Strong Identity Protection Using Hidden Credentials

1
Strong Identity ProtectionUsing Hidden
Credentials

• Hilarie Orman
• Purple Streak, Inc.

2
Identity Protection in IKE

• One of the original requirements from the Ipsec
  WG
• Dont disclosure the who in communication
• Current method works against passive attackers
• Complicates the protocol
• Can it be improved?

3
Yes

• Protection against active attackers can be
  achieved
• The trick is Identity-Based Encryption
• Boneh, et al.
• Public key is immediately known from a name
• Leads to novel security policy mechanisms

4
Protocol Remains Simple

• Send encrypted nonce, only the legitimate
  recipient can read it
• K_server_secretsociety(N1, Alice)
• No other party can get any information
• Cannot verify, cannot guess
• Reply is encrypted nonce
• K_Alice_secretsocieity(N1, N2)
• K_server_secretsociety(N, N2, request)

5
Simplifies Key Management

• Anyone can be an issuer
• Must distribute the private keys and secret
  society name
• No public keys need to be communicated
• Protocol failures yield no information
• Allows complex policies
• member of secretsociety and gov employee
• gov employee or state employee

6
The Downsides

• Requires trusted party to generate private keys
• Must distribute private keys securely
• IPR
• IBE, patented by Stanford U.
• ECC, Voldemort

7
Hidden Credentials

• Paper at recent WPES (Workshop on Privacy in the
  Wireless Society), Oct. 31, 2003
• By Jason Holt, Robert Bradshaw, et al.
• Interest in standardization in IETF?