Presentation is loading. Please wait.

Presentation is loading. Please wait.

Institut für Telematik Secure Signaling in Next Generation Networks with NSIS Roland Bless, Martin Röhricht IEEE ICC 2009, Dresden.

Published byArianna Warner Modified over 10 years ago

Similar presentations

Presentation on theme: "Institut für Telematik Secure Signaling in Next Generation Networks with NSIS Roland Bless, Martin Röhricht IEEE ICC 2009, Dresden."— Presentation transcript:

1 Institut für Telematik Secure Signaling in Next Generation Networks with NSIS Roland Bless, Martin Röhricht IEEE ICC 2009, Dresden

2 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 1 IEEE ICC 2009, Dresden QoS Reservation Motivation Signaling protocols important component for Next Generation Networks Admission control for resource reservations Management of network entities RSVP NSIS Security of signaling protocols important QoS reservations Firewall configurations NAT traversal mappings Video Server

3 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 2 IEEE ICC 2009, Dresden Next Steps in Signaling – Overview Two-layer approach QoS or NAT/FW NSLP NTLP, i.e. GIST discovery of next signaling peer signaling message transport (unreliable, reliable, secure) Channel security mechanisms at GIST level Hop-by-hop based, not end-to-end Multiplex several different sessions over one secured channel No per-user authentication QoS NSLP Signaling Possibly secured sections

4 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 3 IEEE ICC 2009, Dresden Problem Statement No per-user or per-session authentication possible No per-user authorization No reliable and secure accounting Objective: provide integrity protection for every signaling message Session Authorization Policy Element Relies on provision of authorization tokens from trusted third party Opaque authorization token not sufficient Not related to any signaling message objects

5 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 4 IEEE ICC 2009, Dresden Main Challenges Add per-user authentication mechanism to Authorization Policy Element Integrity protection parts of signaling message Some objects should still be modifiable by intermediate nodes E.g. QoS parameter values Specify light-weight approach Security shouldnt add much additional (setup) delay Thousands of signed signaling messages per node Digital certificates not suitable

6 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 5 IEEE ICC 2009, Dresden Proposal towards Authentic NSIS Signaling Establish binding of authorization object and NSLP messages not included into HMAC included into HMAC Session Authorization Object Hash-Alg-ID, List of Signed NSLP Objects Key-ID for S k Signature Data HMAC(S k, Data) GIST Objects QoS NSLP Objects Protected parts of GIST PDU e.g. Session ID, Message Routing Information Protected parts of QoS NSLP PDU e.g. INFO_SPEC, QSPEC

7 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 6 IEEE ICC 2009, Dresden HMAC-based protection 07815162324 Object Length Length Type = AUTH_SESSION10000000 31 AUTH_ENT_IDHMAC_SIGNED Reserved LengthAUTH_DATA OctetString (Message Authentication Code – HMAC Data) Hash Algorithm ID zero LengthNSLP_OBJ_LISTzero Number of signed NSLP objects=n padding reservedNSLP signed object (1) LengthSTART_TIMENTP_TIME_STAMP NTP time stamp (1) NTP time stamp (2) LengthSOURCE_ADDRIPV4_ADDRESS IPv4 Source Address OctetString (Key Identifier) NSLP signed object (n)reserved

8 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 7 IEEE ICC 2009, Dresden Kerberos based Example Initial Session Authorization Assumption: routers are Kerberized resources TGS NSLP Initiator NSLP Entity 1. Request Session Authorization Object 3. NSLP message with Session Authorization Objects A 1 and A 2 4. Verifies Session Authorization Objects A 1 and A 2. Store key S k extracted from A 1. 2. Get Session Authorization Object A 1 (Resource Ticket) Hash-Alg-ID, List of Signed NSLP Objects Key-ID for S k HMAC(S k, Data) Kerberos Ticket (Incl. Session Key S k ) QoS NSLP objects A1A1 A2A2 GIST objects not included into HMAC included into HMAC Signature Data Administrative Domain

