Presentation is loading. Please wait.

Presentation is loading. Please wait.

Simple Authentication schemes for ALC and NORM draft-ietf-rmt-simple-auth-for-alc-norm-00 IETF 73 – Minneapolis, November 2008 Vincent Roca (INRIA)

Published byFelicity Hoover Modified over 8 years ago

Similar presentations

Presentation on theme: "Simple Authentication schemes for ALC and NORM draft-ietf-rmt-simple-auth-for-alc-norm-00 IETF 73 – Minneapolis, November 2008 Vincent Roca (INRIA)"— Presentation transcript:

1 Simple Authentication schemes for ALC and NORM draft-ietf-rmt-simple-auth-for-alc-norm-00 IETF 73 – Minneapolis, November 2008 Vincent Roca (INRIA)

2 General now a WG Item document mas decided during IETF71 summary of the proposal mthis I-D and TESLA I-D introduce several packet- level sender authentication/integrity check schemes for ALC and NORM mall of them define specific EXT_AUTH header extensions, one per authentication scheme

3 General… (cont’) mthese HE start by the same ASID (Auth Scheme ID) 4-bit field: mgoal is to enable a mixed use of these schemes in the same session, even on the same communication path: e.g., TESLA for downstream NORM traffic, and Group MAC for the upstream traffic mthe ASID/auth. scheme mapping is communicated out-of-band, as part of the session description mthere is no fixed IANA value 0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ ASID | HET (=1) | HEL | ASID | … (scheme specific) | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+

4 Record of the changes RSA digital signatures madded text detailing how to use RSA signatures mas in TESLA I-D mwe also mention SHA-256 (rather than SHA-1) mcorrected a mistake: mthe parameters to be communicated to the receivers must include the signature crypto function (e.g., SHA- 256)

5 Record of the changes… (cont’) ECC (elliptic curve crypto) digital signatures madded discussion in introduction mhigher performances than RSA-based signatures (see RMT Security discussion I-D) mbut patent claims exist mwe mention ECC but do not define any scheme for them mQUESTION: should we detail the use of ECC or leave it open for a future (tiny) document?

6 Record of the changes… (cont’) Group MAC mclarified that SHA-256 is recommended mclarified that during HMAC-SHA* output truncation, we need to keep the MSB

7 Record of the changes… (cont’) Combined use of Group MAC/Digital Signatures mBEFORE: use two separate EXT_AUTH HE mNOW: a specific EXT_AUTH HE, that gathers the signature + the Group MAC fields mmotivated by ma lower overhead (32 bits smaller) ma clear specification that Group MAC encompasses the digital signature field (calculated first) Security section added madapted from that of TESLA I-D

8 Next steps probably a new version mespecially if ECC is included and then WGLC

Download ppt "Simple Authentication schemes for ALC and NORM draft-ietf-rmt-simple-auth-for-alc-norm-00 IETF 73 – Minneapolis, November 2008 Vincent Roca (INRIA)"

Similar presentations

RMT WG Status Brian Adamson / Lorenzo Vicisano 11 November 2009 IETF 76 - Hiroshima.

RMT WG Status Brian Adamson / Lorenzo Vicisano 11 November 2009 IETF 76 - Hiroshima.
Enhancing Demand Response Signal Verification in Automated Demand Response Systems Daisuke Mashima, Ulrich Herberg, and Wei-Peng Chen SEDN (Solutions for.

Enhancing Demand Response Signal Verification in Automated Demand Response Systems Daisuke Mashima, Ulrich Herberg, and Wei-Peng Chen SEDN (Solutions for.
IETF 76 – November 8-14 – Hiroshima, Japan RMT LCT draft-rmt-pi-alc-revised-10 Mark Watson.

IETF 76 – November 8-14 – Hiroshima, Japan RMT LCT draft-rmt-pi-alc-revised-10 Mark Watson.
NORM PI Update draft-ietf-rmt-pi-norm-revised-04 68th IETF - Prague Brian Adamson NRL.

NORM PI Update draft-ietf-rmt-pi-norm-revised-04 68th IETF - Prague Brian Adamson NRL.
Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)

Socket Layer Security. In this Presentation: need for web security SSL/TLS transport layer security protocols HTTPS secure shell (SSH)
Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.

Transport Layer Security (TLS) Protocol Introduction to networks and communications(CS555) Prof : Dr Kurt maly Student:Abhinav y.
INRIA Rhône-Alpes - Planète research group 1 Security and RMT Protocols: TESLA I-D simple-auth I-D rmt-sec I-D IETF 69 th – Chicago meeting, July 2007.

INRIA Rhône-Alpes - Planète research group 1 Security and RMT Protocols: TESLA I-D simple-auth I-D rmt-sec I-D IETF 69 th – Chicago meeting, July 2007.
FCAST update TESLA update IETF 76 – Hiroshima, November 2009 V. Roca (INRIA)

FCAST update TESLA update IETF 76 – Hiroshima, November 2009 V. Roca (INRIA)
Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.

Henric Johnson1 Chapter 6 IP Security. Henric Johnson2 Outline Internetworking and Internet Protocols IP Security Overview IP Security Architecture Authentication.
Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.

Crypto – chapter 16 - noack Introduction to network stcurity Chapter 16 - Stallings.
11 Authentication Algorithm Trade Study CCSDS Security WG Fall 2005 Atlanta, GA USA Howard Weiss NASA/JPL/SPARTA +1-410-872-1515 September.

11 Authentication Algorithm Trade Study CCSDS Security WG Fall 2005 Atlanta, GA USA Howard Weiss NASA/JPL/SPARTA September.
1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.

1 Message Authentication and Hash Functions Authentication Requirements Authentication Functions Message Authentication Codes Hash Functions Security of.
Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.

Network Security Essentials Fifth Edition by William Stallings Fifth Edition by William Stallings.
SSH Secure Login Connections over the Internet

SSH Secure Login Connections over the Internet
Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.

Lecture slides prepared for “Computer Security: Principles and Practice”, 2/e, by William Stallings and Lawrie Brown, Chapter 21 “Public-Key Cryptography.
Elliptic Curve Cryptography

Elliptic Curve Cryptography
Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.

Message Authentication  message authentication is concerned with: protecting the integrity of a message protecting the integrity of a message validating.
1 Optimal Mail Certificates in Mail Payment Applications Leon Pintsov Pitney Bowes 2nd CACR Information Security Workshop 31 March 1999.

1 Optimal Mail Certificates in Mail Payment Applications Leon Pintsov Pitney Bowes 2nd CACR Information Security Workshop 31 March 1999.
Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)

Behzad Akbari Spring 2012 (These slides are based on lecture slides by Lawrie Brown)
INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.

INRIA Rhône-Alpes - Planète research group Reed-Solomon FEC I-D LDPC-* FEC I-D TESLA I-D Simple-auth I-D IETF 70 th – Vancouver meeting, November 2007.

Similar presentations

Ads by Google