IETF Logo Mail Archive

Re: [Ace] Group Communication Security Disagreements

Michael StJohns <mstjohns@comcast.net> Thu, 15 September 2016 16:27 UTC

Return-Path: <mstjohns@comcast.net>
X-Original-To: ace@ietfa.amsl.com
Delivered-To: ace@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AB64112B682 for <ace@ietfa.amsl.com>; Thu, 15 Sep 2016 09:27:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.207
X-Spam-Level:
X-Spam-Status: No, score=-4.207 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, RP_MATCHES_RCVD=-1.508, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=comcast.net
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZqoPZjWLSMta for <ace@ietfa.amsl.com>; Thu, 15 Sep 2016 09:27:14 -0700 (PDT)
Received: from resqmta-ch2-05v.sys.comcast.net (resqmta-ch2-05v.sys.comcast.net [IPv6:2001:558:fe21:29:69:252:207:37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 911E712B885 for <ace@ietf.org>; Thu, 15 Sep 2016 08:36:20 -0700 (PDT)
Received: from resomta-ch2-13v.sys.comcast.net ([69.252.207.109]) by resqmta-ch2-05v.sys.comcast.net with SMTP id kYg3bOyI12FGMkYi3bvqtD; Thu, 15 Sep 2016 15:36:19 +0000
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=comcast.net; s=q20140121; t=1473953779; bh=oin6a1WL2Ul4dztkvxRQ+O3Ya89YW6aAt4lixNmJZHM=; h=Received:Received:Subject:To:From:Message-ID:Date:MIME-Version: Content-Type; b=O3b6JtgWXMNCs8AMqwtqQLgfLG5lv+INh5nNxdGMWirPb2V672RAgXAx/eWeg6OZ1 yOzTkm4JrtWkd8rVL0jGGzIrXksGxMCXXbUZPbZLMNgphs4cBgHIdkcbeoXoHa5QqJ DZGjz1kwreDRgA2n1i0w96bsscB2I37rMUAVseZgYRzDwaIcTyIaQb6HPFUXmB5CXX uZLcUV9ic9vLERp3vAygkPiGxhY7jTOc5uZbNZp+3DbGfSj0HAcFNWUXBn4MLTh3z4 U1FeCZ9FRIwEqRaanSf/2Def4Q0nTYGvaj72mbGFNF6+6Y4QJDwat4SOMkQd9H40TS Tc/VsOpUICBSg==
Received: from [IPv6:2601:148:c000:1951:c183:6e85:ca72:fed] ([IPv6:2601:148:c000:1951:c183:6e85:ca72:fed]) by resomta-ch2-13v.sys.comcast.net with SMTP id kYi2bgjWPF329kYi3bcYb6; Thu, 15 Sep 2016 15:36:19 +0000
To: ace@ietf.org
References: <57909032.10809@gmx.net> <6d259c5b-28e3-c748-4590-0c9f942fe343@comcast.net> <378a0359-6b31-a30c-af28-8ea567b06b00@cisco.com> <57963480.2000809@gmx.net> <0d4c6d56-ebb5-2f43-d555-29c336396033@ericsson.com> <15169.1469642303@obiwan.sandelman.ca> <CAHbuEH4u=AF1LSoDq+YfLwt+VX1OOrj54331GuZmyjLswHvNnw@mail.gmail.com> <3271.1469656595@obiwan.sandelman.ca> <32aa7104-70df-80c7-8d6e-537b66716de9@comcast.net> <13663.1469714549@obiwan.sandelman.ca> <9a4153f1-6a96-0ae6-020b-0f0f966aecdf@cisco.com> <95997f84-2715-3287-39d3-45d6ff5f3ea0@comcast.net> <463a5cce-9dd1-5d68-bd97-0f08d0719960@sics.se> <HE1PR0601MB2203647255579D1B1D7C6E9EFCF10@HE1PR0601MB2203.eurprd06.prod.outlook.com> <d86dbf18-9caa-a621-aca7-ffc85317f443@cisco.com>
From: Michael StJohns <mstjohns@comcast.net>
Message-ID: <97bfa890-da35-8db6-9a11-207f40883e42@comcast.net>
Date: Thu, 15 Sep 2016 11:36:18 -0400
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0
MIME-Version: 1.0
In-Reply-To: <d86dbf18-9caa-a621-aca7-ffc85317f443@cisco.com>
Content-Type: multipart/alternative; boundary="------------59025F66E319332B14AA8E01"
X-CMAE-Envelope: MS4wfBIY+26JxpWgpF/GsYAw0/tPWRH64rW9dIh7GkS76Y7lIA1VrqXznxem/w1fmqNwRdMfCwARx9qDQnhYXqx9ad/1aCLlNnWvmFttmIJWgxMJUL+r1+2d HDN+ZPbfpXpMtsJqsbRHzsrmu6RTuF+J9b4uPGldafV8qoNlt1IjnYC6bjPzhQUut/AqYYR2j9fD/Q==
Archived-At: <https://mailarchive.ietf.org/arch/msg/ace/_8A6JY4WDAQ-PfbsngyS_CG304g>
Subject: Re: [Ace] Group Communication Security Disagreements
X-BeenThere: ace@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: "Authentication and Authorization for Constrained Environments \(ace\)" <ace.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ace>, <mailto:ace-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ace/>
List-Post: <mailto:ace@ietf.org>
List-Help: <mailto:ace-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ace>, <mailto:ace-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 15 Sep 2016 16:27:17 -0000

