Download
eap mutual cryptographic binding draft ietf karp ops model 03 n.
Skip this Video
Loading SlideShow in 5 Seconds..
EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03 PowerPoint Presentation
Download Presentation
EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03

EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03

150 Views Download Presentation
Download Presentation

EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03

- - - - - - - - - - - - - - - - - - - - - - - - - - - E N D - - - - - - - - - - - - - - - - - - - - - - - - - - -
Presentation Transcript

  1. EAP Mutual Cryptographic Bindingdraft-ietf-karp-ops-model-03 S. Hartman M. Wasserman D. Zhang

  2. Background (1) • In the past, work focuses on protecting the interests of servers providing services • avoiding an attacker using a tunnel to capture the keys: tunnel MITM attack

  3. Background (2) • The peer relies more on the information provided by EAP servers • Legal servers which provides different services may have benefit confliction and may become attackers • e.g.,“Lying NAS” • The interests of peer must also be protected

  4. An attack which bypasses MSK-Based Crypto-Binding

  5. How the attacker can success • The peer fails to check the identity of the attacker • An authentication method is allowed to be executed within or out of the tunnel • MSK-based crypto-binding use the MSK which is transferred from the EAP server which originally generates it

  6. How to Mitigate this Issue • Improve certificate validation • A trust anchor is needed • Naming rules is needed • Strict security policies • EMSK-based Crypto-binding

  7. EMSK-based Crypto-binding • Advantage: simple and intuitive • Provide transparent security with on additional config • Disadvantages: incapable in some caseses • Inner authentication method cannot generate EMSK • The case where there are a intermediate AAA terminates the EAP tunnel and a separate AAA server for the inner method

  8. Update • Correct typos and mistakes in the reference • E.g., [RFC3778]->[RFC3748] • Mutual Cryptographic Binding -> EMSK-based cryptographic binding • Add figures missed in the last version of the draft • Point out that: • EMSK-Based cryptographic binding MAY be provided as an optional facility • A peer may use other means to authenticate the NAS. For instance, the peer has sufficient information configured to validate the certificate and identity of an EAP server

  9. END