Presentation is loading. Please wait.

Presentation is loading. Please wait.

IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 1 Multicast Security  Quo Vadis?  René Struik.

Published byTyler Haller Modified over 9 years ago

Similar presentations

Presentation on theme: "IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 1 Multicast Security  Quo Vadis?  René Struik."— Presentation transcript:

1 IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 1 Multicast Security  Quo Vadis?  René Struik

2 IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 2 Outline 1.Multicast Security:  Confidentiality  Authentication  Replay Protection 2.Suggested approach:  Use of DTLS record layer format as is  Security processing  Compatibility of multicast security with DTLS 3.Changes to:  draft-keoh-dice-multicast-security-08  draft-kumar-dice-groupcomm-security-00

3 IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 3 Multicast Security:  Confidentiality  Authentication  Replay Protection

4 IETF-91, DICE Working Group November 10, 2014 Multicast Security Objectives Security services defined in terms of  Group membership  Sender of multicast message  Recipient(s) of multicast message  Locally maintained status information Security services:  Confidentiality: Assurance that received information is only available to group members  Authentication:  Group authentication: assurance that source of information is group member  Source authentication: assurance of precise originator of received information  Replay protection: Assurance that information from specific source is received at most once  Timeliness:not provided Assurance that received information is “relatively fresh” (not “stale”)

5 IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 5 Suggested approach:  Reuse of DTLS record layer format as is  Security processing  Coexistence with DTLS1.2

6 IETF-91, DICE Working Group November 10, 2014 Slide 6 DTLS Record Layer format: Multicast Security Record Layer format (group authentication): Multicast Security Record Layer format (source authentication): Ciphertext Content type EpochVersion Ma | Mi Sequence number Length 12262n Ciphertext Content type EpochVersion Ma | Mi Sequence number Length 12262n Ciphertext (w/ signature) Content type EpochVersion Ma | Mi Sequence number Length 12262n Format comparison

7 IETF-91, DICE Working Group November 10, 2014 Slide 7 DTLS Record Layer:  Look-up key = G(sender, {sender, recipient}, key id)  Apply inverse AEAD cipher (decrypt/check authenticity) Multicast Security Record Layer format (group authentication):  Look-up key = G(sender, group, group key id)  Apply inverse AEAD cipher (decrypt/check authenticity) Multicast Security Record Layer format (source authentication):  Look-up key = G(sender, group, group key id)  Look-up signature verification key = L(sender, local info)  Apply inverse AEAD cipher (decrypt/check authenticity)  Apply signature verification operation (check signature) Processing comparison (at recipient’s end)

8 IETF-91, DICE Working Group November 10, 2014 Slide 8 Device implementing multicast security:  DTLS traffic received as is (since unicast)  Multicast traffic received and processed as proposed  Same AEAD processing Device implementing DTLS, but not implementing multicast security:  DTLS traffic received as is (since unicast)  Multicast traffic dropped on the floor Coexistence (at recipient’s end)

9 IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 9 Changes to:  draft-keoh-dice-multicast-security-08  draft-kumar-dice-groupcomm-security-00

10 IETF-91, DICE Working Group November 10, 2014 Changes to draft-keoh-dice-multicast-security-08 Changes:  Align record format so as to coincide with TLS record format  Remove SenderID (this re-instates 6-octet SequenceNumber)  Make sure nonce reuse does not occur  Use derived key f(group key, sender), rather than using group key directly NOTE1: here, group key is determined from{Multicast IP destination address, port} NOTE2: sender is originator’s IP address (which assumes role of SenderID)  Define local logic for key look-up  Look-up group key = G(sender, group, group key id) NOTE: with DTLS, key = G(sender, key id) = G’(sender, recipient, key id), So one can use uniform local key look-up NOTE:  No changes to replay protection (via comparison of SequenceNumber of packet and locally maintained status information) required

11 IETF-91, DICE Working Group November 10, 2014 Changes to draft-kumar-dice-groupcomm-security-00 Changes:  Align record format so as to coincide with TLS record format  Use same format as suggested with draft-keoh-dice-multicast-security-08  Make sure nonce reuse does not occur  Use derived key f(group key, sender), rather than using group key directly NOTE1: here, group key is determined from{Multicast IP destination address, port} NOTE2: sender is originator’s IP address (which assumes role of SenderID)  Define local logic for key look-up  Look-up group key = G(sender, group, group key id) NOTE: with DTLS, key = G(sender, key id) = G’(sender, recipient, key id), So one can use uniform local key look-up  Define local logic for signature look-up  Look-up signature verification key = L(sender, local info) NOTE:  No changes to replay protection (via comparison of SequenceNumber of packet and locally maintained status information) required

12 IETF-91, DICE Working Group November 10, 2014 Next Steps Write new draft, borrowing from current discussion

Download ppt "IETF-91, DICE Working Group November 10, 2014 René Struik (Struik Security Consultancy)Slide 1 Multicast Security  Quo Vadis?  René Struik."

Similar presentations

Internet Security CSCE 813 IPsec

Internet Security CSCE 813 IPsec
CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication E-Mail Security E-Mail Security Secure Sockets Layer Secure.

CHAPTER 8: SECURITY IN COMPUTER NETWORKS Encryption Encryption Authentication Authentication Security Security Secure Sockets Layer Secure.
Sri Lanka Institute of Information Technology

Sri Lanka Institute of Information Technology
DICE BOF, IETF-87 Berlin DTLS In Constrained Environments (DICE) BOF Wed 15:10-16:10, Potsdam 3 BOF Chairs: Zach Shelby, Carsten Bormann Responsible AD:

DICE BOF, IETF-87 Berlin DTLS In Constrained Environments (DICE) BOF Wed 15:10-16:10, Potsdam 3 BOF Chairs: Zach Shelby, Carsten Bormann Responsible AD:
NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT 09.11.2005.

NAT TRAVERSAL FOR IPSEC Research Seminar on Datacommunications Software HIIT
Chapter 5 Network Security Protocols in Practice Part I

Chapter 5 Network Security Protocols in Practice Part I
ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.
Wired Equivalent Privacy (WEP)

Wired Equivalent Privacy (WEP)
Doc.: IEEE 802.15-04-0828-01-004e Submission November 13, 2008 René Struik (Certicom Research)Slide 1 Project: IEEE P802.15 Working Group for Wireless.

Doc.: IEEE e Submission November 13, 2008 René Struik (Certicom Research)Slide 1 Project: IEEE P Working Group for Wireless.
Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.
Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.

Russ Housley IETF Chair Founder, Vigil Security, LLC 8 June 2009 NIST Key Management Workshop Key Management in Internet Security Protocols.
15-05-0083-00-0400 Submission January, 2005 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P802.15 Working Group for Wireless Personal Area Networks.

Submission January, 2005 Rene Struik, Certicom Corp.Slide 1 Project: IEEE P Working Group for Wireless Personal Area Networks.
1 Accounting, Authentication and Authorization Issues in “Well Managed” IP Multicasting Services November 9, 2005 Tsunemasa Hayashi

1 Accounting, Authentication and Authorization Issues in “Well Managed” IP Multicasting Services November 9, 2005 Tsunemasa Hayashi
1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.
Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),

Cosc 4765 SSL/TLS and VPN. SSL and TLS We can apply this generally, but also from a prospective of web services. Multi-layered: –S-http (secure http),
Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.

Dr. L. Christofi1 Local & Metropolitan Area Networks ACOE322 Lecture 8 Network Security.
Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Protecting Internet Communications: Encryption  Encryption: Process of transforming plain text or data into cipher text that cannot be read by anyone.

Similar presentations

Ads by Google