9 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 8 IEEE ICC 2009, Dresden NSIS-ka Suite Open Source C++-based, multi-threaded implementation for Linux GIST QoS NSLP NATFW NSLP Well tested at Interop tests against different implementations Currently under active development GIST-aware NAT-Gateways Mobility support for/with MobileIPv6 Anticipated Handovers Multicast Support Integration into OMNeT++ simulation framework Code freely available: http://nsis-ka.orghttp://nsis-ka.org

10 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 9 IEEE ICC 2009, Dresden Performance Evaluation Proposed integrity protection implemented and tested Benchmarks to determine overhead of HMAC computation Intel Pentium IV 2.8GHz Reading system clock at specific actions and keeping time stamps in memory 50,000 runs measured in µs Creation of Session Authorization Object including HMAC computation 30.8% overhead (Mean) HMAC verification and deserialization of PDU 31.8% overhead (Mean) ActionMinMaxMeanStddev Serialization68.2701.969.110.5 Serialization w. HMAC89.4718.190.48.3 Deserialization74.4705.675.38.8 Deserialization w. HMAC97.6746.399.29.8

11 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 10 IEEE ICC 2009, Dresden Conclusion & Outlook Allows for user-based authentication Integrity protection of important parts of an NSLP message Uses resource efficient HMAC-based signatures Key exchange not per session required Only per user No further backend communication needed by intermediate nodes for integrity checks Low communication overhead Not restricted to a particular NSLP

12 Institut für Telematik Thanks! Questions? www.tm.uka.de/itm

13 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 12 IEEE ICC 2009, Dresden Backup

14 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 13 IEEE ICC 2009, Dresden Session Authorization by Policy Decision Authorizing entity generates Authorization Policy Element According to framework defined by RFC 3521 Retrieved policy element must be copied into Session Authorization Object QNE extracts information Uses Diameter QoS application or RADIUS QoS protocol to contact Policy Decision Point AAA QNI QNE 1. request session authorization object 3. NSLP message with session authorization object 4. verifies session authorization object 2. get session authorization object QNI: QoS NSLP Initiator QNE: QoS NSLP Entity

15 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 14 IEEE ICC 2009, Dresden Generic NSLP object header A, B – Extensibility flags Type – AUTH_SESSION List of Session Authorization Attributes X-Type – Authorizing Entity Identifier, Source/Dest. Address, Start/End Time, Authentication Data SubType – Fully Qualified Domain Name, Digital Certificate, IPv4/v6-Address, Kerberos Principal Name, … Session Authorization Object Session Authorization Attribute List 31 07815162324 ALengthBrrrrrTyper 31 07815162324 SubTypeLengthX-Type Value …

16 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 15 IEEE ICC 2009, Dresden A worked Example with Kerberos Session Authorization Object Format 07815162324 Object Length Length Type = AUTH_SESSION10000000 31 AUTH_ENT_IDKRB_PRINCIPAL OctetString (The principal@realm name) LengthAUTH_DATAzero OctetString (Key identifier, Resource ticket) LengthSTART_TIMENTP_TIME_STAMP NTP time stamp (1) NTP time stamp (2) LengthSOURCE_ADDRIPV4_ADDRESS IPv4 Source Address

17 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 16 IEEE ICC 2009, Dresden HMAC-based Protection Use Message Authentication Code to protect parts of NSLP message New attribute contains list of protected NSLP objects Receiver computes hash over these objects and all attributes of authorization object Allow for crypto agility Specify identifier for used hash function Actually used key referenced by 32 bit key ID Sign every message but dont change key for every transaction or flow Distribution of shared symmetric key required E.g. by using Kerberos

