[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IPSEC Key Mgmt Requirements

To: ipsec@TIS.COM
Subject: IPSEC Key Mgmt Requirements
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Date: Sun, 24 Mar 1996 15:39:27 +0100
Cc: skip@tik.ee.ethz.ch
Sender: ipsec-request@neptune.tis.com

Hello everybody,

some weeks ago, I asked myself: What are THE requirements of the IPSEC 
working group where key management issues are concerned. After hunting the 
archives, and seeing some contradictory informations, none all to clear to 
me. I tried to collect them, and Paul Lambert was most helpful. (Thank you!)

Please, could you read these, and send me feedback as to which are missing, 
and which are not valid anymore? I would like to have *one* document 
describing the requirements of this group. If I get enough feedback, I will 
try and make an updated version in about 10 days.



Requirements, first try
-----------------------

- Support AH/ESP security transforms on the IP Layer

- Support optional use of Perfect Forward Secrecy. 
  Mandatory to implement but optional to use.

- Support Multiple Types of Security Exchanges 
  What does this mean?? 

- Application Layer Key Management 
  An application that establishes a connection must be able to indicate what 
  keying material to use, and must be able to understand if the peer is 
  authenticated or not. -- I personally would like to make this optional. 
  Providing security on a per-host basis should be sufficient, 
  should it not?

- Use Public Key Techniques for Key Establishment 
  such as establishing a shared secret using DH, or RSA

- Support Discovery of applicable netowrk layer transforms, e.g.
  finding out if ESP-DES or ESP-DES3 or AH-MD5 or ... is to be used. 

- Support User Oriented Authentication Services 

- Support Optional Use of Anti-Clogging Techniques 

- Provide Authentication with Anonymity agains passive attackers 

- Anonymous Key Establishment (key exchange with no authentication) 

- Certificate Support for X.509 ??


Glossary 
--------

Perfect forward secrecy:  It signifies that master encryption keys are short 
lived (ranging from minutes to weeks), and are (or can be) authenticated 
using long lived authentication keys.

Security exchanges: I don't know. Please tell me.

Anti-Clogging: A mechanism (such as cookie exchange) to limit the 
possibility of non-man-in-the-middle active attacks. Provides a weak 
(non-cryptographic) authentication of the initiator of a request that is 
usually computationally costly by exchanging a  simple challenge-response. 
Thus denies the attacker the possibility to swamp a host with requests.


Rationale
---------
Each requirement should offer a rationale why it is there. Anybody having 
them at hand?



Thank you very much & friendly greetings,

        Germano Caronni

Prev by Date: We would like to participate in survey..
Next by Date: Re: IPSEC Key Mgmt Requirements
Prev by thread: We would like to participate in survey..
Next by thread: Re: IPSEC Key Mgmt Requirements
Index(es):
- Main
- Thread