802 1x eap keying 802 1 status update
play

802.1X & EAP & Keying 802.1 Status Update Paul Congdon - PowerPoint PPT Presentation

Apr 10, 2024 •463 likes •554 views

802.1X & EAP & Keying 802.1 Status Update Paul Congdon Hewlett Packard March 2003 IETF 56, San Francisco, CA 1 The Work Going On Several specifications MUST align to enable a working implementations: IEEE 802.1aa (update

  1. 802.1X & EAP & Keying 802.1 Status Update Paul Congdon Hewlett Packard March 2003 IETF 56, San Francisco, CA 1

  2. The Work Going On • Several specifications MUST align to enable a working implementations: – IEEE 802.1aa (update to 802.1X) • http://www.ieee802.org/1/files/private/aa-drafts/d5/ • http://www-personal.umich.edu/~jrv/eap.htm – IEEE 802.11 TGi (security) • http://www.ieee802.org/11/private/Draft_Standards/11i/802.11i-D3.0.doc – RFC 2284bis (EAP) • http://www.levkowetz.com/pub/ietf/drafts/eap/ • http://www.ietf.org/internet-drafts/draft-ietf-eap-rfc2284bis-01.txt • http://www.drizzle.com/~aboba/EAP/eapissues.html – EAP state machine work • http://www.ietf.org/internet-drafts/draft-ietf-eap-esteem-01.txt • http://www.ietf.org/internet-drafts/draft-vollbrecht-eap-state-01.txt – RFC 2869bis (RADIUS support for EAP) • http://www.drizzle.com/~aboba/EAP/draft-aboba-radius-rfc2869bis-10.txt – Draft-congdon (RADIUS and 802.1X) • http://www.ietf.org/internet-drafts/draft-congdon-radius-8021x-23.txt March 2003 IETF 56, San Francisco, CA 2

  3. What has been done so far? • A number of issues resolved with RFC 2284bis (EAP) – http://www.drizzle.com/~aboba/EAP/eapissues.html • Interface between 802.1X and EAP well defined – http://www-personal.umich.edu/~jrv/eap.htm • Preliminary EAP state machines defined – http://www.cs.umd.edu/~npetroni/EAP/ • Last call on RFC 2869bis (RADIUS/EAP) – http://www.ietf.org/internet-drafts/draft-aboba-radius-rfc2869bis-09.txt • Last call on draft-congdon (RADIUS/802.1X) – http://www.ietf.org/internet-drafts/draft-congdon-radius-8021x-23.txt • Proposed changes to 802.1X machines and 802.1aa/D5 – http://www-personal.umich.edu/~jrv/eap.htm • Proposed changes to key interface for 802.11i – http://www-personal.umich.edu/~jrv/eap.htm March 2003 IETF 56, San Francisco, CA 3

  4. Proposed and Agreed Changes to 802.1aa/D5 • Specification of interface between EAP/802.1X • No more EAP packet processing in 802.1X • Addition of controlled port in Supplicant • Initial Authenticator request comes from EAP not 802.1X • Ability for EAP to silently discard frames • Proposed inclusion of EAP machines in 802.1X Annex – ISSUE: How to coordinate this with ongoing work in IETF • EAPOL-Key exchange sequenced before EAP-Success • Propose update generic key machines to match a well defined interface within 802.1X. 802.11 TGi to use this interface for 4-way handshake. March 2003 IETF 56, San Francisco, CA 4

  5. EAP / 802.1X Interface (excluding key exchange) Supplicant/Peer Authenticator EAP EAP Method Method EAP Layer EAP Layer eapResp eapReq eapSuccess eapNoResp eapFail eapFail eapSuccess eapRcvd eapNoReq eapResp eapRestart 802.1x 802.1x port enabled/disabled port enabled/disabled March 2003 IETF 56, San Francisco, CA 5

