Key Management in AAA

Key Management in AAA Russ Housley Incoming Security Area Director

Introduction • Some people are concerned that a working group outside of the Security Area is designing a key management protocols. • Why? • Key management protocols are subtle. • An expert can easily miss a flaw. • Peer review by multiple experts is essential.

Concerns with EAP • Employs new key distribution architecture • Poorly understood security properties • Three party models have been well studied, but these do not align directly with AAA • Select one end-to-end mechanism to protect distributed keys • Needs robust key naming scheme • Needs to establish fresh session keys • Principle of least privilege not followed

Acceptable solution MUST… • Be algorithm independent protocol • For interoperability, select at least one suite of algorithms that MUST be implemented • Establish strong, fresh session keys • Maintain algorithm independence • Include replay detection mechanism • Authenticate all parties • Maintain confidentiality of authenticator • NO plaintext passwords

Acceptable solution MUST also … • Perform client and NAS authorization • Maintain confidentiality of session keys • Confirm selection of “best” ciphersuite • Uniquely name session keys • Compromise of a single NAS cannot compromise any other part of the system, including session keys and long-term keys • Bind key to appropriate context

Key Management in AAA

Key Management in AAA

Presentation Transcript

aaa

Key Management in Cryptography

aaa

AAA

aaa

AAA

aaa

Advances in AAA

aaa

aaa

aaa

aaa

aaa