Kerberized Internet Negotiation Of Keys
   HOME

TheInfoList



Click Here for Items Related To - Kerberized Internet Negotiation Of Keys
OR:
Kerberized Internet Negotiation Of Keys on:   [Wikipedia]   [Google]   [Amazon]

Kerberized Internet Negotiation of Keys (KINK) is a protocol defined in RFC 4430 used to set up an
IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
security association (SA), similar to
Internet Key Exchange In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.The Internet Key Exch ...
(IKE), utilizing the Kerberos protocol to allow trusted third parties to handle authentication of peers and management of security policies in a centralized fashion. Its motivation is given in RFC 3129 as an alternative to IKE, in which peers must each use
X.509 In cryptography, X.509 is an International Telecommunication Union (ITU) standard defining the format of public key certificates. X.509 certificates are used in many Internet protocols, including TLS/SSL, which is the basis for HTTPS, the secu ...
certificates for authentication, use Diffie–Hellman key exchange (DH) for encryption, know and implement a security policy for every peer with which it will connect, with authentication of the X.509 certificates either pre-arranged or using
DNS The Domain Name System (DNS) is a hierarchical and distributed naming system for computers, services, and other resources in the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to ...
, preferably with
DNSSEC The Domain Name System Security Extensions (DNSSEC) are a suite of extension specifications by the Internet Engineering Task Force (IETF) for securing data exchanged in the Domain Name System (DNS) in Internet Protocol (IP) networks. The protoc ...
. Utilizing Kerberos, KINK peers must only mutually authenticate with the appropriate Authentication Server (AS), with a
key distribution center {{cleanup, date=November 2011 In cryptography, a key distribution center (KDC) is part of a cryptosystem intended to reduce the risks inherent in exchanging keys. KDCs often operate in systems within which some users may have permission to use ce ...
(KDC) in turn controlling distribution of keying material for encryption and therefore controlling the IPsec security policy.


Protocol description

KINK is a command/response protocol that can create, delete, and maintain
IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of data to provide secure encrypted communication between two computers over an Internet Protocol network. It is used in ...
SAs. Each command or response contains a common header along with a set of type-length-value payloads. The type of a command or a response constrains the payloads sent in the messages of the exchange. KINK itself is a stateless protocol in that each command or response does not require storage of hard state for KINK. This is in contrast to IKE, which uses Main Mode to first establish an Internet Security Association and Key Management Protocol ( ISAKMP) SA followed by subsequent Quick Mode exchanges. KINK uses Kerberos mechanisms to provide mutual authentication and replay protection. For establishing SAs, KINK provides confidentiality for the payloads that follow the Kerberos AP-REQ payload. The design of KINK mitigates denial of service attacks by requiring authenticated exchanges before the use of any public key operations and the installation of any state. KINK also provides a means of using Kerberos User-to-User mechanisms when there is not a key shared between the server and the KDC. This is typically, but not limited to, the case with IPsec peers using PKINIT for initial authentication. KINK directly reuses Quick Mode payloads defined in section 5.5 of
IKE Ike or IKE may refer to: People * Ike (given name), a list of people with the name or nickname * Dwight D. Eisenhower (1890–1969), Supreme Commander of the Allied forces in Europe during World War II and President of the United States Surname ...
, with some minor changes and omissions. In most cases, KINK exchanges are a single command and its response. An optional third message is required when creating SAs, only if the responder rejects the first proposal from the initiator or wants to contribute the keying materials. KINK also provides rekeying and
Dead Peer Detection Dead Peer Detection (DPD) is a method of detecting a dead Internet Key Exchange (IKE) peer. The method uses IPsec In computing, Internet Protocol Security (IPsec) is a secure network protocol suite that authenticates and encrypts packets of da ...
.


Packet format

The KINK message includes the following fields: * type: CREATE, DELETE, REPLY, GETTGT, ACK, STATUS, or private use * version: the major protocol version number * length: length of the entire message * domain of interpretation (DOI): a DOI as defined in the
Internet Security Association and Key Management Protocol Internet Security Association and Key Management Protocol (ISAKMP) is a protocol defined by RFC 2408 for establishing Security association (SA) and cryptographic keys in an Internet environment. ISAKMP only provides a framework for authentication an ...
(ISAKMP) * transaction ID (XID): identification the transaction, defined as a command, a reply, and an optional acknowledgement * next payload: type of the first payload after the message header as KINK_DONE, KINK_AP_REQ, KINK_AP_REP, KINK_KRB_ERROR, KINK_TGT_REQ, KINK_TGT_REP, KINK_ISAKMP, KINK_ENCRYPT, or KINK_ERROR * ACK or ACKREQ bit: 1 if responder requires an explicit acknowledgement that a REPLY was received otherwise 0 * checksum length: length in bytes of the cryptographic checksum of the message * payloads: a list of Type/Length/Value (TLV) payloads * checksum: Kerberos keyed checksum over the entire message excluding the checksum field itself


Payloads

KINK payloads are defined as: * next payload: type of the first payload * length: length of the payload The following payloads are defined: * KINK_AP_REQ: a payload that relays a Kerberos AP-REQ to the responder * KINK_AP_REP: a payload that relays a Kerberos AP-REP to the initiator * KINK_KRB_ERROR: a payload that relays Kerberos type errors back to the initiator * KINK_TGT_REQ: a payload that provides a means to get a TGT from the peer in order to obtain a User-to-User service ticket from the KDC * KINK_TGT_REP: a payload that contains the TGT requested in a previous KINK_TGT_REQ payload of a GETTGT command * KINK_ISAKMP: a payload to encapsulate the ISAKMP IKE Quick Mode (phase 2) payloads, to allow backward compatibility with IKE and ISAKMP if there are subsequent revisions * KINK_ENCRYPT: a payload to encapsulate other KINK payloads and is encrypted using the session key and the algorithm specified by its etype * KINK_ERROR: a payload that returns an error condition


Implementations

The following open source implementations of KINK are currently available:
Racoon2
from the
WIDE Project The WIDE Project (Widely Integrated Distributed Environment) is an Internet project in Japan founded by Keio University, Tokyo Institute of Technology, and The University of Tokyo that was started in 1985. It runs a major backbone of the Japane ...
.


See also

*
Internet Key Exchange In computing, Internet Key Exchange (IKE, sometimes IKEv1 or IKEv2, depending on version) is the protocol used to set up a security association (SA) in the IPsec protocol suite. IKE builds upon the Oakley protocol and ISAKMP.The Internet Key Exch ...


References

{{reflist IPsec Cryptographic protocols