The Experts below are selected from a list of 987 Experts worldwide ranked by ideXlab platform
Joseph Salowey - One of the best experts on this subject based on the ideXlab platform.
-
Cisco Vendor-Specific RADIUS Attributes for the Delivery of Keying Material
2011Co-Authors: Glen Zorn, Tiebing Zhang, Jesse Walker, Joseph SaloweyAbstract:This document defines a set of vendor specific RADIUS Attributes designed to allow both the secure transmission of cryptographic Keying Material and strong authentication of any RADIUS message. This attributes have been allocated from the Cisco vendor specific space and have been implemented by multiple vendors.
-
Cisco Vendor-Specific RADIUS Attributes for the Delivery of Keying Material
2011Co-Authors: Glen Zorn, Tiebing Zhang, Jesse Walker, Joseph SaloweyAbstract:This document defines a set of vendor-specific RADIUS Attributes designed to allow both the secure transmission of cryptographic Keying Material and strong authentication of any RADIUS message. These attributes have been allocated from the Cisco vendor-specific space and have been implemented by multiple vendors. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained a
Eric Rescorla - One of the best experts on this subject based on the ideXlab platform.
-
datagram transport layer security dtls for stream control transmission protocol sctp
RFC, 2011Co-Authors: Michael Tuexen, Robin Seggelmann, Eric RescorlaAbstract:This document describes the usage of the Datagram Transport Layer Security (DTLS) protocol over the Stream Control Transmission Protocol (SCTP). The user of DTLS over SCTP can take advantage of most of the features provided by SCTP and its extensions, especially support of o multi-homing to provide network level fault tolerance. o dynamic reconfiguration of IPv4 and IPv6 addresses. o multiple streams to avoid head of line blocking. o unordered delivery. o dynamic reconfiguration of streams. o partially reliable data transfer. However, the DTLS maximum user message size limit of 2^14 bytes applies also to DTLS over SCTP. Since DTLS over SCTP uses the SCTP- AUTH extension, the DTLS user can not manage the Keying Material, since this is done by the DTLS layer.
-
Keying Material Exporters for Transport Layer Security (TLS)
2010Co-Authors: Eric RescorlaAbstract:A number of protocols wish to leverage Transport Layer Security (TLS) to perform key establishment but then use some of the Keying Material for their own purposes. This document describes a general mechanism for allowing that.
-
Keying Material Extractors for Transport Layer Security (TLS)
2007Co-Authors: Eric RescorlaAbstract:A number of protocols wish to leverage Transport Layer Security (TLS) to perform key establishment but then use some of the Keying Material for their own purposes. This document describes a general mechanism for allowing that.
Glen Zorn - One of the best experts on this subject based on the ideXlab platform.
-
Cisco Vendor-Specific RADIUS Attributes for the Delivery of Keying Material
2011Co-Authors: Glen Zorn, Tiebing Zhang, Jesse Walker, Joseph SaloweyAbstract:This document defines a set of vendor specific RADIUS Attributes designed to allow both the secure transmission of cryptographic Keying Material and strong authentication of any RADIUS message. This attributes have been allocated from the Cisco vendor specific space and have been implemented by multiple vendors.
-
Cisco Vendor-Specific RADIUS Attributes for the Delivery of Keying Material
2011Co-Authors: Glen Zorn, Tiebing Zhang, Jesse Walker, Joseph SaloweyAbstract:This document defines a set of vendor-specific RADIUS Attributes designed to allow both the secure transmission of cryptographic Keying Material and strong authentication of any RADIUS message. These attributes have been allocated from the Cisco vendor-specific space and have been implemented by multiple vendors. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained a
Leonid Reyzin - One of the best experts on this subject based on the ideXlab platform.
-
fuzzy extractors how to generate strong keys from biometrics and other noisy data
arXiv: Cryptography and Security, 2006Co-Authors: Rafail Ostrovsky, Leonid ReyzinAbstract:We provide formal definitions and efficient secure techniques for - turning noisy information into keys usable for any cryptographic application, and, in particular, - reliably and securely authenticating biometric data. Our techniques apply not just to biometric information, but to any Keying Material that, unlike traditional cryptographic keys, is (1) not reproducible precisely and (2) not distributed uniformly. We propose two primitives: a "fuzzy extractor" reliably extracts nearly uniform randomness R from its input; the extraction is error-tolerant in the sense that R will be the same even if the input changes, as long as it remains reasonably close to the original. Thus, R can be used as a key in a cryptographic application. A "secure sketch" produces public information about its input w that does not reveal w, and yet allows exact recovery of w given another value that is close to w. Thus, it can be used to reliably reproduce error-prone biometric inputs without incurring the security risk inherent in storing them. We define the primitives to be both formally secure and versatile, generalizing much prior work. In addition, we provide nearly optimal constructions of both primitives for various measures of ``closeness'' of input data, such as Hamming distance, edit distance, and set difference.
-
fuzzy extractors how to generate strong keys from biometrics and other noisy data
Lecture Notes in Computer Science, 2004Co-Authors: Leonid ReyzinAbstract:We provide formal definitions and efficient secure techniques for - turning biometric information into keys usable for any cryptographic application, and - reliably and securely authenticating biometric data. Our techniques apply not just to biometric information, but to any Keying Material that, unlike traditional cryptographic keys, is (1) not reproducible precisely and (2) not distributed uniformly. We propose two primitives: a fuzzy extractor extracts nearly uniform randomness R from its biometric input; the extraction is error-tolerant in the sense that R will be the same even if the input changes, as long as it remains reasonably close to the original. Thus, R can be used as a key in any cryptographic application. A secure sketch produces public information about its biometric input w that does not reveal w, and yet allows exact recovery of w given another value that is close to w. Thus, it can be used to reliably reproduce error-prone biometric inputs without incurring the security risk inherent in storing them. In addition to formally introducing our new primitives, we provide nearly optimal constructions of both primitives for various measures of closeness of input data, such as Hamming distance, edit distance, and set difference.
Tiebing Zhang - One of the best experts on this subject based on the ideXlab platform.
-
Cisco Vendor-Specific RADIUS Attributes for the Delivery of Keying Material
2011Co-Authors: Glen Zorn, Tiebing Zhang, Jesse Walker, Joseph SaloweyAbstract:This document defines a set of vendor specific RADIUS Attributes designed to allow both the secure transmission of cryptographic Keying Material and strong authentication of any RADIUS message. This attributes have been allocated from the Cisco vendor specific space and have been implemented by multiple vendors.
-
Cisco Vendor-Specific RADIUS Attributes for the Delivery of Keying Material
2011Co-Authors: Glen Zorn, Tiebing Zhang, Jesse Walker, Joseph SaloweyAbstract:This document defines a set of vendor-specific RADIUS Attributes designed to allow both the secure transmission of cryptographic Keying Material and strong authentication of any RADIUS message. These attributes have been allocated from the Cisco vendor-specific space and have been implemented by multiple vendors. Status of This Memo This document is not an Internet Standards Track specification; it is published for informational purposes. This is a contribution to the RFC Series, independently of any other RFC stream. The RFC Editor has chosen to publish this document at its discretion and makes no statement about its value for implementation or deployment. Documents approved for publication by the RFC Editor are not a candidate for any level of Internet Standard; see Section 2 of RFC 5741. Information about the current status of this document, any errata, and how to provide feedback on it may be obtained a