  6. Key Interface with EAP 802.1X & 802.11 EAP EAP Method Method EAP Layer EAP Layer keyAvailable keyAvailable 802.1X Key 802.1X Key txKeyEnabled txKeyEnabled Machine Machine keyRun keyDone keyRun keyDone portValid portValid 802.1X 802.1X Link Secure (physical or Link Secure (physical or crypto) crypto) March 2003 IETF 56, San Francisco, CA 6

  7. LinkSec Task Group Formation in 802.1 • Study group was formed to recommend work on a broad 802 security architecture – http://www.ieee802.org/linksec/ • Agreement to transform into a new Task Group within 802.1 • Likely to leverage and move forward 802.1X and 802.11 TGi models using EAP. March 2003 IETF 56, San Francisco, CA 7

Recommend

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying

Extensions to EAP Keying hierarchy for Efficient Re-authentication and Visited domain Keying Vidya Narayanan , vidyan@qualcomm.com Lakshminath Dondeti , ldondeti@qualcomm.com IETF-67 San Diego, CA November 2006 Contents EAP keying

614 views • 15 slides
Programme Update Status Update, Six Month Report & Change Request Status Update Lake

Programme Update Status Update, Six Month Report & Change Request Status Update Lake

Programme Update Status Update, Six Month Report & Change Request Status Update Lake Rotorua Low Nitrogen Land Use Fund Round 2 Recommendations. Incentives Scheme 20T Achieved, 25T in pipeline. Strategic Review for new

149 views • 12 slides
lecture 20 Image Compositing - chroma keying - alpha - F over B - OpenGL blending -

lecture 20 Image Compositing - chroma keying - alpha - F over B - OpenGL blending -

lecture 20 Image Compositing - chroma keying - alpha - F over B - OpenGL blending - chroma keying revisited: "pulling a matte" Organization of Course 1: Viewing transformations 2: Visibility, geometry modelling 3:

685 views • 41 slides
2 RFC 4650 - HMAC-Authenticated Diffie-Hellman for Multimedia Internet KEYing (MIKEY) RFC

2 RFC 4650 - HMAC-Authenticated Diffie-Hellman for Multimedia Internet KEYing (MIKEY) RFC

2 RFC 4650 - HMAC-Authenticated Diffie-Hellman for Multimedia Internet KEYing (MIKEY) RFC 4738 - MIKEY-RSA-R: An Additional Mode of Key Distribution in Multimedia Internet KEYing (MIKEY) 3 4 5 Based on an Identity Based asymmetric

472 views • 12 slides
WG1: STATUS UPDATE & WORK PLAN STIJN JANSSEN & CRISTINA GUERREIRO CONTENT Status Update

WG1: STATUS UPDATE & WORK PLAN STIJN JANSSEN & CRISTINA GUERREIRO CONTENT Status Update

WG1: STATUS UPDATE & WORK PLAN STIJN JANSSEN & CRISTINA GUERREIRO CONTENT Status Update Updated Modelling Quality Objective & Guidance Document MQO for forecasting Composite Mapping Exceedance Modelling & Fit for

760 views • 42 slides
Kerberized Handover Keying: A A Kerberized Handover Keying: Media- -Independent Handover Key

Kerberized Handover Keying: A A Kerberized Handover Keying: Media- -Independent Handover Key

Kerberized Handover Keying: A A Kerberized Handover Keying: Media- -Independent Handover Key Independent Handover Key Media Management Architecture Management Architecture Yoshihiro Ohba (yohba@tari.toshiba.com yohba@tari.toshiba.com) )

620 views • 19 slides
Shift Keying by Erol Seke For the course Communications OSMANGAZI UNIVERSITY Basic PCM

Shift Keying by Erol Seke For the course Communications OSMANGAZI UNIVERSITY Basic PCM

Shift Keying by Erol Seke For the course Communications OSMANGAZI UNIVERSITY Basic PCM Binary 1 is represented by voltage A Binary 0 is represented by voltage B Amplitude Shift Keying (ASK) Binary - ASK case carrier If A and B has

592 views • 19 slides
CED Status Update Theo Larrieu Outline Software Status Recent Developments Future

CED Status Update Theo Larrieu Outline Software Status Recent Developments Future

CED Status Update Theo Larrieu Outline Software Status Recent Developments Future Developments Contents Status Adding, Updating, Removing data CED / Songsheets relationship Status - HLAPPS All new and many (most?)

