Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010

Slides:



Advertisements
Similar presentations
IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
Advertisements

Doc.: IEEE /1012r0 Submission September 2009 Dan Harkins, Aruba NetworksSlide 1 Suite-B Compliance for a Mesh Network Date: Authors:
Doc.: IEEE wng0 Submission June 2010 Robert Moskowitz (ICSAlabs/VzB)Slide 1 Project: IEEE P Working Group for Wireless Personal.
GOPAS TechEd 2012 PKI Design Ing. Ondřej Ševeček | GOPAS a.s. |
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Lecture 6: Web security: SSL
Transport Layer Security (TLS) Bill Burr November 2, 2001.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Cryptography and Network Security Chapter 16 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Chapter 13 IPsec. IPsec (IP Security)  A collection of protocols used to create VPNs  A network layer security protocol providing cryptographic security.
Doc.: IEEE privecsg Rnd-Modr-MAC-Addr Submission Jan 2015 Robert Moskowitz, HTT Consulting Slide 1 Project: IEEE 802 EC Privacy Recommendation.
By Rod Lykins.  Background  Benefits  Security Advantages ◦ Address Space ◦ IPSec  Remaining Security Issues  Conclusion.
Cryptography and Network Security Chapter 12 Fourth Edition by William Stallings Lecture slides by Lawrie Brown.
Fall 2010/Lecture 311 CS 426 (Fall 2010) Public Key Encryption and Digital Signatures.
Cryptography1 CPSC 3730 Cryptography Chapter 11, 12 Message Authentication and Hash Functions.
HIP Working Group IETF 64 Gonzalo Camarillo David Ward.
SIP-SAML assisted Diffie-Hellman MIKEY IETF 65 MSEC Mar 21, 2006 Robert Moskowitz.
Lecture 2: Message Authentication Anish Arora CSE5473 Introduction to Network Security.
Key Management Guidelines. 1. Introduction 2. Glossary of Terms and Acronyms 3. Cryptographic Algorithms, Keys and Other Keying Material 4. Key Management.
EAP Overview (Extensible Authentication Protocol) Team Golmaal: Vaibhav Sharma Vineet Banga Manender Verma Lovejit Sandhu Abizar Attar.
Creating an IPsec VPN using IOS command syntax. What is IPSec IPsec, Internet Protocol Security, is a set of protocols defined by the IETF, Internet Engineering.
Host Identity Protocol
Announcement Final exam: Wed, June 9, 9:30-11:18 Scope: materials after RSA (but you need to know RSA) Open books, open notes. Calculators allowed. 1.
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
Doc.: IEEE /1066r2 Submission July 2011 Robert Moskowitz, VerizonSlide 1 Link Setup Flow Date: Authors: NameCompanyAddressPhone .
IETF 77 1 HIP mobility (RFC 5206bis) issue review March 31, 2011 Tom Henderson (editor)
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
Update on the Internet Research Task Force Aaron Falk IRTF Chair IETF-72 – Dublin.
Doc.: IEEE Submission March 2012 Jani Pellikka, Andrei Gurtov (University of Oulu)Slide 1 Project: IEEE P Working Group.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Key Management Workshop November 1-2, Cryptographic Algorithms, Keys, and other Keying Material  Approved cryptographic algorithms  Security.
Information management 1 Groep T Leuven – Information department 1/26 IPSec IP Security (IPSec)
Chapter 21 Public-Key Cryptography and Message Authentication.
1 © 2005 Cisco Systems, Inc. All rights reserved. 111 © 2004, Cisco Systems, Inc. All rights reserved. CNIT 221 Security 2 Module 3 City College of San.
Lecture 11 Page 1 Advanced Network Security Cryptography and Networks: IPSec and SSL/TLS Advanced Network Security Peter Reiher August, 2014.
HIP Working Group IETF 62 Gonzalo Camarillo David Ward.
Doc.: IEEE Submission November 2009 Robert Moskowitz (ICSAlabs/VzB)Slide 1 Project: IEEE P Working Group for Wireless Personal.
Stein-65 Slide 1 PW security measures PWE3 – 65 th IETF 10 November 2005 Yaakov (J) Stein.
Doc.: IEEE HIP-over-TG9 Submission May 2012 Robert Moskowitz, Verizon Slide 1 Project: IEEE P Working Group for Wireless Personal.
Chapter 8 IP Security MSc. NGUYEN CAO DAT Dr. TRAN VAN HOAI.
1 The HIP Diet Exchange HIP DEX Robert Moskowitz Verizon Telcom and Business Innovation Group March 29, 2011
1 HIP 5201-bis Update Robert Moskowitz Verizon Telcom and Business Tobias Heer RWTH Aachen University March 31, 2011
IEEE MEDIA INDEPENDENT HANDOVER DCN: xx-ECDSA Title: Discussion on introducing ECDSA to d for group management Date Submitted: July.
1 The HIP Diet Exchange HIP DEX Robert Moskowitz ICSA labs an Independent Division of Verizon Business July 26, 2010
ANSI X9.44 and IETF TLS Russ Housley and Burt Kaliski RSA Laboratories November 2002.
Cryptography and Network Security (CS435) Part Thirteen (IP Security)
Design Guidelines Thursday July 26, 2007 Bernard Aboba IETF 69 Chicago, IL.
Doc.: IEEE kmp Submission September 2011 Robert Moskowitz, Verizon Slide 1 Project: IEEE P Working Group for Wireless Personal.
Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems July 30, 2009 Slides presented.
ECC Design Team: Initial Report Brian Minard, Tolga Acar, Tim Polk November 8, 2006.
@Yuan Xue CS 285 Network Security Secure Socket Layer Yuan Xue Fall 2013.
September 2009 doc.: IEEE June 2010
Preferred Alternatives for Tunnelling HIP (PATH)
Dan Brown, Certicom Research November 10, 2004
IETF-70 EAP Method Update (EMU)
Project: IEEE 802 EC Privacy Recommendation Study Group
CS 465 TLS Last Updated: Oct 31, 2017.
September 2009 doc.: IEEE June 2010
September 2009 doc.: IEEE June 2010
Robert Moskowitz, Verizon
Project: IEEE 802 EC Privacy Recommendation Study Group
September 2009 doc.: IEEE November 2009
Encryption INST 346, Section 0201 April 3, 2018.
September 2009 doc.: IEEE June 2010
PW security measures PWE3 – 65th IETF 21 March 2005 Yaakov (J) Stein.
Robert Moskowitz, Verizon
Presentation transcript:

