TCP Authentication Option: Keying Protocol Issues - PowerPoint PPT Presentation

About This Presentation

Title:

TCP Authentication Option: Keying Protocol Issues

Description:

Can derive from host or host service keys. Used for all intra-connection changes ... Used for traffic-based key rollover. KeyID. Return: TCP option exclusion ... – PowerPoint PPT presentation

Number of Views:36

Avg rating:3.0/5.0

Slides: 9

Provided by: joseph111

Learn more at: https://www.ietf.org

Category:

Tags: tcp | authentication | issues | keying | keys | option | protocol

Transcript and Presenter's Notes

Title: TCP Authentication Option: Keying Protocol Issues

1
TCP Authentication OptionKeying Protocol Issues

Joe Touch, USC/ISI

2
Auth Design Team

Input
Multiple candidate TCP MD5 update IDs
Bellovins requirements document
Output
Current TCPM ID
Defines a TCP SA database (TSAD)
Factors key mgt out as external
Update to Bellovins doc
Summary inside current TCPM ID

3
Key Mgt Requirements

Minimis variants/features
Can be simpler than IKEv2
Provides per-connection keys
Socket pair keys are NOT reused (default)
Can derive from host or hostservice keys
Used for all intra-connection changes
Adding new keys, deleting old ones
Changing per-key parameters (alg, len, option
coverage, etc.)

4
TSAD Entries

Socket pair (src dst IP, src dst port)
Inbound
TCP option exclusion list
ltkey tuplegt
Outbound
TCP option exclusion list
ltkey tuplegt

5
Key tuple

KeyID (optional)
MAC algorithm
MAC name
MAC length
Padding (if used)
Key
Value
Length

6
TSAD API

Call
Socket pair (connection ID)
Source port can be 0x00 (wildcard, return all
entries)
Direction
Bytes sent/received
Used for traffic-based key rollover
KeyID
Return
TCP option exclusion list
ltkey tuplegt

7
Key Management Iface

Add/delete entry
Entire socket pair entry
Add/delete key tuple
Never modify
Anything else?
Also need to specify 2 required MACs for TCP-AO
Anything NOT used
Nothing from a TCP packet (seq no, timestamp) or
connection (ISN, etc.)

8
Key mgt protocol reqts

Negotiate TSAD entries
Socket pair, direction, key tuples
MAY also negotiate TCP MD5 entries (subset of
TCP-AO entry values)
Coordinate key tuples
Explicit exchange
Derivation via a group key and generation alg

Write a Comment

User Comments (0)

About PowerShow.com

Recommended Relevance Latest Highest Rated Most Viewed

Sort by:

Related More from user

CrystalGraphics Presentations

World's Best PowerPoint Templates PowerPoint PPT Presentation

World's Best PowerPoint Templates - CrystalGraphics offers more PowerPoint templates than anyone else in the world, with over 4 million to choose from. Winner of the Standing Ovation Award for “Best PowerPoint Templates” from Presentations Magazine. They'll give your presentations a professional, memorable appearance - the kind of sophisticated look that today's audiences expect. Boasting an impressive range of designs, they will support your presentations with inspiring background photos or videos that support your themes, set the right mood, enhance your credibility and inspire your audiences.

CrystalGraphics 3D Character Slides for PowerPoint PowerPoint PPT Presentation

CrystalGraphics 3D Character Slides for PowerPoint - CrystalGraphics 3D Character Slides for PowerPoint

Chart and Diagram Slides for PowerPoint PowerPoint PPT Presentation

Chart and Diagram Slides for PowerPoint - Beautifully designed chart and diagram s for PowerPoint with visually stunning graphics and animation effects. Our new CrystalGraphics Chart and Diagram Slides for PowerPoint is a collection of over 1000 impressively designed data-driven chart and editable diagram s guaranteed to impress any audience. They are all artistically enhanced with visually stunning color, shadow and lighting effects. Many of them are also animated. And they’re ready for you to use in your PowerPoint presentations the moment you need them. – PowerPoint PPT presentation

Related Presentations

Cutting Edge VoIP Security Issues Color PowerPoint PPT Presentation

Cutting Edge VoIP Security Issues Color - Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer mark.collier@securelogix.com www.securelogix.com | PowerPoint PPT presentation | free to view

