PRESENTATION BY Dr. ARUN VARMA RURAL ENTREPRENEURSHIP AND LIFESTYLE IMPROVEMENT.
Presentation by: Arun Saha
description
Transcript of Presentation by: Arun Saha
Thinking Outside the Box:Extending 802.1X Authentication to
Remote “Splitter” Ports by Combining Physical and Data Link Layer Techniques
Presentation by: Arun Saha
Arun Saha, Mart MolleDepartment of Computer Science &
EngineeringUniversity of California, Riverside
A. Saha, M. Molle 2
Overview Proposal of very small easy-to-use
Ethernet switch. Switch to Switch authentication
without any third party authentication server without disclosing all secrets
Specifically, detecting man-in-the-middle attack using physical properties of the link.
A. Saha, M. Molle 3
Typical work area scenario
A. Saha, M. Molle 4
A view of single link segment
back
A. Saha, M. Molle 5
Problem Statement How to accommodate large number of wired
networked computers within small floor area? Issues:
Limited number of ports on wall Wiring clutter should be as little as possible Reconfiguration of host layout should be easy
Goal: Combine the following features convenience of bus topology superior performance and security of star topology
A. Saha, M. Molle 6
We propose Splitters
The monolithic switch is replaced by: “main” switch module locked in telecom closet “slave” modules called Ethernet Splitters
Splitter properties: Single chip implementation VLAN-capable Powered over Ethernet cable At least three external interfaces
A. Saha, M. Molle 7
String Topology of Splitters
Maximum number of hosts = Ratio of backbone link speed to access link speed.
Splitters will always be connected in a linear chain to the main switch.
A. Saha, M. Molle 8
Cabling costs reduced
Assume ‘m’ hosts located in same work area form a single splitter chain. Change in component count:
1. Inside telecom closet m to 12. Inside wall m to 13. At work area
• Patch cables: m to 2m• Splitter: 0 to m (assuming worst case, i.e. one splitter
supports one host) Savings: (m – 1) permanent items in (2)
A. Saha, M. Molle 9
Security & Control Equivalent Security to a Monolithic Switch:
In both cases, Client exchanges 802.1X authentication frames with the main switch (authenticator).
Splitters maintain separation between traffic tagged with different VLAN Ids.
Splitters prevent an intruder from gaining unauthorized access to the backbone link.
Administrator can control the splitters remotely from main switch.
A. Saha, M. Molle 10
Two forms of authentication
Between User PC and main Switch: Standard 802.1X Authentication
Between Splitters: Incremental authentication (our proposal)
A. Saha, M. Molle 11
Incremental Splitter Authentication The splitter chain grows by adding one
new splitter at a time to the end of the chain.
The last one in the existing chain authenticates the new one.
A. Saha, M. Molle 12
Notion of authentication Network administrator writes site-specific
secret data into splitter memory. All splitters in a domain contain same
secret. A splitter does not have any singular
identity to authenticate itself. It responds to challenges based on the site-
specific secret.
A. Saha, M. Molle 13
Definition: Bonafide & Alien Splitters The last splitter of the existing chain
exchange authentication messages with new splitter and classifies the later as Bonafide splitter or Alien
There is a possibility that a device does not know site-specific data but still responds to challenges correctly.
A. Saha, M. Molle 14
Man-in-the-middle attack
Intruder may try to sneak in to the backbone link using a laptop. Then, it will have access to all traffic in and out of the hosts attached to the downstream splitters.
We design authentication mechanism such that, both U and Y detect the existence of the attacker.
Y
U
X
A. Saha, M. Molle 15
Timing Diagram U is last splitter in
existing chain Assume there is some
method to measure round trip time, 2T1.
Excess delay = time beyond RTT.
Tbonafide = T2 Talien = 2T1+2T3+T2
A. Saha, M. Molle 16
So far…We can detect man-in-the-middle attack if:
Authenticator can estimate the round trip time, 2T1• Challenge Involved: Received Signal contains echoes
of past transmitted signals in various amounts.
Supplicant can respond to challenge messages from authenticator in two symbol times (approx.)
• Challenge Involved: Authentication mechanism should be such that, responder can generate responses absolutely quickly. The offline computation time can be large, but, online time is restricted.
A. Saha, M. Molle 17
Ways of estimating T1 (or 2T1)
by Digital Echo Canceler by Automatic Gain Control (AGC) by Resistor Detection Algorithm used in Power
over Ethernet
A. Saha, M. Molle 18
Exchanging Authentication Messages
Authentication messages are sent as ordinary Ethernet frames when the link is operating at full duplex mode.
Finite State Machine for Ethernet MAC needs to be modified.
Receiver can minimize T2 as follows: A Mask string is computed offline and kept ready before
challenge comes. Preamble of response frame is started as soon as preamble
of challenge frame starts arriving. Incoming octet from Challenge frame payload is XORed
with one byte of mask and sent back.
A. Saha, M. Molle 19
Splitter Authentication Initialization All bona fide splitters and main switch knows
a prime number ‘p’ and ‘a’ relatively prime to ‘p’. An array of bits ‘A’ of length 2l
‘r’ (r > l) bit linear feedback shift register (LFSR) made of same polynomial
Splitters exchange their public keys and agree on a common number, ‘B’ (Diffie-Hellman key exchange)
Splitters exchange ‘k’ (k > l) bit authentication messages containing two parts (intermixed with one another): Position: A ‘l’ bit string signifying the starting index in array Body: A ‘k – l’ bit string which is a challenge or response
A. Saha, M. Molle 20
Computation of Position bits; l = 5, k = r = 16
LFSR is initialized with rightmost ‘r’ bits of ‘B’.
Shifted until ‘l’ unique least significant [log2k] bits are found.
In this case, position bits are: 13, 10, 5, 4 and 9. I.e. these bit positions in authentication message are the Position bits.
LFSR for x16+x15+x14+1
LFSR iterations
Initial Contents 1001 1100 1010 0110After 1 shift 0011 1001 0100 1101After 2 shifts 0111 0010 1001 1010After 3 shifts 1110 0101 0011 0101After 4 shifts 1100 1010 0110 1010After 5 shifts 1001 0100 1101 0100After 6 shifts 0010 1001 1010 1001
15 14 13 12 11 10 9 8 7 6 5 4 3 2 1 0
B B P B B P P B B B P P B B B B
A. Saha, M. Molle 21
Challenge Response Messages
Short online computation time, long offline computation time preparing for next challenge.
U sends challenge U1
X responds withResponse f(U1)And own challenge X1
U responds withResponse f(X1)And own challenge U2
U XU1
f(U1)
X1f(X1)
U2
Time constraint
A. Saha, M. Molle 22
Computation of Response mesg. in transceiver Position bits in Ui are used to create mask string to
answer challenge Ui+1. Same for Xi. Example computation of f(X2):
Let Position bits in X1 be 01100 i.e. 12 (k – l) bits of A starting from 12, i.e. A12-22 will be used for masking Some randomly generated bits are put as position bits
The final mask is composed of random bits and portion of A placed appropriately.
A. Saha, M. Molle 23
Recapitulation Small, inexpensive, easy-to-use Ethernet
switch. Inter splitter authentication
both splitter challenge each other without any third server
Detecting man-in-the-middle attack to protect integrity of backbone chain.
A. Saha, M. Molle 24
Location Based Authentication
To validate whether the originator of the message is really at the position claimed.
The work presented can be viewed as location based authentication in single dimension.
THANK YOU
Questions & Answers
A. Saha, M. Molle