Compound Authentication Binding Problem(EAP Binding Draft).ppt

Compound Authentication Binding Problem (EAP Binding Draft) Agenda Compound Methods Motivation Problem Summary Solutions Conclusion/Next Steps Compound Methods Definition: Multiple authentication methods used in concert for a single purpose Tunneled methods Sequenced methods Typical Purposes Network access authentication authorization Security Association establishment for protecting data traffic Service access authentication authorization … Motivation for Compound Methods using Tunnels Securing legacy methods in new environments Ease of deployment for securing legacy methods Providing consistent security properties and other features for different methods Securing multiple credentials in sequences Problem = Man-in-the-Middle Attacks Focus is on Compound Tunneled Methods that support single inner method sequence of inner methods Non-tunneled Compound Sequences are also potentially vulnerable but not addressed problem space unbounded? further study needed Problem Conditions Dual role man-in-the-middle attacker (rogue authenticator + rogue supplicant) Credential and authentication method re-use with and without tunnels Use of one-way server authenticated tunnel Use of tunnel session keys alone and no inner method session keys Solution Requirements Fixes to existing EAP methods not ok Fixes to new EAP methods maybe ok Fixes to Tunnel methods ok Should work for different tunnel termination models Should not bring new requirements for other protocols (eg. RADIUS ) Forward Evolution for protocols with fix Backwards compatibility for fixed protocols Simplicity for fix (low compute costs roundtrips) Upgraded EAP Base protocol maybe ok Solution Concepts All methods Use separate credentials inside and outside tunnels Use methods inside tunnels always Key deriving methods Can use cryptographic binding Binding can provide stronger authentication session keys Avoids policy synchronization issues Preserves deployment convenience of one-way authenticated tunnels S