Security Problems in the TCP/IP Protocol Suite PowerPoint PPT Presentation

Security Problems in the TCP/IP Protocol Suite - Finger (Cont) Additionally, if you fingered a host it would report all currently logged in ... The trouble is that finger gave out loads of potentially ... | PowerPoint PPT presentation | free to view

Implementation and Performance Analysis of SNMP on a TLS/TCP Base. Du, Shayman and Rozenblitz PowerPoint PPT Presentation

Implementation and Performance Analysis of SNMP on a TLS/TCP Base. Du, Shayman and Rozenblitz - Implementation and Performance Analysis of SNMP on a TLS/TCP Base. Du, Shayman and Rozenblitz Sarwar S Raza WPI CS 577 Outline Overview of SNMP Introduction TLS ... | PowerPoint PPT presentation | free to view

Securing Data with Internet Protocol Security (IPSec) PowerPoint PPT Presentation

Securing Data with Internet Protocol Security (IPSec) - Decide whether to implement IPSec transport mode or IPSec tunnel mode. ... Create a lab environment that emulates the production network. ... | PowerPoint PPT presentation | free to view

Cutting Edge VoIP Security Issues Color PowerPoint PPT Presentation

Cutting Edge VoIP Security Issues Color - Hacking Exposed: VoIP Mark D. Collier Chief Technology Officer SecureLogix Corporation mark.collier@securelogix.com Outline Overview Gathering Information ... | PowerPoint PPT presentation | free to view

Security PowerPoint PPT Presentation

Security - List basic authentication concepts (what you know, what you have, who you are) ... Account lockout. Authentication in Windows and Linux. Linux. Root account ... | PowerPoint PPT presentation | free to view

Authentication for TCP-based Routing and Management Protocols PowerPoint PPT Presentation

Authentication for TCP-based Routing and Management Protocols - Hitless key rollover. Key chains configured on peer systems. Key Identifiers ... If there are multiple candidates, select key with most recent start-time for sending ... | PowerPoint PPT presentation | free to view

Networking over Bluetooth: overview and issues PowerPoint PPT Presentation

Networking over Bluetooth: overview and issues - Title: Networking over Bluetooth: overview and issues Author: Pravin Bhagwat Last modified by: ggopalak Created Date: 5/25/1999 12:36:35 PM Document presentation format | PowerPoint PPT presentation | free to view

GridFTP: File Transfer Protocol in Grid Computing Networks PowerPoint PPT Presentation

GridFTP: File Transfer Protocol in Grid Computing Networks - File Transfer Protocol in Grid Computing Networks Caitlin Minteer Agenda Grid Computing Globus Toolkit Grid FTP Advantages of GridFTP Disadvantages of GridFTP Using ... | PowerPoint PPT presentation | free to view

Security and Reliability Issues in Distributed Systems PowerPoint PPT Presentation

Security and Reliability Issues in Distributed Systems - Distributed systems developed rapidly over the past two decades ... confidentiality: message transmitted must not be readable to unintended entities ... | PowerPoint PPT presentation | free to view

Cutting Edge VoIP Security Issues Color PowerPoint PPT Presentation

Cutting Edge VoIP Security Issues Color - An enterprise website often contains a lot of information that is useful to a hacker: ... OS details: Cisco VoIP Phone 7905/7912 or ATA 186 Analog Telephone Adapter ... | PowerPoint PPT presentation | free to view

DHCP Dynamic Host Configuration Protocol PowerPoint PPT Presentation

DHCP Dynamic Host Configuration Protocol - Dynamic Host Configuration Protocol Zhiqi Chen April 12, 2006 Summary of topics Introduction History of DHCP BOOTP BOOTP (cont.) BOOTP (cont.) Purpose of DHCP Three ... | PowerPoint PPT presentation | free to view

Implementation and Performance Analysis of SNMP on a TLS/TCP Base. Du, Shayman and Rozenblitz PowerPoint PPT Presentation

Implementation and Performance Analysis of SNMP on a TLS/TCP Base. Du, Shayman and Rozenblitz - A Network Management System is composed of: ... Compress/decompress. Calculate client/server MAC. Encrypt/Decrypt. Append/Remove TLS Record header. ... | PowerPoint PPT presentation | free to view

