Network Time Security



Similar documents
Communication Security for Applications

Chapter 17. Transport-Level Security

Authenticated Network Time Synchronization

Message authentication and. digital signatures

Web Security (SSL) Tecniche di Sicurezza dei Sistemi 1

Network Security Part II: Standards

Cisco Which VPN Solution is Right for You?

White paper. Testing for Wi-Fi Protected Access (WPA) in WLAN Access Points.

Keeping SCADA Networks Open and Secure DNP3 Security

Authentication Applications

2. NTP Security Model and Authentication Scheme

Your Wireless Network has No Clothes

Release Notes. NCP Secure Entry Mac Client. 1. New Features and Enhancements. 2. Improvements / Problems Resolved. 3. Known Issues

to hide away details from prying eyes. Pretty Good Privacy (PGP) utilizes many

Overview of Cryptographic Tools for Data Security. Murat Kantarcioglu

Chapter 7 Transport-Level Security

The Autokey Security Architecture, Protocol and Algorithms

Network Security [2] Plain text Encryption algorithm Public and private key pair Cipher text Decryption algorithm. See next slide

CS 336/536 Computer Network Security. Summer Term Wi-Fi Protected Access (WPA) compiled by Anthony Barnard

TechNote 0006: Digital Signatures in PDF/A-1

The English translation Of MBA Standard 0301

Midterm. Name: Andrew user id:

C O M P U T E R S E C U R I T Y

21.4 Network Address Translation (NAT) NAT concept

United States Trustee Program s Wireless LAN Security Checklist

Internetwork Security

NISTIR 7676 Maintaining and Using Key History on Personal Identity Verification (PIV) Cards

CS 758: Cryptography / Network Security

Secure Sockets Layer (SSL ) / Transport Layer Security (TLS) Network Security Products S31213

Release Notes. NCP Secure Client Juniper Edition. 1. New Features and Enhancements. 2. Problems Resolved

Three attacks in SSL protocol and their solutions

Efficient nonce-based authentication scheme for Session Initiation Protocol

OPENID AUTHENTICATION SECURITY

Secure Data Transfer

CS 393 Network Security. Nasir Memon Polytechnic University Module 11 Secure

Module 8. Network Security. Version 2 CSE IIT, Kharagpur

CS 356 Lecture 27 Internet Security Protocols. Spring 2013

Key Hopping A Security Enhancement Scheme for IEEE WEP Standards

SMPTE Standards Transition Issues for NIST/FIPS Requirements v1.1

A Noval Approach for S/MIME

OCRA Validation Server Profile

IPv6 Addressing. Awareness Objective. IPv6 Address Format & Basic Rules. Understanding the IPv6 Address Components

EAP-WAI Authentication Protocol

Site to Site Virtual Private Networks (VPNs):

Case Study for Layer 3 Authentication and Encryption

Precision Time Protocol (PTP/IEEE-1588)

[MS-SSTP]: Secure Socket Tunneling Protocol (SSTP) Intellectual Property Rights Notice for Open Specifications Documentation

Chapter 10. Network Security

7 Network Security. 7.1 Introduction 7.2 Improving the Security 7.3 Internet Security Framework. 7.5 Absolute Security?

Security in IPv6. Basic Security Requirements and Techniques. Confidentiality. Integrity

NEMA Standards Publication PS 3 Supplement 41. Digital Imaging and Communications in Medicine (DICOM) Digital Signatures

Securing IP Networks with Implementation of IPv6

IP Security. Ola Flygt Växjö University, Sweden

IEEE Broadband Wireless Access Working Group <

Network Authentication X Secure the Edge of the Network - Technical White Paper

As enterprises conduct more and more

Release Notes. NCP Secure Entry Mac Client. Major Release 2.01 Build 47 May New Features and Enhancements. Tip of the Day

APNIC elearning: IPSec Basics. Contact: esec03_v1.0

WIRELESS PUBLIC KEY INFRASTRUCTURE FOR MOBILE PHONES

NETWORK ADMINISTRATION AND SECURITY

Design Notes for an Efficient Password-Authenticated Key Exchange Implementation Using Human-Memorable Passwords

Digital Signatures in a PDF

tcpcrypt Andrea Bittau, Dan Boneh, Mike Hamburg, Mark Handley, David Mazières, Quinn Slack Stanford, UCL

Security. Contents. S Wireless Personal, Local, Metropolitan, and Wide Area Networks 1

Secure Network Communications FIPS Non Proprietary Security Policy

Key Management Interoperability Protocol (KMIP)