513 views • 14 slides
October 2009 Financial Status Update Financial Status Update 1 General Fund Revenue Period

October 2009 Financial Status Update Financial Status Update 1 General Fund Revenue Period

October 2009 Financial Status Update Financial Status Update 1 General Fund Revenue Period Ending September 30, 2009 Category Budget Actual Taxes $105,601,600 $ 6,614,192 License & Permits $ 1,467,031 $ 566,344

314 views • 12 slides
Modulation Techniques Signal Encoding Techniques Digital Data, Analog Signals Amplitude

Modulation Techniques Signal Encoding Techniques Digital Data, Analog Signals Amplitude

CMPE 477 Wireless and Mobile Networks Modulation Techniques Signal Encoding Techniques Digital Data, Analog Signals Amplitude Shift Keying Frequency Shift Keying Phase Shift Keying CMPE 477 Analog and Digital Signaling

504 views • 14 slides
Model Status Update July 01, 2015 Agenda Purpose Model Development Update Model

Model Status Update July 01, 2015 Agenda Purpose Model Development Update Model

Model Status Update July 01, 2015 Agenda Purpose Model Development Update Model Calibration Status Next Steps Schedule Public Input Purpose Inform stakeholders on status of model development Provide more detailed

325 views • 30 slides
1 Milestones Status Update Milestones Status Update #1 Completion of the basic visualization

1 Milestones Status Update Milestones Status Update #1 Completion of the basic visualization

Update Powerset Viewer: A Datamining Application Jordan Lee 1 2 Update Update Completed Tools and Features Completed Tools and Features And relevant GUI widgets And relevant GUI widgets Implemented animation between zoom

197 views • 4 slides
Program 13:00h welcome and introduction (Toon Goedem) 13:30h Status update hardware and

Program 13:00h welcome and introduction (Toon Goedem) 13:30h Status update hardware and

8/12/2016 Program 13:00h welcome and introduction (Toon Goedem) 13:30h Status update hardware and calibration (Bjorn Van IWT-Tetra project Tilt / Toon Goedem) 14:00h Status update abnormal behaviour detection (Kristof Van

378 views • 16 slides
802.1X & EAP & Keying State Machines and Interfaces Jim Burns Paul Congdon Nick

802.1X & EAP & Keying State Machines and Interfaces Jim Burns Paul Congdon Nick

802.1X & EAP & Keying State Machines and Interfaces Jim Burns Paul Congdon Nick Petroni John Vollbrecht March 2003 IEEE 802 Plenary, Dallas TX 1 The Working Groups Several specifications MUST align to enable a working

436 views • 21 slides
Key Agreement Protocols Key Agreement Two people want symmetric-key keying material to have a

Key Agreement Protocols Key Agreement Two people want symmetric-key keying material to have a

Key Agreement Protocols Key Agreement Two people want symmetric-key keying material to have a fast, secure conversation How can they agree on a shared symmetric key without it being transmitted in the clear? How can they be sure who

767 views • 27 slides
Towards Fresh Re-Keying with Leakage-Resilient PRFs: Cipher Design Principles and Analysis d 1 ,

Towards Fresh Re-Keying with Leakage-Resilient PRFs: Cipher Design Principles and Analysis d 1 ,

Towards Fresh Re-Keying with Leakage-Resilient PRFs: Cipher Design Principles and Analysis d 1 , F. De Santis 2 , 3 , J. Heyszl 4 , S. Mangard 3 , S. Bela M. Medwed 5 , J.-M. Schmidt 6 , F.-X. Standaert 7 , S. Tillich 8 1 Ecole Normale Sup

754 views • 29 slides
Agenda for IETF 55 - IPSECKEY (BOF) IPSEC KEYing information resource record BOF AGENDA: 1.

