1 / 9

EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03

EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03. S. Hartman M. Wasserman D. Zhang. Background (1). In the past, work focuses on protecting the interests of servers providing services avoiding an attacker using a tunnel to capture the keys: tunnel MITM attack. Background (2).

ashby
Download Presentation

EAP Mutual Cryptographic Binding draft-ietf-karp-ops-model-03

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. EAP Mutual Cryptographic Bindingdraft-ietf-karp-ops-model-03 S. Hartman M. Wasserman D. Zhang

  2. Background (1) • In the past, work focuses on protecting the interests of servers providing services • avoiding an attacker using a tunnel to capture the keys: tunnel MITM attack

  3. Background (2) • The peer relies more on the information provided by EAP servers • Legal servers which provides different services may have benefit confliction and may become attackers • e.g.,“Lying NAS” • The interests of peer must also be protected

  4. An attack which bypasses MSK-Based Crypto-Binding

  5. How the attacker can success • The peer fails to check the identity of the attacker • An authentication method is allowed to be executed within or out of the tunnel • MSK-based crypto-binding use the MSK which is transferred from the EAP server which originally generates it

  6. How to Mitigate this Issue • Improve certificate validation • A trust anchor is needed • Naming rules is needed • Strict security policies • EMSK-based Crypto-binding

  7. EMSK-based Crypto-binding • Advantage: simple and intuitive • Provide transparent security with on additional config • Disadvantages: incapable in some caseses • Inner authentication method cannot generate EMSK • The case where there are a intermediate AAA terminates the EAP tunnel and a separate AAA server for the inner method

  8. Update • Correct typos and mistakes in the reference • E.g., [RFC3778]->[RFC3748] • Mutual Cryptographic Binding -> EMSK-based cryptographic binding • Add figures missed in the last version of the draft • Point out that: • EMSK-Based cryptographic binding MAY be provided as an optional facility • A peer may use other means to authenticate the NAS. For instance, the peer has sufficient information configured to validate the certificate and identity of an EAP server

  9. END

More Related