1 / 25

Presentation by: Arun Saha

Thinking Outside the Box: Extending 802.1X Authentication to Remote “Splitter” Ports by Combining Physical and Data Link Layer Techniques. Presentation by: Arun Saha. Arun Saha, Mart Molle Department of Computer Science & Engineering University of California, Riverside. Overview.

thom
Télécharger la présentation

Presentation by: Arun Saha

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Thinking Outside the Box:Extending 802.1X Authentication to Remote “Splitter” Ports by Combining Physical and Data Link Layer Techniques Presentation by: Arun Saha Arun Saha, Mart Molle Department of Computer Science & Engineering University of California, Riverside

  2. Overview • Proposal of very small easy-to-use Ethernet switch. • Switch to Switch authentication • without any third party authentication server • without disclosing all secrets • Specifically, detecting man-in-the-middle attack using physical properties of the link.

  3. Typical work area scenario

  4. A view of single link segment back

  5. Problem Statement • How to accommodate large number of wired networked computers within small floor area? • Issues: • Limited number of ports on wall • Wiring clutter should be as little as possible • Reconfiguration of host layout should be easy • Goal: Combine the following features • convenience of bus topology • superior performance and security of star topology

  6. We propose Splitters • The monolithic switch is replaced by: • “main” switch module locked in telecom closet • “slave” modules called Ethernet Splitters • Splitter properties: • Single chip implementation • VLAN-capable • Powered over Ethernet cable • At least three external interfaces

  7. String Topology of Splitters Splitters will always be connected in a linear chain to the main switch. Maximum number of hosts = Ratio of backbone link speed to access link speed.

  8. Cabling costs reduced • Assume ‘m’ hosts located in same work area form a single splitter chain. Change in component count: • Inside telecom closet  m to 1 • Inside wall  m to 1 • At work area  • Patch cables: m to 2m • Splitter: 0 to m (assuming worst case, i.e. one splitter supports one host) • Savings: (m – 1) permanent items in (2)

  9. Security & Control • Equivalent Security to a Monolithic Switch: • In both cases, Client exchanges 802.1X authentication frames with the main switch (authenticator). • Splitters maintain separation between traffic tagged with different VLAN Ids. • Splitters prevent an intruder from gaining unauthorized access to the backbone link. • Administrator can control the splitters remotely from main switch.

  10. Two forms of authentication Between User PC and main Switch: Standard 802.1X Authentication Between Splitters: Incremental authentication (our proposal)

  11. Incremental Splitter Authentication • The splitter chain grows by adding one new splitter at a time to the end of the chain. • The last one in the existing chain authenticates the new one.

  12. Notion of authentication • Network administrator writes site-specific secret data into splitter memory. • All splitters in a domain contain same secret. • A splitter does not have any singular identity to authenticate itself. • It responds to challenges based on the site-specific secret.

  13. Definition: Bonafide & Alien Splitters • The last splitter of the existing chain exchange authentication messages with new splitter and classifies the later as • Bonafide splitter or • Alien • There is a possibility that a device does not know site-specific data but still responds to challenges correctly.

  14. Man-in-the-middle attack • Intruder may try to sneak in to the backbone link using a laptop. Then, it will have access to all traffic in and out of the hosts attached to the downstream splitters. • We design authentication mechanism such that, both U and Y detect the existence of the attacker. X U Y

  15. Timing Diagram • U is last splitter in existing chain • Assume there is some method to measure round trip time, 2T1. • Excess delay = time beyond RTT. • Tbonafide = T2 • Talien = 2T1+2T3+T2

  16. So far… We can detect man-in-the-middle attack if: • Authenticator can estimate the round trip time, 2T1 • Challenge Involved: Received Signal contains echoes of past transmitted signals in various amounts. • Supplicant can respond to challenge messages from authenticator in two symbol times (approx.) • Challenge Involved: Authentication mechanism should be such that, responder can generate responses absolutely quickly. The offline computation time can be large, but, online time is restricted.

  17. Ways of estimating T1 (or 2T1) • by Digital Echo Canceler • by Automatic Gain Control (AGC) • by Resistor Detection Algorithm used in Power over Ethernet

  18. Exchanging Authentication Messages • Authentication messages are sent as ordinary Ethernet frames when the link is operating at full duplex mode. • Finite State Machine for Ethernet MAC needs to be modified. • Receiver can minimize T2 as follows: • A Mask string is computed offline and kept ready before challenge comes. • Preamble of response frame is started as soon as preamble of challenge frame starts arriving. • Incoming octet from Challenge frame payload is XORed with one byte of mask and sent back.

  19. Splitter Authentication Initialization • All bona fide splitters and main switch knows • a prime number ‘p’ and ‘a’relatively prime to ‘p’. • An array of bits ‘A’ of length 2l • ‘r’ (r > l) bit linear feedback shift register (LFSR) made of same polynomial • Splitters exchange their public keys and agree on a common number, ‘B’ (Diffie-Hellman key exchange) • Splitters exchange ‘k’ (k > l) bit authentication messages containing two parts (intermixed with one another): • Position: A ‘l’ bit string signifying the starting index in array • Body: A ‘k – l’ bit string which is a challenge or response

  20. Initial Contents 15 14 13 12 1001 1100 1010 0110 11 10 9 8 7 6 5 4 3 2 1 0 B B P B B P P B B B P P B B B B After 1 shift 0011 1001 0100 1101 After 2 shifts 0111 0010 1001 1010 After 3 shifts 1110 0101 0011 0101 After 4 shifts 1100 1010 0110 1010 After 5 shifts 1001 0100 1101 0100 After 6 shifts 0010 1001 1010 1001 Computation of Position bits; l = 5, k = r = 16 • LFSR is initialized with rightmost ‘r’ bits of ‘B’. • Shifted until ‘l’ unique least significant [log2k] bits are found. • In this case, position bits are: 13, 10, 5, 4 and 9. I.e. these bit positions in authentication message are the Position bits. LFSR for x16+x15+x14+1 LFSR iterations

  21. U1 Time constraint f(U1) X1 f(X1) U2 Challenge Response Messages U X U sends challenge U1 X responds with • Response f(U1) • And own challenge X1 U responds with • Response f(X1) • And own challenge U2 • Short online computation time, long offline computation time preparing for next challenge.

  22. Computation of Response mesg. in transceiver • Position bits in Ui are used to create mask string to answer challenge Ui+1. Same for Xi. • Example computation of f(X2): • Let Position bits in X1 be 01100 i.e. 12 • (k – l) bits of A starting from 12, i.e. A12-22 will be used for masking • Some randomly generated bits are put as position bits The final mask is composed of random bits and portion of A placed appropriately.

  23. Recapitulation • Small, inexpensive, easy-to-use Ethernet switch. • Inter splitter authentication • both splitter challenge each other • without any third server • Detecting man-in-the-middle attack to protect integrity of backbone chain.

  24. Location Based Authentication • To validate whether the originator of the message is really at the position claimed. • The work presented can be viewed as location based authentication in single dimension.

  25. THANK YOUQuestions & Answers A. Saha, M. Molle

More Related