Hi Elliot et al -

Sorry, I think you're still missing the point:

  * Source Authentication (A) cannot be accomplished securely by
    Symmetric Key Multicast  (^B):   (A -> ^B)
  * Cyber Physical control functions (C)  require source authentication 
    (A):  (C -> A)
  * Turning on and off lights (D) is a Cyber Physical Control Function
    (C):  (D -> C)
  * Therefore Turning on and off lights (D) requires source
    authentication (B):  (D -> C -> A) (D -> A)
  * Therefore Turning on and off lights (D) cannot be accomplished
    securely by Symmetric Key Multicast (^B):  (D -> C) ( C -> A) (D ->
    C -> A) ( D->A) (A -> ^B) (D -> ^B).

Apologies if I got the formal logic wrong - its been a while.

The above seems to be pretty clear.  You might argue the second line, 
but if you do, you pretty much argue that some forms of cyber physical 
control require no security at all.  In which case, defining a security 
protocol which implements symmetric key multicast for control function 
authentication still makes no sense and is probably still not a useful 
candidate for adoption.

What I'd suggest at this point is that *_the lighting folk go away and 
huddle together to produce a document that they submit independently as 
an "Informational" _*"this is how *we* do it" document rather than 
trying to turn this into an Internet Standard.  Given that there seems 
(seems ~= I haven't heard any other group step up claiming they'd find 
this approach both useful (and mandatory - cf latency and cost issues) 
for their specific problem) to be no other use case besides lighting, 
that may be the best approach overall.

This is either a general purpose protocol, in which case it needs to be 
at least conditionally secure for all cases, or it is a protocol that 
applies to a very very limited set of functionality in which case it is 
probably not an IETF problem to be solving.

Later, Mike

ps - so far this discussion hasn't varied much from the discussion in DICE.


On 9/14/2016 6:10 AM, Eliot Lear wrote:
> Hi Abhinav,
>
> Thanks for this email.  I think this is pretty close to what I think is
> necessary.  To be sure, vendors and developers have very little power to
> limit where their products will be placed.  Thus it is important to
> state strongly that source authentication is necessary at other layers
> when it is not used at this layer.  To me that would cover all
> circumstances.  With that approach, I would strongly support the
> adoption of your document as a WG document and would of course review it
> and provide comments (as I have ;-).
>
> Regards,
>
> Eliot
>
>
>
> On 9/14/16 11:33 AM, Somaraju Abhinav wrote:
>> Hi all,
>>
>> Thank you all for the feedback on the group communication security discussion.
>>
>> We noticed that two concerns have been raised with the current specification.
>> 1)   Symmetric keys do not provide source authentication. Here, most people on the mailing list agreed that symmetric keys provides basic security and is sufficient for lighting applications. It is not intended to be used in the wider internet for more sensitive group communication security use-cases.
>> 2)   How to ensure that the symmetric key group communication security solution is not used in situations it is not designed for?
>>
>> We propose to address the received feedback by making the following modifications to the document:
>>
>> 1)   We will add an additional section where we specify how asymmetric cryptography can be used for secure group communication. This will help for all those cases where source authentication is desired.
>> 2)   Add a security considerations section where we explain that the asymmetric key solution is the recommended approach but that there are situations where low latency group communication makes it difficult to use asymmetric cryptography and where source authentication is less important. You could call it an applicability statement.
>>
>> If this proposed modifications makes sense then we can try to submit a new draft with these changes.
>>
>> Abhinav
>> ________________________________________________________ The contents of this e-mail and any attachments are confidential to the intended recipient. They may not be disclosed to or used by or copied in any way by anyone other than the intended recipient. If this e-mail is received in error, please immediately notify the sender and delete the e-mail and attached documents. Please note that neither the sender nor the sender's company accept any responsibility for viruses and it is your responsibility to scan or otherwise check this e-mail and any attachments.
>>
>> _______________________________________________
>> Ace mailing list
>> Ace@ietf.org
>> https://www.ietf.org/mailman/listinfo/ace
>>
>
>
>
> _______________________________________________
> Ace mailing list
> Ace@ietf.org
> https://www.ietf.org/mailman/listinfo/ace

v2.37.1 | Report a Bug | By Email | System Status