18 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 17 IEEE ICC 2009, Dresden TLS UDP TCP SCTP DCCP IPsec IPv4/IPv6 Signaling Application 1 (QoS) Signaling Application 1 (QoS) Signaling Application 2 (NAT FW) Signaling Application 2 (NAT FW) NSIS Signaling Layer (NSLP) NSIS Transport Layer (NTLP) General Internet Signalling Transport (GIST) General Internet Signalling Transport (GIST)

19 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 18 IEEE ICC 2009, Dresden Length X-Type= NSLP_OBJ_LIST SubType= zero Number of signed NSLP objects=n NSLP signed object (n)padding (if required) reservedNSLP signed object (1) reserved 0781516232431

20 R. Bless, M. Röhricht Institut für Telematik Universität Karlsruhe (TH) www.tm.uka.de 19 IEEE ICC 2009, Dresden Kerberos based Example Subsequent Session Authorizations TGS 1. NSLP message with Session Authorization Object A 2. Verifies Session Authorization Object A List of Signed NSLP Objects Hash-Alg-ID, Key-ID for S k HMAC(S k, Data) QoS NSLP objects A GIST objects not included into HMAC included into HMAC NSLP Initiator NSLP Entity Signature Data

Download ppt "Institut für Telematik Secure Signaling in Next Generation Networks with NSIS Roland Bless, Martin Röhricht IEEE ICC 2009, Dresden."

Similar presentations

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.

IP Security have considered some application specific security mechanisms –eg. S/MIME, PGP, Kerberos, SSL/HTTPS however there are security concerns that.
1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.

1 An Update on Multihoming in IPv6 Report on IETF Activity IPv6 Technical SIG 1 Sept 2004 APNIC18, Nadi, Fiji Geoff Huston.
Security Issues In Mobile IP

Security Issues In Mobile IP
Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.

Efficient Secure Aggregation in VANETs Maxim Raya, Adel Aziz, and Jean-Pierre Hubaux Laboratory for computer Communications and Applications (LCA) EPFL.
Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.

Adapted Multimedia Internet KEYing (AMIKEY): An extension of Multimedia Internet KEYing (MIKEY) Methods for Generic LLN Environments draft-alexander-roll-mikey-lln-key-mgmt-01.txt.
Internet Protocol Security (IP Sec)

Internet Protocol Security (IP Sec)
Institut für Telematik Quality-of-Service Support for Mobile Users using NSIS Roland Bless, Martin Röhricht Networking 2009, Aachen.

Institut für Telematik Quality-of-Service Support for Mobile Users using NSIS Roland Bless, Martin Röhricht Networking 2009, Aachen.
Chapter 14 – Authentication Applications

Chapter 14 – Authentication Applications
Kerberos and X.509 Fourth Edition by William Stallings

Kerberos and X.509 Fourth Edition by William Stallings
Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.

Authentication Applications. will consider authentication functions will consider authentication functions developed to support application-level authentication.
Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).

Kerberos 1 Public domain image of Heracles and Cerberus. From an Attic bilingual amphora, 530–520 BC. From Italy (?).
PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.

PIS: Unit III Digital Signature & Authentication Sanjay Rawat PIS Unit 3 Digital Sign Auth Sanjay Rawat1 Based on the slides of Lawrie.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.
Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.

Spring 2012: CS419 Computer Security Vinod Ganapathy SSL, etc.
Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.

Progress Report: Metering NSLP (M-NSLP) 66th IETF meeting, NSIS WG.
TLS. 14.1 Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.

TLS Introduction 14.2 TLS Record Protocol 14.3 TLS Handshake Protocol 14.4 Summary.
Cryptography and Network Security

Cryptography and Network Security
Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)

Working Connection Computer and Network Security - SSL, IPsec, Firewalls – (Chapter 17, 18, 19, and 23)
7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, I've Got You under My Skin“ by Cole Porter.

7-1 Chapter 7 – Web Security Use your mentality Wake up to reality —From the song, "I've Got You under My Skin“ by Cole Porter.
Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Cryptography and Network Security Third Edition by William Stallings Lecture slides by Lawrie Brown.

Similar presentations

Ads by Google