plutoplus policy pki 2000

50 %
50 %
Information about plutoplus policy pki 2000
Education

Published on June 20, 2007

Author: Aric85

Source: authorstream.com

PlutoPlus:Policy and PKI Plans for FY00:  PlutoPlus: Policy and PKI Plans for FY00 Sheila Frankel Systems and Network Security Group Computer Security Division NIST sheila.frankel@nist.gov PlutoPlus ‘99:  PlutoPlus ‘99 Peer authentication : pre-shared secret keys Policy: Same policy for all peers Initiator proposes single policy Responder must accept proposed policy Y2K PlutoPlus:  Y2K PlutoPlus Peer authentication : choice of pre-shared secret keys, digital signature, or public key encryption Policy: Flexible policy database Different policies for different peers Initiator proposes multiple policies Responder selects most preferable policy What Constitutes Policy? :  What Constitutes Policy? Encryption algorithm: DES, 3DES, Blowfish, IDEA, RC5 Encryption Key Length Authentication algorithm: HMAC-MD5, HMAC-SHA1 Diffie-Hellman group: prime with 96, 128, or 192 bytes Encapsulation mode: tunnel or transport Policy Database Elements (cont’d) :  Policy Database Elements (cont’d) Peer authentication: pre-shared secret key, digital signature, public key encryption Negotiated Security Association’s Lifetime: seconds and/or kilobytes protected Perfect Forward Secrecy for negotiated keys Why PKI Interaction?:  Why PKI Interaction? Peer authentication with pre-shared keys: pre-shared secret key used to prove identity limited scalability opportunistic encryption impossible Peer authentication with PKI digital signature or public key used to prove identity scalable opportunistic encryption possible

Add a comment

Related presentations

Related pages

Unsolved Problems of the 1990s - NIST

PlutoPlus: Policy and PKI Plans for FY00 Sheila Frankel Systems and Network Security Group Computer Security Division NIST sheila.frankel@nist.gov ...
Read more

Microsoft Windows 2000 Public Key Infrastructure

Discusses the comprehensive public-key infrastructure (PKI) introduced by Microsoft® Windows® 2000.
Read more

How to Implement PKI - technet.microsoft.com

To learn about Windows 2000 PKI features, ... A number of PKI policies can be set in a Group Policy object and thereby applied to computers in domain and ...
Read more

An Introduction to the Windows 2000 Public-Key Infrastructure

An Introduction to the Windows 2000 Public-Key Infrastructure ... public-key infrastructure (PKI) ... policies. The Windows 2000 PKI gives ...
Read more

NIST IPsec Project

The NIST IPsec Project is concerned with providing authentication, ... February 2000. ... "PlutoPlus: Policy and PKI Plans for FY00," November 1999.
Read more

Windows 2000 Server and PKI: Using the nCipher Hardware ...

Windows 2000 Server and PKI: Using the nCipher Hardware Security Module ... ANSI ASC X9.79, PKI Practices and Policy Framework, September 2000.
Read more

HOW TO: Change the Policy Settings for a Certification ...

HOW TO: Change the Policy Settings for a Certification Authority (CA) in Windows 2000
Read more

Information Technology Laboratory Homepage - itl.nist.gov

Take a sneak peek at the new NIST.gov and let us know what you think!
Read more