Presentation is loading. Please wait.

Presentation is loading. Please wait.

Agenda retrospective - B. Aboba Lunch

Published byAnis Eaton Modified over 5 years ago

Similar presentations

Presentation on theme: "Agenda retrospective - B. Aboba Lunch"— Presentation transcript:

1 Agenda 802.11 retrospective - B. Aboba Lunch
Goals/Requirements - J Burns

2 802.1af Goals/Requirements Agenda
Usage cases Goals & overall requirements

3 General Usage Cases Service Provider NAS NAS Service Provider Access
End Station NAS Service Provider Access Provider

4 Enterprise Usage Cases
Bridge Bridge Enterprise Enterprise Enterprise End Station Bridge Enterprise Enterprise

5 Provider Bridge Usage Cases
Ethernet Service Provider Ethernet Service Provider Bridge Bridge ESP ESP Provider Bridge Ethernet Service Provider Provider Bridge Enterprise Bridge Bridge Enterprise Enterprise ESP ESP Enterprise Provider Bridge Provider Bridge Enterprise Enterprise Enterprise Enterprise

6 Remote Access Network Usage Cases
End Station NAS End Station NAS Service Provider NAP Service Provider 1 End Station NAS Service Provider 2 Service Provider 3 NAP

7 802.1af Goals Provide and manage a cryptographic key framework in order to provide keys to the SecY so that it may provide a protected channel.

8 802.1af Requirements Announcement (formerly discovery) Authentication
Authorization Key Management Threat model Performance model

9 Typical Phases NAS STA/NAS Annouce Authenticate Authorize Key Mgmt
Multicast announce Multicast announce request Annouce unicast announce Authenticate Authorize Key Mgmt

10 Announcement Phases Environment NAS STA/NAS Annouce pitms Selection
Multicast announce Multicast announce request Annouce unicast announce pitms Selection pitm Allocation port Environment

11 Announcement Goals (formerly Discovery)
Provide sufficient information for a .1af entity to decide on a NAS to attempt a connection with. End result shall be a port on which the remaining .1af processes shall operate.

12 Announcement Requirements (formerly Discovery)
Assume Announcement is unprotected, but do not preclude use of separate Discovery protection Announce AE capabilities (MAC): cipher suites, name of device Announce distinguished name(s) for NAP(s) For each NAP: announce distinguished name(s) for service providers Fast delivery of announcements when asked In ‘virtual port’ systems: operate through an ‘all ports’ port Creation of a port (Port/ISS MILSAP) Minimal processing: to limit DoS impact

13 Announcement Information
Identifier for the domain of the network access provider Identifiers for the service providers Supported authentication methods Supported cipher suites Optional - Announcement Key

14 Authentication Goals Enable identity verification via higher layer
Potentially between end station and network access provider, end station and service provider, end station and home network Generate the root key for a key framework (EAP document)

15 Authentication Requirements
Provide facility for various authentication methods Define a set of required authentication method(s) Generate a master key that shall be the root of a key framework (EAP document). This allows future processes to be cryptographically bound to the authentication result. Authentication success begins the key framework but does not imply network access. Verification of distinguished names of the .1af entities (NAS).

16 Authorization Goals Enable service restrictions (negotiations?)
Enforce pre-connection service restrictions

17 Authorization Requirements
Enable communication between higher layer authorization entities Determine when authorization has completed (success/fail) Protected communications

18 .1ae Terminology TSK = PTK

19 Key Management Goals (Formerly ‘Enable Session’)
Maintain secure connection association (CA) state Generate new TSKs for the SecY from the maintained CA. (The ‘bottom’ of the key framework)

20 Key Management Requirements (Formerly ‘Enable Session’)
Maintain overlapped SAs Generate new TSKs Allow deletion of CA (?) Time out CA (?)

