November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.

Slides:

Advertisements

Similar presentations

1 IETF KEYPROV WG Protocol Basis and Characteristics IEEE P April 11, 2007 Andrea Doherty.

Advertisements

CT-KIP Magnus Nyström, RSA Security OTPS Workshop, October 2005.

External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt November, 2004.

PEAP & EAP-TTLS 1.EAP-TLS Drawbacks 2.PEAP 3.EAP-TTLS 4.EAP-TTLS – Full Example 5.Security Issues 6.PEAP vs. EAP-TTLS 7.Other EAP methods 8.Summary.

Mutual OATH HOTP Variants 65th IETF - Dallas, TX March 2006.

Unifying the conceptual levels of network security through use of patterns Ph.D Dissertation Proposal Candidate: Ajoy Kumar, Advisor: Dr Eduardo B. Fernandez.

BASIC CRYPTOGRAPHY CONCEPT. Secure Socket Layer (SSL)  SSL was first used by Netscape.  To ensure security of data sent through HTTP, LDAP or POP3.

Overview of proposed EAP methods, credential types, and uses Pasi Eronen IETF64 EMU BoF November 10 th, 2005.

802.1x EAP Authentication Protocols

Protected Extensible Authentication Protocol

Wireless LAN Security Framework Backend AAA Infrastructure RADIUS, TACACS+, LDAP, Kerberos TLSLEAPTTLSPEAPMD5 VPN EAP PPP x EAP API.

Ariel Eizenberg PPP Security Features Ariel Eizenberg

WLAN Security:PEAP Sunanda Kandimalla. Intoduction The primary goals of any security setup for WLANs should include: 1. Access control and mutual authentication,

Master Thesis Proposal By Nirmala Bulusu Advisor – Dr. Edward Chow Implementation of Protected Extensible Protocol (PEAP) – An IEEE 802.1x wireless LAN.

Session Policy Framework using EAP draft-mccann-session-policy-framework-using-eap-00.doc IETF 76 – Hiroshima Stephen McCann, Mike Montemurro.

July 16, 2003AAA WG, IETF 571 AAA WG Meeting IETF 57 Vienna, Austria Wednesday, July 16,

EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.

EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03 draft-ietf-karp-ops-model-03 S. Hartman M. Wasserman D. Zhang.

WIRELESS LAN SECURITY Using

Comparative studies on authentication and key exchange methods for wireless LAN Authors: Jun Lei, Xiaoming Fu, Dieter Hogrefe and Jianrong Tan Src:

Wireless and Security CSCI 5857: Encoding and Encryption.

Secure Socket Layer (SSL)

Eugene Chang EMU WG, IETF 70

EMU BOF EAP Method Requirements Bernard Aboba Microsoft Thursday, November 10, 2005 IETF 64, Vancouver, CA.

1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved.

Dynamic Symmetric Key Provisioning Protocol (DSKPP) Mingliang Pei Salah Machani IETF68 KeyProv WG Prague.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.

Shambhu Upadhyaya Security –Upper Layer Authentication Shambhu Upadhyaya Wireless Network Security CSE 566 (Lecture 10)

1 DHCP Authentication Discussion INTAREA meeting, 70th IETF Vancouver, Canada Jari Arkko and Ralph Droms.

1 Course Number Presentation_ID © 2001, Cisco Systems, Inc. All rights reserved. External User Security Model (EUSM) for SNMPv3 draft-kaushik-snmp-external-usm-00.txt.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV BOF IETF-67 San Diego November 2006 Andrea Doherty.

DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.

DSKPP And PSKC: IETF Standard Protocol And Payload For Symmetric Key Provisioning Philip Hoyer Senior Architect – CTO Office.

Authentication Mechanism for Port Control Protocol (PCP) draft-wasserman-pcp-authentication-01.txt Margaret Wasserman Sam Hartman Painless Security Dacheng.

RADIUS Crypto-Agility Requirements November 18, 2008 David B. Nelson IETF 73 Minneapolis.

Maryland Information Systems Security Lab D EPARTMENT OF C OMPUTER S CIENCE EAP Password Authenticated eXchange (PAX) T. Charles Clancy William A. Arbaugh.

PAWS: Security Considerations Yizhuang WU, Yang CUI PAWS WG

1 IEEE MEDIA INDEPENDENT HANDOVER DCN: sec Title: Detailed analysis on MIA/MSA architecture Date Submitted: January 5, 2010 Present.

One-Time Password Specifications (OTPS): Overview, Workshop Agenda, and Process DRAFT – 18 May 2005.

EAP-POTP Magnus Nyström, RSA Security 23 May 2005.

March 2006IETF 65 - Dallas1 The Cryptographic Token Key Initialization Protocol (CT-KIP) Dave Mitton, RSA Security for Magnus Nyström IETF SAAG.

EAP-FAST Version 2 draft-zhou-emu-eap-fastv2-00.txt Hao Zhou Nancy Cam-Winget Joseph Salowey Stephen Hanna March 2011.

EAP Keying Framework Draft-aboba-pppext-key-problem-06.txt EAP WG IETF 56 San Francisco, CA Bernard Aboba.

ICOS BOF EAP Applicability Bernard Aboba IETF 62, Minneapolis, MN.

