Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Slides:

Advertisements

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.

Advertisements

Doc.: IEEE /147March 2000 TGe SecuritySlide 1 The Status of TGe S Draft Text Jesse Walker Intel Corporation (503)

XML Encryption and Derived Keys: Suggestion For a Minor Addition Magnus Nyström RSA.

The Cryptographic Token Key Initialization Protocol (CT-KIP) OTPS Workshop February 2006.

CT-KIP Magnus Nyström, RSA Security 23 May Overview A client-server protocol for initialization (and configuration) of cryptographic tokens —Intended.

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

Copyright © 2003 Colin Perkins SDP Specification Update Colin Perkins

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

Cryptography and Network Security

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.

CSE 461 Section. “Transport Layer Security” protocol Standard protocol for encrypting Internet traffic Previously known as SSL (Secure Sockets Layer),

Internet Engineering Task Force Provisioning of Symmetric Keys Working Group Hannes Tschofenig.

CSCE 790: Computer Network Security Chin-Tser Huang University of South Carolina.

Chapter 8 Web Security.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Web Service Description KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.

The Dynamic Symmetric Key Provisioning Protocol (DSKPP)

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

SSL / TLS in ITDS Arun Vishwanathan 23 rd Dec 2003.

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Web Services Description Language CS409 Application Services Even Semester 2007.

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.

Yang Shi, Chris Elliott, Yong Zhang IETF 73 rd 18 Nov 2008, Minneapolis CAPWAP WG MIB Drafts Report.

Network Security Essentials Chapter 5

Cryptography and Network Security (CS435) Part Fourteen (Web Security)

Cryptography and Network Security (SSL)

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.

DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.

DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

IETF KeyProv work group: Provisioning of Symmetric Keys.

1 NIST Key State Models SP Part 1SP (Draft)

Guidelines for Cryptographic Algorithm Agility Russ Housley IETF 89 - SAAG Session.

March 2006IETF 65 - Dallas1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Dave Mitton, RSA Security for Magnus Nyström IETF SAAG.

EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

Web Security Web now widely used by business, government, individuals but Internet & Web are vulnerable have a variety of threats – integrity – confidentiality.

Magnus Westerlund 1 The RTSP Core specification draft-ietf-mmusic-rfc2326bis-06.txt Magnus Westerlund Aravind Narasimhan Rob Lanphier Anup Rao Henning.

Network and Internet Security Prepared by Dr. Lamiaa Elshenawy

Encryption protocols Monil Adhikari. What is SSL / TLS? Transport Layer Security protocol, ver 1.0 De facto standard for Internet security “The primary.

Softwire Security Requirement Update draft-ietf-softwire-security-requirements-02.txt IETF Meeting, Prague March 19, 2007 Shu Yamamoto Carl Williams Florent.

Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.

Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.

1 Chapter 7 WEB Security. 2 Outline Web Security Considerations Secure Socket Layer (SSL) and Transport Layer Security (TLS) Secure Electronic Transaction.

RFC 4068bis draft-ietf-mipshop-fmipv6-rfc4068bis-01.txt Rajeev Koodli.

KeyProv PSKC Specification Philip Hoyer Mingliang Pei Salah Machani 74 nd IETF meeting, San Francisco Nov

Keyprov PSKC spec Philip Hoyer 71-st IETF, Philadelphia.

Portable Symmetric Key Container (PSKC) Mingliang Pei Philip Hoyer Dec. 3, th IETF, Vancouver.

Keyprov PSKC spec Philip Hoyer 71-st IETF, Philadelphia.

S/MIME Working Group Status Russ Housley November 2002 PLEASE SIGN THE BLUE SHEET.

SPPP Transport Session Peering Provisioning Protocol draft-ietf-drinks-sppp-over-soap-04.

SCVP-28 Tim Polk November 8, Current Status Draft -27 was submitted in June ‘06 –AD requested a revised ID 8/11 –No related discussion on list –Editors.

Lecture 6 (Chapter 16,17,18) Network and Internet Security Prepared by Dr. Lamiaa M. Elshenawy 1.

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

7/24/2007IETF69 PANA WG1 PANA Issues and Resolutions draft-ietf-pana-pana-17.txt draft-ietf-pana-framework-09.txt Yoshihiro Ohba Alper Yegin.

KeyProv PSKC Specification Mingliang Pei Authors: P. Hoyer, M. Pei and S. Machani 73 nd IETF meeting, Minneapolis, Nov

IETF Provisioning of Symmetric Keys (keyprov) WG Update WG Chairs: Phillip Hallam-Baker Hannes Tschofenig Presentation by Mingliang Pei 05/05/2008.

EAP Applicability IETF-86 Joe Salowey. Open Issues Open Issues with Retransmission and re- authentication Remove text about lack of differentiation in.

IETF Provisioning of Symmetric Keys (keyprov) WG Update

Originally by Yu Yang and Lilly Wang Modified by T. A. Yang

CSE 4095 Transport Layer Security TLS

draft-ipdvb-sec-01.txt ULE Security Requirements

draft-ietf-dtn-bpsec-06

Presentation transcript:

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Andrea Doherty Mingliang Pei Salah Machani Magnus Nyström IETF 74 San Francisco, USA 24 March 2009

Document Status Version -07 submitted February 9th Made the document more readable Explained how protocol entities interact with the outside world Reduced the number of options for client authentication Modified conformance requirements to recommend all three key wrapping mechanisms (kw-aes128 w/ and w/out padding, aes-128-cbc)

Readability and Implement-ability Described how the DSKPP model interacts with application Described protocol entities in language geared for application developers: When and why a message is used Inputs – Processing - Outputs Eliminated forward references, e.g., MAC Calculations Key Protection Methods Moved Usage Scenarios to an appendix Simplified description of authentication code format

Interoperability Previously, developers could implement client authentication using any of at least 25 combinations of the following options: Authentication Code (one-time secret value, delivered to the user out-of-band before DSKPP starts) Passphrase-Based Key Wrap (another one-time secret value, delivered to user out-of-band before DSKPP starts) Web-based authentication (authenticate user with a web mechanism, then use TriggerNonce as one-time secret) Client certificate/key pair, used with TLS client authN Client certificate/key pair, used for DSKPP Key Transport Pre-existing symmetric key

Interoperability (cont’d) Improved interoperability by reducing the number of allowable options for client authentication Eliminated client authentication options that relied on client cert/key pair used with TLS client auth For two-pass, Security Considerations still recommends running protocol over transport channel that can provide confidentiality Combined authentication code and PBKW since both use a one-time secret value Replaced trigger nonce in <KeyProvTrigger> with authentication data (which is derived from authentication code)

Key Wrap Protection Method Do not limit developer to one algorithm. If algorithm is deprecated later, want developers to have alternative option(s) rather than waiting for the RFC to be revised The following algorithms are recommended: kw-aes128 without padding (xmlenc#kw-aes128) kw-aes128 with padding (draft-housley-aes-key-wrap-with-pad-01) AES-CBC-128 (FIPS197-AES)

New Comments Received Add “Principal syntax is XML and it is layered on a transport mechanism such as HTTP” to Section 3.1. Add text to Basic DSKPP Exchange describing beginning, middle, end of protocol exchange; as well as what an attacker can/cannot do Remove <TokenPlatformInfoType> and <PlatformType>; these entities can be handled by <ClientInfoType> Editorial (clean up Figure 3, remove “NOTES” and forward references, fix hanging indents) Terminology alignment with PSKC

Next Steps Submit -08 draft Update DSKPP based on comments received Finalize terminology alignment with PSKC