Fast Re- authentication of Mobile Users Minor Thesis Qasim Al-Mamari.

Slides:

Advertisements

Similar presentations

Keiji Maekawa Graduate School of Informatics, Kyoto University Yasuo Okabe Academic Center for Computing and Media Studies, Kyoto University.

Advertisements

Zhongxing Ming Javier Ubillos Mingwei Xu Tsinghua University.

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.

MMOM: Efficient Mobile Multicast Support Based on the Mobility of Mobile Hosts YUNGOO HUH and CHEEHA KIM Presented by Kiran Kumar Bankupally.

Authentication Applications Kerberos And X.509. Kerberos Motivation –Secure against eavesdropping –Reliable – distributed architecture –Transparent –

Chapter 14 – Authentication Applications

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Unlicensed Mobile Access (UMA) Dasun Weerasinghe School of Engineering and Mathematical Sciences City University London.

Doc.: IEEE /095r0 Submission January 2003 Dan Harkins, Trapeze Networks.Slide 1 Fast Re-authentication Dan Harkins.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

IPv6 Keith Wichman. History Based on IPv4 Based on IPv4 Development initiated in 1994 Development initiated in 1994.

Auto Configuration and Mobility Options in IPv6 By: Hitu Malhotra and Sue Scheckermann.

Dynamic Tunnel Management Protocol for IPv4 Traversal of IPv6 Mobile Network Jaehoon Jeong Protocol Engineering Center, ETRI

Kerberos Assisted Authentication in Mobile Ad-hoc Networks Authors: Asad Amir Pirzada and Chris McDonald Sources: Proceedings of the 27th Australasian.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Chapter 14 From Cryptography and Network Security Fourth Edition written by William Stallings, and Lecture slides by Lawrie Brown, the Australian Defence.

Chapter 4 Authentication Applications. Objectives: authentication functions developed to support application-level authentication & digital signatures.

Mobile IP Security Dominic Maguire Research Essay Presentation Communications Infrastructure Module MSc Communications Software, WIT

Page # Advanced Telecommunications/Information Distribution Research Program (ATIRP) Authentication Scheme for Distributed, Ubiquitous, Real-Time Protocols.

Packet Leashes: A Defense against Wormhole Attacks in Wireless Networks Yih-Chun Hu (Carnegie Mellon University) Adrian Perrig (Carnegie Mellon University)

Cyber Security and Key Management Models Smart Grid Networks The Network System Key Management and Utilization Why Hardware Security Christopher Gorog,

© nCode 2000 Title of Presentation goes here - go to Master Slide to edit - Slide 1 Reliable Communication for Highly Mobile Agents ECE 7995: Term Paper.

A Study of Mobile IP Kunal Ganguly Wichita State University CS843 – Distributed Computing.

Distributed Systems CS Naming – Part II Lecture 6, Sep 26, 2011 Majd F. Sakr, Vinay Kolar, Mohammad Hammoud.

Secure Group Communications in Wireless Sensor Networks December 8, 2003 CS 526 Advance Internet and Web Systems Patrick D. Cook.

Internetworking Fundamentals (Lecture #2) Andres Rengifo Copyright 2008.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED SYSTEMS.

Wi-Fi the Standard and Security. What is Wi-Fi? Short for wireless fidelity. It is a wireless technology that uses radio frequency to transmit.

Chapter 3 Application Level Security in Wireless Network IWD2243 : Zuraidy Adnan : Sept 2012.

1 Wireless LAN Security Kim W. Tracy NEIU, University Computing

Mobile IP Traversal Of NAT Devices By, Vivek Nemarugommula.

Mobile IP, PMIP, FMC, and a little bit more

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

By: Alex Feldman.  A mobile station is connected to the network wirelessly through another device.  In case of WiFi (IEEE ) this would be an access.

I-D: draft-rahman-mipshop-mih-transport-01.txt Transport of Media Independent Handover Messages Over IP 67 th IETF Annual Meeting MIPSHOP Working Group.

Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)

Elin Sundby Boysen Lars Strand Norwegian Defence Research Establishment (FFI) Norwegian Computing Center (NR) University Graduate Center (UNIK) November.

Tanenbaum & Van Steen, Distributed Systems: Principles and Paradigms, 2e, (c) 2007 Prentice-Hall, Inc. All rights reserved DISTRIBUTED.

