use-cases and requirements – Core development team not an IETF WG nor DT – High risk, (high-assurance open-h/w?) but pretty cool if it works Interested in helping with use-cases, reqs? – Thursday in Plaza B, bring your own lunch; A bit more info: Dramatis Personae for ACT-I: get started Bart Preneel Jari Arkko Leif Johansson Linus Nordberg Lucy Lynch Lynn StAmour Olaf Kolkman Randy Bush Russ Housley Sean Turner Stephen Farrell Steve Bellovin Tero Kivinen

6 IETF Actions (easy) First, and most important: Discuss the situation and what to do openly – perpass list mainly for triage of issues, not intended as a WG – Discussion at various IETF-88 sessions: Appsarea, HTTPbis, Perpass BoF,... – IAB workshop on Internet hardening just before IETF-89 (London) Call for participation/position-papers in a couple of weeks With some help from EU FP7 STREWS project Maybe spin up IRTF RG around then? Second, work the problem, some obvious bits: – Threat analyses, draft-trammell-perpass-ppa – Deployable PFS ciphersuite BCPs for TLS and for foo-over-TLS (foo=smtp, imap, xmpp, …) – Encourage operational changes, e.g. more local IXPs, more direct fibre... – Good problem statement text from various folks

7 IETF Actions (trickier) For a couple, a start has been made: – Privacy BCP, draft-cooper-ietf-privacy-requirements – More-than-MTI – get closer to secure by default discussed, but no clear outcome yet Some relevant issues from hard very hard: – The impact of turning on TLS everywhere for the web And/or tcpcrypt for TCP. And/or IPsec. – The practicality of end-to-end security for, e.g. , IM, VoIP – Could WebRTC and IoT make it all worse? Or better? – Fingerprinting and traffic analysis from RF->Application layer IP addresses as personally identifying information? Location traces? – Corporate cloudy privacy-busting will be affected if we succeed

8 Conclusions It is an attack. It is a new scale of attack The right response is for the IETF is to develop technical mitigations, as before and as usual – Goal: make it significantly more expensive for a bad actor There are things we can and should do – Do them! And openly, starting now. For things where we're not sure: work the problem – What are you doing about this?

9 Backup Stuff

10 References – Perpass list info: – List of relevant sessions at IETF-88: – Rough list of useful material from perpass list: – Technical overview of attacks Overview from perpass BoF session (next session) See meeting materials: pass – The above are more lists of lists and not direct references, but having you doing cut'n'paste is easier than me typing:-)

11 Significantly More Expensive – Significantly more expensive means something like at least 2^80+ more work compared to simply recording plaintext, which is quite doable with current crypto protocols and deployments in many cases That is significant even for these bad actors Yes, 2^128 is the target, but there may be corner cases that take a while to go away – That is also likely to force them towards more active attacks, which are riskier for the attacker and detectable or preventable when we have good key management E.g. using Certificate Transparency (RFC6962) or some other big DB of public keys approach

12 More-than-MTI MTI has gotten us some very good things but still too many RFC 6919 cases and/or we mess up security because we don't really mean it in v1.0 of a protocol – Interop events that just don't even try the secure version More-than-MTI aims to get security turned-on/used by default – Likely less than Mandatory-To-Use – Perhaps: MUST offer/use security by default. MAY allow a way to turn off security via local configuration. – But more work on that is definitely needed Arguments: – For: More-than-MTI could get usable security in v1.0 – Against: That's policy and just won't work for enough protocols

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.