50 Million Keys to SNMPv3 Privacy (2020)

By Paul E. Schauer, Comcast Cable

Security and Privacy must be top line features of any service operating today. Twenty years ago, the team at CableLabs prescribed SNMPv3 with Diffie Hellman key exchange for encrypting management traffic from DOCSIS cable modems. While SNMP is dated, simple non-sensitive management data is still integral to CM operations. Yet in 2020, few production implementations of encrypting SNMP have been reported. Because CM management traffic lives behind numerous other layers of network and physical security, this has not been a significant issue. Still, leaving the CM management data in clear text SNMP is an operational luxury that should be phased out of practice. Switching to newer, more secure protocols is a future solution that overlooks the millions of installed DOCSIS CMs. As part of Comcast’s ongoing evolution of security and privacy, clear text SNMP data has been deprecated. DOCSIS cable modem management is now encrypted with SNMPv3 utilizing Diffie Hellman key exchange as specified by CableLabs. Associated mechanisms for securely managing the privacy keys and boot files are part of the larger solution. This paper will highlight technical issues of implementing SNMPv3 with Diffie Hellman key exchange at MSO scale.

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

Privacy For Cable Services
By Frank R. Eldridge, The MITRE Corporation
Gridmetrics Data Provide Insights and Improve Situational Awareness of the Electric Power Grid
By Robert Cruickshank, Ph.D. & Nicolas Metts, Cable Television Laboratories; Paul Schauer, Comcast Cable Communications; Curtis Snyder
E-Commerce Over Cable: Providing Security For Interactive Applications
By Tony Wasilewski, Scientific-Atlanta, Inc.
A Practical Approach to Virtualizing DOCSIS 3.1 Network Functions
By David S. Early, Applied Broadband, Inc.; Paul E. Schauer, Comcast; Jason K. Schnitzer, Applied Broadband, Inc
A Cable Operator's Guide To Cablehome™ 1.0 Features
By Kevin Luehrs, Steve Saunders, CableLabs® and Nancy Davoust, YAS Broadband Ventures
Two Years Of Deploying ITV/EBIF Applications – Comcast’s Lessons Learned
By Robert Dandrea, Ph.D., Comcast Cable
Full Band Capture Revisited
By Ron Hranac, Cisco Systems; Chad Campbell, Intraway; Roger Fish & Tom Kolze, Broadcom; Even Kristoffersen & Aleksander Soeberg, Telia Norge; James Medlock, Akleza; Jason Rupe & Tom Williams, CableLabs; Paul Schauer & Larry Wolcott, Comcast
Key Learnings from Comcast’s Use of Open Source Software in the Access Network
By Louis Donofrio & Qin Zang, Comcast Cable; Vignesh Ramamurthy, Infosys Consulting
Cable and Mobile Convergence: A Vision from the Cable Communities Around the World
By Jennifer Andréoli-Fang, PhD, CableLabs; John T. Chapman, Ian Campbell, & Mark Grayson, Cisco; Ahmed Bencheikh, Praveen Srivastava & Vikas Sarawat, Charter Communications; Drew Davis & Paul Blaser, Cox Communications; Damian Poltz & Dave Morley, Shaw Communications; Eduardo Panciera, Telecom Argentina; Philippe Perron, Sylvain Archambault, Eric Menu, Géraldine Trouillard & David Lagacé, Videotron; Gavin Young & Bruno Cornaglia, Vodafone
Packetcable: A New Interactive Cable System Technology
By Paul Baran, Packetcable Inc.
More Results >>