NDSS Symposium 2004
The 11th Annual Network and Distributed System Security Symposium
Catamaran Resort Hotel
San Diego, California
5-6 February 2004-Symposium
4 February 2004-Pre-Conference Tutorials
About San Diego
Network Security Protocols: Today and Tomorrow
Selected topics in information security
Network Security Protocols: Today and Tomorrow
Overview of the design of network protocols, and specifics about PKI, IPsec, SSL, Kerberos.
-- Radia Perlman and Charlie Kaufman:
This tutorial covers the concepts in network security protocols, describes the current
standards and vulnerabilities, and suggests areas that need research.
It approaches the problems first from a generic conceptual viewpoint,
covering the problems and the types of technical approaches for solutions.
For example, how would encrypted email work with distribution lists?
What are the performance and security differences in basing authentication
on public key technology versus secret key technology? What kinds
of mistakes do people generally make when designing protocols? Armed
with a conceptual knowledge of the toolkit of tricks that allow authentication,
encryption, key distribution, etc., we describe the current standards,
including Kerberos, S/MIME, SSL, IPsec, PKI, and web security.
Radia Perlmanis a Distinguished Engineer
at Sun Microsystems, doing research on network protocols. Her research
includes making PKI-based systems scale to multiple mutually distrustful
organizations, analysis and redesign of IKE (the authentication handshake
for IPsec), strong password protocols, transparent routing and making
data securely unrecoverable. She is known for invention of the spanning
tree algorithm used by all bridges/switches, robust and scalable link
state routing used by most of the routers in the Internet today, and
sabotage-proof routing, perhaps to be used by routers in the Internet
someday. She is the author of the textbook "Interconnections:
Bridges, Routers, Switches and Internetworking Protocols", and
co-author (along with Charlie Kaufman) of "Network Security:
Private Communication in a Public World", published by Prentice
Hall. She has taught graduate and undergraduate level courses at Harvard
and at MIT. She has about 60 issued patents in the fields of routing
and security, a PhD in computer science from MIT, and an honorary
doctorate from KTH, the Royal Institute of Technology of Sweden.
Charlie Kaufman is the security architect for the Common
Language Runtime (CLR) group at Microsoft. Prior to that, he was security
architect for Lotus Notes & Domino. He currently serves on the
IAB (Internet Architecture Board) of IETF. He is the author of the
IKEv2 protocol. Also in IETF, he served as the chair of the Web Transaction
Security working group. He served on the National Academy of Sciences
expert panel on computer security that produced the book "Trust
in Cyberspace". Previously, he was network security architect
for Digital Equipment Corporation. He is co-author of "Network
Security: Private Communication in a Public World".
topics in information security
-- Steven Kent, Chief Scientist - Information Securit, BBN Technologies
This tutorial consists
of a series of lectures on selected topics in information security,
presented by the speaker as invited talks at various fora around the
world. The lectures include:
- Biometrics: A System Security View
- PKI Models: What's Trust Got to Do with It?
- Improving Certification Authority Security Using Smart Crypto Modules
- Who Goes There? Authentciation Through the Lens of Privacy
- IPsec: It's Not Just Encryption
- Securing the Border Gateway Protocol (BGP)
his role as Chief Scientist, Dr. Kent oversees information
security activities within BBN Technologies, and works with government
and commercial clients, consulting on system security architecture issues.
In this capacity he has acted as system architect in the design and
development of several network security systems for the Department of
Defense and served as principal investigator on a number of network
security R&D projects for 25 years.
During this period, Dr. Kent's R&D activities have included the design
and development of user authentication and access control systems, network
layer encryption and access control systems, secure transport layer
protocols secure e-mail technology, multi-level secure (X.500) directory
systems, public-key certification authority systems, and key recovery
(key escrow) systems. His most recent work focuses on public-key certification
infrastructures for government and commercial applications, security
for Internet routing, very high speed IP encryption, and high assurance
author of two book chapters and numerous technical papers on network
security, Dr. Kent has served as a referee, panelist and session chair
for a number of conferences. Since 1977 he has lectured on the topic
of network security on behalf of government agencies, universities,
and private companies throughout the United States, Europe, Australia,
and the Far East. Dr. Kent received the B.S. degree in mathematics from
Loyola University of New Orleans, and the S.M., E.E., and Ph.D. degrees
in computer science from the Massachusetts Institute of Technology.
He is a Fellow of the ACM and a member of the Internet Society and Sigma
It's simpler than you think!
