Tutorial 1

Network Security Protocols: Today and Tomorrow

Radia Perlman and Charlie Kaufmann

Tutorial Summary:
This tutorial covers the concepts in network security protocols, describes the current standards and vulnerabilities, and suggests areas that need research. It approaches the problems first from a generic conceptual viewpoint, covering the problems and the types of technical approaches for solutions. For example, how would encrypted email work with distribution lists? What are the performance and security differences in basing authentication on public key technology versus secret key technology? What kinds of mistakes do people generally make when designing protocols? Armed with a conceptual knowledge of the toolkit of tricks that allow authentication, encryption, key distribution, etc., we describe the current standards, including Kerberos, S/MIME, SSL, IPsec, PKI, and web security.

Tutorial Outline (Table of Content):
  1. Introduction
    1. What are the types of problems to be solved ?
    2. What can attackers do?

  2. Cryptography
    1. Secret keys, public keys, message digests
    2. How they are generally used together for encryption, authentication, and integrity checks
    3. Intuition behind RSA, Diffie-Hellman

  3. Key distribution
    1. Secret key schemes (e.g., Kerberos) vs public key schemes (PKI)
    2. Building a hierarchy
      1. Who are the trust anchors
      2. What chains should be trusted? How are they found?
    3. Getting the private key to the human

  4. Cryptographic handshakes
    1. Pitfalls (reflection, replay, etc)
    2. Extra features (e.g., identity hiding, perfect forward secrecy)

  5. Distributed authorization and PKI
    1. Attributes, groups, cross-organizational issues

  6. Real-time protocols (SSL, IPsec (including IKEv1 and IKEv2))
  7. Email security
  8. Web security (URLs, cookies, pitfalls)
  9. Thoughts for the future

Expected Audience and Prerequisites:
This tutorial is for anyone wants to understand cryptography, network security protocols, and the system issues that make creating a truly secure system challenging, even if the underlying cryptography and protocols are secure. There are no prerequisites other than intellectual curiosity and a good night's sleep in the recent past.

Radia Perlman is a Distinguished Engineer at Sun Microsystems. She is also currently teaching a course on network security protocols at Harvard University. She is known for her contributions to bridging (spanning tree algorithm) and routing (link state routing) as well as security (sabotage-proof networks). She is the author of "Interconnections: Bridges, Routers, Switches, and Internetworking Protocols", and co-author of "Network Security: Private Communication in a Public World". She is one of the 25 people whose work has most influenced the networking industry, according to Data Communications Magazine. She has an S.B. and S.M in mathematics and a Ph.D. in computer science from MIT, about 50 issued patents, and an honorary doctorate from KTH, the Royal Institute of Technology in Sweden.

Charlie Kaufman, security architect for Lotus Notes & Domino, is a Distinguished Engineer at IBM. In IETF, he served as the chair of the Web Transaction Security working group, and is currently on the IAB (Internet Architecture Board) and editor of the IKEv2 document in the IPsec working group. He served on the National Academy of Sciences expert panel on computer security that produced the book "Trust in Cyberspace". Previously, he was network security architect for Digital Equipment Corporation. He is co-author of "Network Security: Private Communication in a Public World".