Agenda for IETF 55 - IPSECKEY (BOF) IPSEC KEYing information resource record BOF AGENDA: 1.

Agenda for IETF 55 - IPSECKEY (BOF) IPSEC KEYing information resource record BOF AGENDA: 1. Open meeting and welcome 2. Scribe and blue sheetOlafur Gudmundsson 3. IntroductionMichael Richardson 4. Documents 4.1 Why the KEY

308 views • 15 slides
Project Update RTWG June 25, 2015 Chuck Jennings, PMO Current Project Status Status

Project Update RTWG June 25, 2015 Chuck Jennings, PMO Current Project Status Status

Z2 Crediting Project Update RTWG June 25, 2015 Chuck Jennings, PMO Current Project Status Status Project Phase: Design Status: Green Changes to requirements/scope: NA In process work: Functional Design sessions

537 views • 11 slides
MIKEYv2 ldondeti@qualcomm.com Why MIKEYv2? MIKEY is an efficient key management protocol

MIKEYv2 ldondeti@qualcomm.com Why MIKEYv2? MIKEY is an efficient key management protocol

MIKEYv2 ldondeti@qualcomm.com Why MIKEYv2? MIKEY is an efficient key management protocol designed for SRTP keying Used for broadcast keying in 3GPP and OMA Easy to add crypto algorithm and mode negotiation MIKEYv2 finishes in 1 RT

586 views • 9 slides
DUNE Project Status Jolie Macier DUNE PMG Meeting 17 April 2018 Outline ES&H Update

DUNE Project Status Jolie Macier DUNE PMG Meeting 17 April 2018 Outline ES&H Update

DUNE Project Status Jolie Macier DUNE PMG Meeting 17 April 2018 Outline ES&H Update QA Update Schedule & Budget Status PM Update DUNE Update FD Engineering FD Installation FD TPC Electronics FD

441 views • 26 slides
Key Management Lifecycle Key Management Lifecycle Cryptographic key management encompasses the

Key Management Lifecycle Key Management Lifecycle Cryptographic key management encompasses the

Key Management Lifecycle Key Management Lifecycle Cryptographic key management encompasses the entire lifecycle of cryptographic keys and other keying material. Basic key management guidance is provided in [SP800-21]. A single item of keying

522 views • 18 slides
AAA based Keying for Wireless Handovers: Problem Statement draft-nakhjiri-aaa-hokey-ps-03 Madjid

AAA based Keying for Wireless Handovers: Problem Statement draft-nakhjiri-aaa-hokey-ps-03 Madjid

AAA based Keying for Wireless Handovers: Problem Statement draft-nakhjiri-aaa-hokey-ps-03 Madjid Nakhjiri (Huawei USA/Motorola Labs) Mohan Parthasarathy (Nokia) Julien Bournelle (GET/INT/FT) Hannes Tschofenig (Siemens) R. Marin Lopez (TARI)

294 views • 16 slides
Organisations Management Services (OMS) Status update EU Network Data Board / SPOR Task Force

Organisations Management Services (OMS) Status update EU Network Data Board / SPOR Task Force

Organisations Management Services (OMS) Status update EU Network Data Board / SPOR Task Force (29, 30 June 1 July 2016) Presented by: Kepa Amutxastegi Project Manager for OMS An agency of the European Union Topics 1. Status update 2.

446 views • 23 slides
3. Renewables Status Update 31 March 2018 Renewable Generation Status +238 MW Committed 2

3. Renewables Status Update 31 March 2018 Renewable Generation Status +238 MW Committed 2

3. Renewables Status Update 31 March 2018 Renewable Generation Status +238 MW Committed 2 nienetworks.co.uk 31 March 2018 Renewable Generation Status 3 Footer nienetworks.co.uk Cluster update 31 March 2018 Uncommitted Present Remaining

808 views • 44 slides

More recommend