Moving HIP to Standards Track Robert Moskowitz ICSAlabs an Independent Div of Verizon Business Systems March 25, 2010

Items to Discuss Scope of Standard Editors Order of work Changes to 5201 Crypto Agility Cipher Suites LSI Space Diet HIP exchange

Scope of Standard Defined by RFCs  Host Identity Protocol (HIP) Architecture  Host Identity Protocol  Using ESP Transport Format with HIP  HIP Registration Extension  HIP Rendezvous Extension  HIP DNS Extensions  End-Host Mobility and Multihoming with HIP  IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers

Scope of Standard Document Editors  4423 – Robert Moskowitz  5201 – Tobias Heer, Robert Moskowitz  5202 – Jan Melen  5203 – Julien Laganier  5204 – Julien Laganier  5205 – Julien Laganier  5206 – Tom Henderson  4843 – Julien Laganier

Order of Work HIP core  Revise or update 4423, , 4823  Mobility portion of 5206  Certificates  Goal to have solid documents with most in workgroup last call at IETF 78 HIP part 2  Multihoming portion of 5206  NAT traversal  HIP proxies  Diet HIP exchange

Changes to 5201 Crypto Agility  Everything is negotiable  Cipher suites LSI space

Crypto Agility Originally HIP was envisioned as 'Simple'  Crypto events have outstripped that World View HIP crypto components  Host Identity  HIT generator  Puzzle mechanism  Master Key agreement  Key Derivation Function  Payload Encryption  Payload Authentication

Cipher Suites Desire to have a minimum set Need group's input Do we drop SHA-1 now? To what extend to we include SHA-384 & SHA-512? Which RSA/DSA key sizes do we support? Which ECC curves and sizes?  draft-mcgrew-fundamental-ecc-02.txt for guidance Which AES transforms?

LSI Space LSI space size  2^24 or 2^16?  127.n.x.x Old work on IKEv1 NAT traversal discovered challenges  RFC 1918 probes Problems with mobility

Diet HIP Exchange For highly constrained systems  e.g. IEEE and Minimum crypto components  AES CCM or similar mode of operation Includes CMAC  ECC, but not ECDH What to replace hashing?  HITs only need collision avoidance  CMAC for Puzzle?  CMAC for KDF requires uniformly distributed key Key generated by I, encrypted with R's EC PK?  No PFS, how to prove input from R?

Questions?

Crypto Agility Host Identity  Only Public key defined  RSA & DSA  ECC planned Only patent-free HIT generator  Only Hash functions defined  SHA-1  SHA-256 [, SHA-384, SHA-512]  NIST hash winner {SHA-3?}  'Simple' compressor that only offers collision avoidance

Crypto Agility Puzzle mechanism  Uses SHA-1 for puzzle  Will use SHA-256, etc next.  Can we develop a non-Hash puzzle e.g. CMAC based? Master Key agreement  DH Key Agreement  Will add EC DH Key Agreement  Light weight alternative to DH needed Sacrifice PFS Simple PK encrypt of Random secret?

Crypto Agility Key Derivation Function  Switch to draft-krawczyk-hkdf-01.txt  Per draft-irtf-cfrg-kdf-uses-00.txt Can only use CMAC with a uniformly distributed key Payload Encryption  Negotiated via HIP_TRANSFORM Deprecate MD5 transforms and SHA-1? Minimize new transforms Payload Authentication  If HI PK, the just PK signed

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.