AN RC4 BASED LIGHT WEIGHT SECURE PROTOCOL FOR SENSOR NETWORKS

IP-Telephony Real-Time & Multimedia Protocols

SPINS: Security Protocols for Sensor Networks

SSL A discussion of the Secure Socket Layer

Other VPNs TLS/SSL, PPTP, L2TP. Advanced Computer Networks SS2005 Jürgen Häuselhofer

VoIP Security. Seminar: Cryptography and Security Michael Muncan

Using IPSec in Windows 2000 and XP, Part 2

PROCEDURE FOR UPDATING LISTS THROUGH WEB INTERFACE

VPN. VPN For BIPAC 741/743GE

How To Understand And Understand The Ssl Protocol ( And Its Security Features (Protocol)

T Cryptography and Data Security

Real-Time Communication Security: SSL/TLS. Guevara Noubir CSU610

The next generation of knowledge and expertise Wireless Security Basics

WHITE PAPER AUGUST Preventing Security Breaches by Eliminating the Need to Transmit and Store Passwords

Journal of Mobile, Embedded and Distributed Systems, vol. I, no. 1, 2009 ISSN

National Security Agency Perspective on Key Management

National Identity Exchange Federation (NIEF) Trustmark Signing Certificate Policy. Version 1.1. February 2, 2016

Transport Layer Security Protocols

Chapter 9 Key Management 9.1 Distribution of Public Keys Public Announcement of Public Keys Publicly Available Directory

Bit Chat: A Peer-to-Peer Instant Messenger

Chapter 18. Network Management Basics

Network Security Protocols

TCP/IP works on 3 types of services (cont.): TCP/IP protocols are divided into three categories:

Overview of SSL. Outline. CSC/ECE 574 Computer and Network Security. Reminder: What Layer? Protocols. SSL Architecture

Efficient Nonce-based Authentication Scheme for. session initiation protocol

Network Security (2) CPSC 441 Department of Computer Science University of Calgary

Chapter 4. Authentication Applications. COSC 490 Network Security Annie Lu 1

Computer Networks. Network Security and Ethics. Week 14. College of Information Science and Engineering Ritsumeikan University

Transcription:

Network Time Security draft-ietf-ntp-network-time-security-08 draft-ietf-ntp-cms-for-nts-message-02 draft-ietf-ntp-using-nts-for-ntp-00 Dr. Dieter Sibold Kristof Teichel Stephen Röttger IETF 92 (Dallas), March 22-27, 2015

Outline History Scope Progress/Major Changes New Structure NTS Document CMS-for-NTS Document NTS-for-NTP Document Non IETF activities IEEE P1588 WG Authenticated NTP Project (ANTP) Next steps IETF 92 (Dallas), March 22-27, 2015 2/17

History IETF 83: Presentation of security issues of RFC 5906 (autokey) IETF 84: Presentation of plan for a new autokey standard IETF 85 86: I-D draft-sibold-autokey-nn IETF 87 90: I-D draft-ietf-ntp-network-time-security-nn IETF 91: Continuation as draft-ietf-ntp-network-time-security-05 and addition of document draft-ietf-ntp-cms-for-nts-message-00 Submission January 2015: (January 16) draft-ietf-ntp-network-time-security-06 (January 22) draft-ietf-ntp-cms-for-nts-message-01 Submission March 2015: (March 03) draft-ietf-ntp-network-time-security-07 (March 05) draft-ietf-ntp-network-time-security-08 (March 06) draft-ietf-ntp-cms-for-nts-message-02 (March 06) draft-ietf-ntp-using-nts-for-ntp-00 IETF 92 (Dallas), March 22-27, 2015 3/17

Scope Network Time Security shall provide: Authenticity of time servers Integrity of synchronization data packets Conformity with TICTOC s Security Requirements (RFC 7384) Support of NTP and PTP IETF 92 (Dallas), March 22-27, 2015 4/17

Progress/Major Changes Contract signed with NTF, implementation underway Protocol Messages: Added a nonce to association exchange and extended signature in response message over request data Feedback: Tal Mizrahi Authors of Authenticated NTP article Document Structure: Overhaul of main document to be more generic (less NTP specific) Overhaul of draft-ietf-cms-for-nts-message to also be more generic Addition of document draft-ietf-ntp-using-nts-on-ntp (Holds the NTP specific content lost in the other documents) IETF 92 (Dallas), March 22-27, 2015 5/17