1 The Cryptographic Token Key Initialization Protocol (CT-KIP) KEYPROV WG IETF-68 Prague March 2007 Andrea Doherty.

Mobile IPv6 with IKEv2 and revised IPsec architecture IETF 61

Emu wg, IETF 70 Steve Hanna, EAP-TTLS draft-funk-eap-ttls-v0-02.txt draft-hanna-eap-ttls-agility-00.txt emu wg, IETF 70 Steve Hanna,

Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.

Key Management in AAA Russ Housley Incoming Security Area Director.

N. Asokan, Kaisa Nyberg, Valtteri Niemi Nokia Research Center

Channel Binding Support for EAP Methods Charles Clancy, Katrin Hoeper.

RFC 2716bis Wednesday, July 12, 2006 Draft-simon-emu-rfc2716bis-02.txt Dan Simon Bernard Aboba IETF 66, Montreal, Canada.

December 14, 2000Securely Available Credentails (SACRED) - Framework Draft 1 Securely Available Credentials (SACRED) Protocol Framework, Draft Specification.

KAIS T Comparative studies on authentication and key exchange methods for wireless LAN Jun Lei, Xiaoming Fu, Dieter Hogrefe, Jianrong Tan Computers.

1 EAP-MAKE2: EAP method for Mutual Authentication and Key Establishment, v2 EMU BoF Michaela Vanderveen IETF 64 November 2005.

1 SECMECH BOF EAP Methods IETF-63 Jari Arkko. 2 Outline Existing EAP methods Technical requirements EAP WG process for new methods Need for new EAP methods.

IETF-84 EMU TEAP Updates Nancy Joseph Salowey Hao Zhou

@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.

CLASSe PROJECT: IMPROVING SSO IN THE CLOUD Alejandro Pérez Rafael Marín Gabriel López

IETF Provisioning of Symmetric Keys (keyprov) WG Update WG Chairs: Phillip Hallam-Baker Hannes Tschofenig Presentation by Mingliang Pei 05/05/2008.

for IP Mobility Protocols

ERP extension for EAP Early-authentication Protocol (EEP)

IETF-70 EAP Method Update (EMU)

S/MIME T ANANDHAN.

The Tunneled Extensible Authentication Method (TEAM)

IEEE MEDIA INDEPENDENT HANDOVER

Charles Clancy Katrin Hoeper IETF 73 Minneapolis, USA 17 November 2008

IEEE MEDIA INDEPENDENT HANDOVER

Presentation transcript:

November 2005IETF 64, Vancouver, Canada1 EAP-POTP The Protected One-Time Password EAP Method Magnus Nystrom, David Mitton RSA Security, Inc.

November 2005IETF 64, Vancouver, Canada2 Background EAP-POTP is an EAP method designed for One-Time Password (OTP) tokens EAP-POTP offers; –Strong user authentication –Mutual authentication –Protection of OTPs in transit –Establishment of key material –Fast session resumption …capabilities that are missing from existing EAP methods used with OTP tokens

November 2005IETF 64, Vancouver, Canada3 Objectives End-to-end protection of OTP value Provide key material for lower layers (MSK, EMSK) Minimal initial configuration Minimize number of roundtrips No PKI requirements –But complements PEAP, TTLS, and other tunneling methods Meet RFC 3748, RFC 4017 requirements as well as requirements in keying-08 Support OTP “corner cases” such as –Next OTP –New PIN mode

November 2005IETF 64, Vancouver, Canada4 Typical Deployment, Wireless Authentication

November 2005IETF 64, Vancouver, Canada5 Method Specifics Packet format builds on the use of TLVs –Similar to PEAP “Hardens” OTPs to protect against eavesdroppers and MITMs Extensible to various OTP types Optional channel binding Session Resumption mechanism For further information, see the presentation made to the EAP WG at IETF-62

November 2005IETF 64, Vancouver, Canada6 A few Security Features Freshness: each peer contributes a nonce Channel binding: the client indicates the server it thinks it’s talking to Protected Pin change Protected results: Client confirmation exchange Selection: Server realm ID in initial request

November 2005IETF 64, Vancouver, Canada7 Some Recent Updates Introduction of Protected TLV –To take advantage of established key material already in the EAP session itself –Essentially, the protected TLV wraps other TLVs and integrity-protects them Session resumption defined for basic mode

November 2005IETF 64, Vancouver, Canada8 Planned Updates & Current Status Planned Updates –Protected ciphersuite negotiation –Use of dedicated session resumption key for session resumption (and not EMSK) Status –Commercial implementations of protocol version 0 exist. Will work on distinguishing differences. –RSA willing to contribute the method to the EMU community if there is interest in adopting it as a standards-track work item

November 2005IETF 64, Vancouver, Canada9 IPR RSA offers a reciprocal royalty-free license under RAND to all implementers –For details, see

November 2005IETF 64, Vancouver, Canada10 Documents & Information draft-nystrom-eap-potp-03.txt –Part of One-Time-Password Specifications CT-KIP: Cryptographic Token Key Initialization Protocol OTP PKCS#11 Mechanisms OTP CAPI – MS CryptoAPI OTP extensions OTP WSS Token: WS-Security OTP Token format OTP Validation Service: Web service for OTP validation Mailing list: subscribe otps to –Archive available by sending get otps otps.05 to the above address