Security, Accounting, and Assurance Mahdi N. Bojnordi 2004

Cryptography and Network Security Chapter 14 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.

November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.

The Design and Implementation of a tutorial to illustrate the Kerberos protocol Presenter : Lindy Carter Supervisors : Peter Wentworth John Ebden.

Wireless security Wi–Fi (802.11) Security

2006/7/10IETF66 RADEXT WG1 Pre-authentication AAA Requirements Yoshihiro Ohba Alper Yegin

2/10/2016 Mobile Ad hoc Networks COE 549 Routing Protocols III Tarek Sheltami KFUPM CCSE COE

Key Management in AAA Russ Housley Incoming Security Area Director.

Integrating the Healthcare Enterprise Improving Clinical Care: Enterprise User Authentication For IT Infrastructure Robert Horn Agfa Healthcare.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

KERBEROS SYSTEM Kumar Madugula.

4.1 © 2004 Pearson Education, Inc. Exam Managing and Maintaining a Microsoft® Windows® Server 2003 Environment Lesson 12: Implementing Security.

Authentication Protocols Natalie DeKoker, Lindsay Haley, Jordan Lunda, Matty Ott.

IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: IETF Pre-authentication Activity Date Submitted: February 26, 2006.

1 SUBMITTED BY- PATEL KUMAR C.S.E(8 th - sem). SUBMITTED TO- Mr. DESHRAJ AHIRWAR.

1 IEEE MEDIA INDEPENDENT HANDOVER DCN: Title: EAP Pre-authentication Problem Statement in IETF HOKEY WG Date Submitted: September,

21-07-xxxx IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx Title: MIH security issues Date Submitted: July, 02, 2007 Presented at.

1 Example security systems n Kerberos n Secure shell.

CLASSe PROJECT: IMPROVING SSO IN THE CLOUD Alejandro Pérez Rafael Marín Gabriel López

Introduction to “Tap – Dance ”. Company Proprietary Presentation Topics  Introduction  Handover scenarios  Inter-Network Handover consequences  Common.

Survey on architecture of Mobile Web Services

IEEE MEDIA INDEPENDENT HANDOVER DCN:

Pre-authentication Problem Statement (draft-ohba-hokeyp-preauth-ps-00

Integration of and Third-Generation Wireless Data Networks

Cryptography and Network Security

Pre-authentication Overview

IEEE MEDIA INDEPENDENT HANDOVER DCN: xxxx

Authentication Applications

ERP extension for EAP Early-authentication Protocol (EEP)

Mobility Support in Wireless LAN

Presentation transcript:

Fast Re- authentication of Mobile Users Minor Thesis Qasim Al-Mamari

Agenda Introduction Related Work Protocol Specification Implementation Results Future Work Q & A

Introduction As a mobile user, the attributes of the device in use changes as the user traverse different networks or even sub-networks. The loss of an authenticated session means that the user needs to undergo the authentication process again to continue their effort. Performance and reliability of mobile networks is dependent on the capability of the access point providing the connectivity and on the movement of the mobile user where signals fade away when the user travels away from the access point

Related Work The current EAP implementation [RFC3748] does not support fast re-authentication of mobile nodes Other extensions such as EAP-TTLS PEAP pre-authentication has to be based on a concreted algorithm that defines the mobile nodes next point of association. Yoshihiro et al addresses these issues and provides a Keberized Handover Keying (KHK) mechanism based on Kerberos ticketing technology. The use of Kerberos introduces the issue of clock synchronization.

Protocol Specification X Z : [{Nx X}kprx] kpuz ; Z X: [{Nx Z} kprz] kpux. X Y : [{Nx Z}kprx] kpuy ; Z Y : [{Nx Z} kprz] kpuy. Notations: X: home access point. Y: neighbouring access point. Z: mobile user. Kpr* : indicates the private key of participant * Kpu*: indicates the public key of participant *. Nx: indicates the nonce produced by participant x.

Results Strand Spaces proofs protocols authenticity and secrecy. FDR proofs protocol does not have design flaws. Much faster than existing protocols because the mobile node is not required to produce a nonce. The mobile node does not need to authenticate the current access point.

Future Work Use of less power consuming cryptography algorithms such as AES will be invistigated.

Q & A Questions, Comments, Concerns!