50 likes | 58 Views
Explore the concerns with key management protocols in the security area and their impact on AAA. Learn about acceptable solutions, algorithm independence, confidentiality, replay detection, and more.
E N D
Key Management in AAA Russ Housley Incoming Security Area Director
Introduction • Some people are concerned that a working group outside of the Security Area is designing a key management protocols. • Why? • Key management protocols are subtle. • An expert can easily miss a flaw. • Peer review by multiple experts is essential.
Concerns with EAP • Employs new key distribution architecture • Poorly understood security properties • Three party models have been well studied, but these do not align directly with AAA • Select one end-to-end mechanism to protect distributed keys • Needs robust key naming scheme • Needs to establish fresh session keys • Principle of least privilege not followed
Acceptable solution MUST… • Be algorithm independent protocol • For interoperability, select at least one suite of algorithms that MUST be implemented • Establish strong, fresh session keys • Maintain algorithm independence • Include replay detection mechanism • Authenticate all parties • Maintain confidentiality of authenticator • NO plaintext passwords
Acceptable solution MUST also … • Perform client and NAS authorization • Maintain confidentiality of session keys • Confirm selection of “best” ciphersuite • Uniquely name session keys • Compromise of a single NAS cannot compromise any other part of the system, including session keys and long-term keys • Bind key to appropriate context