--Angelos Keromytis and John Ioannidis:
Who should attend:
system managers, developers of network
applications, and anyone interested in network security. Some
familiarity with networking principles is required, but cryptography
About the tutorial:
The IPsec protocol
suite provides network-layer security for the Internet and is an IETF
standard. It is already widely used to implement Virtual Private Networks
(VPNs), and is beginning to make its way into commercial implementations
of desktop operating systems. IPsec offers a remarkable flexibility
not possible at higher or lower layer abstractions: security can be
configured end-to-end, route-to-route, edge-to-edge, or in any other
configuration in which network nodes can be identified as appropriate
security endpoints. This flexibility however implies some associated
complexity, which tends to obscure the usefulness of IPsec in engineering
a secure Internet.
This tutorial covers
every feature of IPsec and its key management protocol, IKE. We start
with a justification for network-layer security, and a discussion of
datagram encapsulation, tunneling, and overlay networks such as VPNs,
the MBONE and 6BONE, in order to facilitate the understanding of how
IPsec works. We then present the ESP and AH transforms, explaining the
applicability of each. Moving on to key management, we discuss the Internet
Key Exchange (IKE) protocol, with many configurations examples on popular
operating systems. During the tutorial, we also examine the interactions
of IPsec with firewalls and NAT boxes.
IPsec/IKE and Firewall/NAT boxes: Firewalls and NAT boxes are a fact
of life, and we have to address them. We cover how IPsec/IKE interact
with these boxes, and how to configure things so that security is maintained
and the firewall policies are not circumvented.
We offer many examples of configuration files for a variety of operating
systems, including Windows 2000. This can be an interactive presentation
if we can carry enough laptops.
(software and hardware): The argument ``IPsec is slow/no it isn't''
keeps getting repeated.
We present actual performance numbers from a variety of
implementations, and show that there is nothing to fear.
Why do we need IPsec when SSL/TLS is so widespread? We address the pros
and cons and we hope this will not start a religious discussion.
A lot has been said about the need for PKIs, and many people see their
non-existence as a reason not to deploy IPsec. We debunk any
of these myths, and show alternatives to the textbook PKI scenario.
This is a catch-all heading for discussing issues such as error management,
Path-MTU and tunnel interactions, IPSRA (IP Secure REmote Access), L2TP
(Layer 2 Tunneling Protocol), IPv6, and other topics related to IPsec.
Future developments 1: Policy:
Neither ESP/AH nor IKE really address the issue of policy management.
While this is still the subject of research and on-going discussion
at the IETF, there is a need for negotiating and distributing policy
information to IPsec nodes. We present some of the issues and solutions
involved, as time permits.
2: Additional Key Management protocols: Since its very inception, IPsec
was meant to be able to support multiple key management protocols. We
discuss KINK, a Kerberos-based protocol, Photuris, a simpler precuror
to IKE, and some of the recently suggested replacements for IKE.
John Ioannidis is a researcher at AT\&T Labs
-- Research. He has been contributing in the IETF for over 10 years,
and has been with the IPsec effort since the very beginning. Among his
contributions to IPsec are the first SunOS, BSD and Linux implementations.
He has also worked on policy mechanisms for IPsec, and more recently
on JFK, a proposed successor to the Internet Key Exchange protocol.
His many research interests include security of large distributed systems,
distributed denial of service prevention, routing security, wireless
and mobile networking, micropayment systems, and high-speed network
Keromytis is an Assistant Professor of Computer Science
at Columbia University. He has been working on IPsec since 1995, both
in defining and refining the standards in the IETF, and in
implementing and measuring its performance. He is currently serving
as the IPsec Working Group Secretary. He developed the OpenBSD IPsec
stack, and wrote the first free implementations of the Photuris and
IKE key management protocols for IPsec. More recently, he has been working
on a proposed successor to IKE, named JFK, and has designed and implemented
a cryptographic acceleration framework for IPsec (and other cryptography-heavy
applications). His other research interests include scalable access
control mechanisms, security policy composition and enforcement, and
distributed system virtualization.
-- Dan Wallach, Rice University
This course will
discuss the security of language-based runtime systems, increasingly
used to support the execution of untrusted programs transmitted across
the Internet. We will discuss a variety of problems that have been found
in commercial systems, particularly with Java, and will discuss the
various techniques that have been adopted in industry as well as more
current academic research aimed at addressing the problem. While this
course will touch on more theoretical topics such as programming-language
type theory, this course will be accessible to general computer science
Dan Wallach is Assistant Professor
of Computer Science at Rice University in Houston, Texas. His research
involves computer security and the issues of building secure and robust
software systems for the Internet. Wallach's pioneering efforts led
to the development and standardization of the "stack inspection"
security model, now used by Sun, Microsoft, and many other systems.
Wallach has also studied security issues that occur in distributed and
peer-to-peer systems, focusing on techniques that can increase the robustness
of these systems against malicious nodes that do not necessarily follow
protocols correctly. Wallach has also helped expose poor security designs
in commercial technologies including "secure" music standards
and "secure" electronic voting systems, both of which turned
out to be easy to circumvent.