Paper - 50 Million Keys to SNMPv3 Privacy

50 Million Keys to SNMPv3 Privacy (2020)

By Paul E. Schauer, Comcast Cable

Security and Privacy must be top line features of any service operating today. Twenty years ago, the team at CableLabs prescribed SNMPv3 with Diffie Hellman key exchange for encrypting management traffic from DOCSIS cable modems. While SNMP is dated, simple non-sensitive management data is still integral to CM operations. Yet in 2020, few production implementations of encrypting SNMP have been reported. Because CM management traffic lives behind numerous other layers of network and physical security, this has not been a significant issue. Still, leaving the CM management data in clear text SNMP is an operational luxury that should be phased out of practice. Switching to newer, more secure protocols is a future solution that overlooks the millions of installed DOCSIS CMs. As part of Comcast’s ongoing evolution of security and privacy, clear text SNMP data has been deprecated. DOCSIS cable modem management is now encrypted with SNMPv3 utilizing Diffie Hellman key exchange as specified by CableLabs. Associated mechanisms for securely managing the privacy keys and boot files are part of the larger solution. This paper will highlight technical issues of implementing SNMPv3 with Diffie Hellman key exchange at MSO scale.

Download Paper

By clicking the "Download Paper" button, you are agreeing to our terms and conditions.

Similar Papers

Privacy For Cable Services By Frank R. Eldridge, The MITRE Corporation	1972
E-Commerce Over Cable: Providing Security For Interactive Applications By Tony Wasilewski, Scientific-Atlanta, Inc.	1999
Gridmetrics Data Provide Insights and Improve Situational Awareness of the Electric Power Grid By Robert Cruickshank, Ph.D. & Nicolas Metts, Cable Television Laboratories; Paul Schauer, Comcast Cable Communications; Curtis Snyder	2020
Proactive Network Maintenance (PNM) Paves the Way for More Upstream Bandwidth By Takashi Hayakawa, Mike O’Dell, Paul Schauer, Larry Wolcott; Comcast	2022
Dynamic Deep Cycling Testing: The Use of Dynamic Deep Cycling Testing to Predict Battery State-of-Health in Outside Plant Environments By Michael Nispel, Comcast Cable; Alexander Falcon, Comcast Cable; Kang Lin, Comcast Cable; Paul Schauer, Comcast Cable; Cory Thompson, Comcast Cable	2023
A Practical Approach to Virtualizing DOCSIS 3.1 Network Functions By David S. Early, Applied Broadband, Inc.; Paul E. Schauer, Comcast; Jason K. Schnitzer, Applied Broadband, Inc	2017
A Cable Operator's Guide To Cablehome™ 1.0 Features By Kevin Luehrs, Steve Saunders, CableLabs® and Nancy Davoust, YAS Broadband Ventures	2002
Full Band Capture Revisited By Ron Hranac, Cisco Systems; Chad Campbell, Intraway; Roger Fish & Tom Kolze, Broadcom; Even Kristoffersen & Aleksander Soeberg, Telia Norge; James Medlock, Akleza; Jason Rupe & Tom Williams, CableLabs; Paul Schauer & Larry Wolcott, Comcast	2020
Two Years Of Deploying ITV/EBIF Applications – Comcast’s Lessons Learned By Robert Dandrea, Ph.D., Comcast Cable	2010
Photon Avatars in the Comcast Cosmos: An End-to-End View of Comcast Core, Metro and Access Networks By Venk Mutalik, Steve Ruppa, Fred Bartholf, Bob Gaydos, Steve Surdam, Amarildo Vieira, Dan Rice; Comcast	2022
More Results >>