21 Threat Model 1)    The network may be completely controlled by an attacker, and the attacker may have significant computational resources.  How significant is dependant on the application.  2)    One or more of the end-points may ultimately be fully compromised as well. 3)    There may be third parties involved in an authentication (e.g., a Radius server).  This third party, as well as the trust relationships between parties may be the source of attack. 4)      Discovery messages are likely to be unprotected during the discovery phase, but important decisions may be made based on them.

22 Threat Model Implications
a)    The attacker can passively eavesdrop. b)    The attacker can prevent traffic from reaching its intended destination. c)    The attacker can send spurious messages and arbitrarily modify otherwise valid messages. d)    The attacker can capture messages and replay them.

23 Threat Model Implications 2
e)    For those worried about possible end-point compromise, forward secrecy should be obtainable. f)    There may be possible timing attacks. g)    Unless one party really does not care with whom it is communicating, mutual authentication is an absolute requirement. h)      It is unrealistic to stop DoS in an absolute sense.  However, we can assume that attackers will perform "cheap" DoS attacks, such as trying to disturb a connection by tampering with individual messages or trying to overwhelm a machine's computational ability by launching a very few (expensive) authentications.

Download ppt "Agenda retrospective - B. Aboba Lunch"

Similar presentations

Discussion of KaY Key Exchange and Management Interface to SecY

Discussion of KaY Key Exchange and Management Interface to SecY
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
SSL CS772 Fall 2011. Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.

SSL CS772 Fall Secure Socket layer Design Goals: SSLv2) SSL should work well with the main web protocols such as HTTP. Confidentiality is the top.
1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.

1 Cryptography and Network Security Third Edition by William Stallings Lecturer: Dr. Saleem Al_Zoubi.
1 Integrating ISA Server and Exchange Server. 2 How email works.

1 Integrating ISA Server and Exchange Server. 2 How works.
Wireless and Email Security CSCI 5857: Encoding and Encryption.

Wireless and Security CSCI 5857: Encoding and Encryption.
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.

EAP WG EAP Key Management Framework Draft-ietf-eap-keying-03.txt Bernard Aboba Microsoft.
Chapter 21 Distributed System Security Copyright © 2008.

Chapter 21 Distributed System Security Copyright © 2008.
1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.

1 Security Protocols in the Internet Source: Chapter 31 Data Communications & Networking Forouzan Third Edition.
802.1 af discussion First two slides are my picture of ae requirements - these may need some refining Next slide is my interpretation of KSP implementation.

802.1 af discussion First two slides are my picture of ae requirements - these may need some refining Next slide is my interpretation of KSP implementation.
Doc.: IEEE 802.11-01/495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.

Doc.: IEEE /495r1 Submission July 2001 Jon Edney, NokiaSlide 1 Ad-Hoc Group Requirements Report Group met twice - total 5 hours Group size ranged.
Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.

Lecture 16 Page 1 CS 236 Online Web Security CS 236 On-Line MS Program Networks and Systems Security Peter Reiher.
INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.

INTRODUCTION TO COMPUTER & NETWORK SECURITY INSTRUCTOR: DANIA ALOMAR.
Wireless Network Security CSIS 5857: Encoding and Encryption.

Wireless Network Security CSIS 5857: Encoding and Encryption.
Channel Binding Support for EAP Methods Charles Clancy, Katrin Hoeper.

Channel Binding Support for EAP Methods Charles Clancy, Katrin Hoeper.
Securing Access to Data Using IPsec Josh Jones Cosc352.

Securing Access to Data Using IPsec Josh Jones Cosc352.
IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.

IP Security (IPSec) Matt Hermanson. What is IPSec? It is an extension to the Internet Protocol (IP) suite that creates an encrypted and secure conversation.
SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.

SESSION HIJACKING It is a method of taking over a secure/unsecure Web user session by secretly obtaining the session ID and masquerading as an authorized.
© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0—8-1 111 © 2003, Cisco Systems, Inc. All rights reserved.

© 2003, Cisco Systems, Inc. All rights reserved. FWL 1.0— © 2003, Cisco Systems, Inc. All rights reserved.

Similar presentations

Ads by Google