Security Issues Raised by Wireless LANs PowerPoint PPT Presentation

Security Issues Raised by Wireless LANs - IEEE 802.11b Wireless PC Card - $ 19.99. Linksys Etherfast Wireless AP Cable/DSL Router ... http://www.accessatlanta.com/ajc/news/0302/31wireless.html. 5 ' ... | PowerPoint PPT presentation | free to view

Network Time Protocol: Past, Present and Future PowerPoint PPT Presentation

Network Time Protocol: Past, Present and Future - Twenty years of analysis, modeling and refinement. Splitting the microsecond ... Survey nearby network environment to construct a list of suitable servers ... | PowerPoint PPT presentation | free to view

Network security PowerPoint PPT Presentation

Network security - Network security Foundations: what is security? cryptography authentication message integrity key distribution and certification Security in practice: | PowerPoint PPT presentation | free to view

Computer and Information Security PowerPoint PPT Presentation

Computer and Information Security - ... much more than protocol designers envisaged originally. TCP/IP ... Allows deployment of new/emerging applications that may not have their own security. ... | PowerPoint PPT presentation | free to view

SSL Secure Sockets Layer PowerPoint PPT Presentation

SSL Secure Sockets Layer - ... run 'on top of' TCP/IP in the sense that they all use TCP/IP to support ... The SSL protocol runs above TCP/IP and below higher-level protocols such as HTTP ... | PowerPoint PPT presentation | free to view

Secure Sockets Layer (SSL) Protocol PowerPoint PPT Presentation

Secure Sockets Layer (SSL) Protocol - Secure Sockets Layer (SSL) Protocol by Steven Giovenco Overview History SSL SSL Roles Protocol Stack The 4 Protocols The Record Layer Message Authentication Code ... | PowerPoint PPT presentation | free to view

TCP over ATM: PowerPoint PPT Presentation

TCP over ATM: - ... The Cellular Concept and Frequency Re-use The cellular concept was introduced to solve the problem of frequency limitation (or spectral congestion) ... | PowerPoint PPT presentation | free to view

Hypertext Transfer Transfer Protocol HTTP PowerPoint PPT Presentation

Hypertext Transfer Transfer Protocol HTTP - A HREF=titi.php3?arg1=val1&arg2=val2 that link /A Through forms FORM ACTION=titi.php3 INPUT .... /FORM With POST method. Only through forms. 54 ... | PowerPoint PPT presentation | free to view

SSL Protocol PowerPoint PPT Presentation

SSL Protocol - ... Web server also runs an IMAP (Internet Mail Access Protocol) server, then ... IMAP servers are known to be prone to attacks. Authentication Issues ... | PowerPoint PPT presentation | free to view

Remote%20Technologies PowerPoint PPT Presentation

Remote%20Technologies - Remote Technologies UK-WITS Protocol Project Jim Baker Water Corporation of WA * Supply failure If the Field Device is able to detect a supply failure then this bit ... | PowerPoint PPT presentation | free to view

Authentication for TCP-based Routing and Management Protocols PowerPoint PPT Presentation

Authentication for TCP-based Routing and Management Protocols - Authentication for TCP-based Routing and Management Protocols. draft ... Draft-weis-tcp-auth-auto-ks. Rejected Approach: In the ... not protect against a ... | PowerPoint PPT presentation | free to view

The Rapid Fire Survey of IP UDP TCP PowerPoint PPT Presentation

The Rapid Fire Survey of IP UDP TCP - A few companies got class A networks (e.g., Digital, Xerox) ... Obviously impractical for a Class A network. That's 16,777,216 hosts ... | PowerPoint PPT presentation | free to view

Cisco RouterSwitch Hardening Colorado Springs Cisco Users Group April 8, 2003 PowerPoint PPT Presentation

Cisco RouterSwitch Hardening Colorado Springs Cisco Users Group April 8, 2003 - Authentication proxy (for dynamic, user-based authentication and authorization) ... ip auth-proxy mywebproxy. access-list 116 permit tcp any any eq www ... | PowerPoint PPT presentation | free to view

CSC 600 Internetworking with TCP/IP PowerPoint PPT Presentation

CSC 600 Internetworking with TCP/IP - Core systems work best for internets that have a single, centrally managed backbone. ... For use with TCP/IP internets. Preferred EGP of the Internet ... | PowerPoint PPT presentation | free to view