5 research outputs found
Bootstrapping Secure Multicast using Kerberized Multimedia Internet Keying
We address bootstrapping secure multicast in enterprise and public-safety settings. Our work
is motivated by the fact that secure multicast has important applications in such settings, and that
the application setting significantly influences the design of security systems and protocols.
This document presents and analyzes two designs for the composition of the authentication
protocol, Kerberos, and the key transport protocol, Multimedia Internet KEYing (MIKEY). The
two designs are denoted to be KM1 and KM2 . The main aspect in which the objective impacts
the design is the assumption of an additional trusted third party (called a Key Server) that is the
final arbiter on whether a principal is authorized to receive a key.
Secure composition can be a challenge, and therefore the designs were kept to be simple so
they have intuitive appeal. Notwithstanding this, it was recognized that even simple, seemingly
secure protocols can have flaws. Two main security properties of interest called safety and avail-
ability were articulated. A rigorous analysis of KM1 and KM2 was conducted using Protocol
Composition Logic (PCL), a symbolic approach to analyzing security protocols, to show that the
designs have those properties.
The value of the analysis is demonstrated by a possible weakness in KM1 that was discovered
which lead to the design of KM2 . A prototype of KM1 and KM2 was implemented starting with
the publicly available reference implementation of Kerberos, and an open-source implementation
of MIKEY. This document also discusses the experience from the implementation, and present
empirical results which demonstrate the inherent trade-off between security and performance in
the design of KM1 and KM2
Security aspects of OSPF as a MANET routing protocol
OSPF, Open Shortest Path First, is an Intra-gateway routing protocol
first developed as an IETF effort. It is widely adopted in large
enterprise-scale networks, being well regarded for its fast
convergence and loop-free routing. It is versatile in terms of which
interface types it supports, such as point-to-point links or broadcast networks.
It also offers scalability through hierarchical routing and by using
centralization to reduce the amount of overhead on networks which have
broadcast or broadcast-similar properties. An interface type missing
from the standard so far is that of a wireless network, characterized
by non-guaranteed bidirectional links combined with unreliable
broadcasting, and existing interface types generally perform poorly
under these networks. The IETF has therefore instituted a Working Group to
standardize such an interface type extension to the latest version,
OSPF version 3. This interface type will permit mobility and
multi-hop characteristics in addition to those of wireless links in
general. Such networks are usually referred to as Mobile
Ad-hoc Networks (MANET). MANET routing protocols are subject to more
severe security issues than ordinary, wireline-oriented protocols
are. This thesis aims to indentify key security aspects of OSPF as a
MANET routing protocol
Efficient Kerberized Multicast in a Practical Distributed Setting
Many of today's distributed applications are based on group communication. Given the openness of today's networks, communication among group members must be secure and, at the same time, efficient. In this paper we consider a realistic distributed setting modeling general networks, including the Internet, that suggests the use of Kerberos, and, more specifically, a distributed mode of operation of Kerberos, called crossrealm authentication protocol, as a desirable choice for distributed applications. We design an efficient protocol for secure group communication via multicast, using Kerberos. While developing the main components of our protocol, we construct an efficient paradigm for crossrealm authentication protocols that decreases communication over the Internet, makes most operations local, and reduces the workload of the involved components. We also design extensions of single-center multicast encryption schemes to multiple-center schemes. Our main protocol is obtained by combining these two contributions