Configuring TLS

Diameter clients and servers use TCP connections to send messages to each other. A Diameter TCP connection can be configured to use TLS (Transport Layer Security). The TLS protocol can be used to ensure:

Confidentiality - Messages are encrypted so they can't be interpreted by unintended listeners
Message Integrity - Messages cannot be modified in transit without detection
Endpoint Authentication - TLS connections are only established between hosts with appropriate credentials.

To configure the Diameter server to use TLS on a client connection, configure the peer with the TLS security.

Please see the links below for background information regarding TLS.

Introduction to Public-Key Cryptography: http://developer.netscape.com/docs/manuals/security/pkin/contents.htm
Introduction to SSL: http://developer.netscape.com/docs/manuals/security/sslin/contents.htm

Cipher Suites

When a TLS connection is being established, the connection endpoints need to agree on a set of algorithms to use to secure the connection. A set of such algorithms is called a cipher suite.

We can categorize cipher suites into two groups:

RSA Cipher Suites, which require RSA certificates for endpoint authentication
Anonymous Cipher Suites, which do not require certificates for endpoint authentication. RSA cipher suite security is stronger than anonymous cipher suite security, but anonymous cipher suites are easier to configure.

Diameter peers always authenticate each other. When RSA cipher suites are used, the RSA-based authentication occurs during the TLS handshake. When anonymous cipher suites are used, the anonymous TLS peer authentication occurs after the TLS handshake ends. Mobile AAA TLS peer authentication uses a shared secret, which is specified in the peer entry, for an anonymous cipher suite.

Cipher Suite Configuration Requirements

Cipher Suites must be configured properly before they can be used by the Diameter application. TLS configuration files are located in the /etc/opt/aaa/diameter/security directory. When the Mobile AAA server is initially installed, TLS is configured to use anonymous cipher suites. The cipher suite order is stored in the ciper_suite_order.txt file.

cipher_suite_order.txt

This file contains the TLS cipher suite order. The TLS cipher suite order indicates what TLS cipher suites can be negotiated by the Diameter application. The cipher suites listed below may be put into the TLS cipher suite order.

Cipher Suite Auth Key Exchange Encryption Digest -------------------------------------------------------------------------------- TLS_RSA_WITH_RC4_128_MD5 RSA RSA ARC4_128 MD5 TLS_RSA_WITH_RC4_128_SHA RSA RSA ARC4_128 SHA TLS_RSA_WITH_3DES_EDE_CBC_SHA RSA RSA 3DES_EDE_CBC SHA TLS_DH_anon_WITH_RC4_128_MD5 None DH ARC4_128 MD5 TLS_DH_anon_WITH_3DES_EDE_CBC_SHA None DH 3DES_EDE_CBC SHA




	NOTE: The ARC4 encryption algorithm included in the Diameter application is compatible with the RC4 encryption algorithm.

When the Diameter application initiates a connection to a peer, the names of properly configured cipher suites listed in the cipher suite order are sent to the Diameter peer in the TLS ClientHello message. The peer will then select the cipher suite to use from those named in the TLS ClientHello message. The Diameter peer will send the TLS ServerHello message back to the Diameter application indicating which cipher suite was selected.

When the Diameter application accepts a connection to a peer, a ClientHello message will be received from the peer containing the names of cipher suites that are acceptable to the peer. The Diameter application will select a cipher suite to use from those named in the ClientHello message. The Diameter application will select the first cipher suite named in the cipher suite order that is in the ClientHello message and is properly configured.

ca_list.pem

Certificate Authority (CA) certificates required by your network must be added to this file. You can use a utility such as openssl (see www.openssl.org) to create CA certificates for your enterprise or you can obtain CA certificates from an existing Certificate Authority. Certificate Authorities for all certificates expected from peers must be added to this file.

rsa_cert.pem, rsa_key.pem

A certificate and corresponding RSA private key can be added to these files. The certificate is used to identify the Diameter host. The certificate must be configured with the Common Name matching the fully qualified domain name of the Diameter host.

You can use a utility such as openssl to create an RSA certificate and private key or you can obtain an RSA certificate and private key from an established certificate authority. An RSA certificate and private key must be added to rsa_cert.pem and rsa_key.pem, respectively, to properly configure any cipher suite that uses RSA authentication. HP recommends an RSA key size of at least 1024 bits. If the key added to rsa_key.pem requires a pass phrase, remove the pass phrase before starting the Diameter server.

dhparams.pem

This file must contain Diffie-Hellman group parameters to properly configure any cipher suite that uses the Diffie-Hellman key exchange algorithm. When the Diameter application is installed the dhparams.pem file will contain Diffie-Hellman group parameters for key length of 1024 bits. These parameters were created using openssl.

The risk in using these Diffie-Hellman group parameters is that an attacker may specialize on a very often used Diffie-Hellman group. If this is a concern to you, you can create your own Diffie-Hellman group parameters and put them in dhparams.pem. HP recommends that you use Diffie-Hellman group parameters for a key length of at least 1024 bits.

You can generate Diffie-Hellman group parameters using OpenSSL by executing the following command:
$ openssl dhparam 1024 > dhparams.pem

index2

This file contains binary data used by the Diameter server. It is not configured by an administrator.