New Structure: Overview IETF 92 (Dallas), March 22-27, 2015 6/17

Main document now contains New Structure: Main Document Objectives (protocol-independent) NTS overview (protocol-independent) List of message exchanges, each with: Goals of this specific message exchange (isolated) All necessary message types Exchange procedure overview with diagram Considerations on server seed, hash algorithms and MAC generation (all generic; no specific data like bit lengths) Protocol-independent security considerations (added privacy discussion) Table of requirements (RFC 7384) Description of how NTS employs TESLA (generic with respect to bit lengths, choice of one-way function etc.) Overview of message dependencies and required pre-shared keys IETF 92 (Dallas), March 22-27, 2015 7/17

New Structure: CMS-4-NTS CMS-4-NTS document now contains: CMS conventions Definition of archetypes Use of pre-defined CMS content types ASN.1 structures for different message types (each has a comment on what additional information is needed for the message type) IETF 92 (Dallas), March 22-27, 2015 8/17

New Structure: NTS-4-NTP NTS-4-NTP document contains: Objectives for NTS-secured NTP Overview of NTS-secured NTP (unicast and broadcast mode) Protocol Sequence Split into client and server behaviour description, each split into unicast and broadcast sequence Sequence and order as appropriate for NTP Behaviour description overlaps with main document Implementation notes: extends description from CMS-for-NTS document and gives specifics NTP-specific security considerations (e.g. NTP pools) Flow diagrams for NTP specific client behaviour IETF 92 (Dallas), March 22-27, 2015 9/17

IEEE P1588 working group: NTS-4-PTP First draft of NTS-4-PTP document contains: Protocol sequence as appropriate for PTP in mixed communication mode Description of NTS message structures in the context of PTP IETF 92 (Dallas), March 22-27, 2015 10/17

Report: ANTP Project (1) ANTP Contributors: Queensland University of Technology: Benjamin Dowling, Douglas Stebila Microsoft Research: Greg Zaverucha Goals for ANTP: Authentication of single NTP server to SNTP client Integrity protection No server-side state for each client Low amount of public-key operations on server side IETF 92 (Dallas), March 22-27, 2015 11/17

Report: ANTP Project (2) Main Differences between ANTP and NTS approaches: Differences in Scope: ANTP has no use of client certificates no client authorization ANTP does not secure NTP broadcast Differences in Methods: ANTP encrypts server state; transmits it to appropriate client NTS recalculates server state upon a time request ANTP contains additional zero cryptographic delay mode (sends cryptographic confirmations in a subsequent message) IETF 92 (Dallas), March 22-27, 2015 12/17

Next steps Version 09 Future versions Consideration of DANE IANA Considerations Review and comments are requested from: TICTOC Working Group NTP Working Group NTP development team IETF 92 (Dallas), March 22-27, 2015 13/17

APPENDIX: Detailed Diff (1) Overhaul of main document to be more generic (less NTP specific) Removed differentiation of unicast and broadcast mode Removed NTP inspired protocol sequence Replaced protocol sequence by message dependency diagram Removed specific data like bit length of nonces and keys Removed protocol specific discussion like usage of NTP pools Overhaul of draft-ietf-cms-for-nts-message to also be more generic Removed description of building messages via NTP packets IETF 92 (Dallas), March 22-27, 2015 14/17

APPENDIX: Detailed Diff (2) Clean-up of generic main document: Reworked Introduction Reworked Objectives section Generalized formulation of method for achieving initial time synchronization for TESLA Reworked message dependecy diagram Refreshed requirements table (RFC 7384) For each message exchange, added: description of purpose procedure overview Security Considerations: Added paragraph on privacy Shortened paragraph on certificate validation Moved paragraph on random number generation here (from appendix) IETF 92 (Dallas), March 22-27, 2015 15/17

APPENDIX: Detailed Diff (3) Feedback: Feedback from Tal Overhaul of terminology section (common terminology NTP/PTP) Clarified the use of client certificates and public keys Added message exchange flow diagrams Added table for required pre-shared keys during communication Appropriately marked appendices as normative/informative Feedback from ANTP group Clarified authorization Association exchange: added nonce, also included request data in the signature Corresponding changes in CMS document: Edited structure of association message objects IETF 92 (Dallas), March 22-27, 2015 16/17

APPENDIX: Detailed Diff (4) Last-minute corrections in main document: Minor syntax corrections Inserted paragraph on different key pairs for encrypting and signing Inserted missing objective as well as necessary client checks for association exchange IETF 92 (Dallas), March 22-27, 2015 17/17

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information