IETF Logo Mail Archive

Re: [Anima-bootstrap] anima-bootstrap: Bootstrap proxy discovery options

Michael Richardson <mcr+ietf@sandelman.ca> Wed, 09 December 2015 20:48 UTC

Return-Path: <mcr@sandelman.ca>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 752041A9153 for <anima-bootstrap@ietfa.amsl.com>; Wed, 9 Dec 2015 12:48:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.911
X-Spam-Level:
X-Spam-Status: No, score=-1.911 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id RgXx_QRqr0hB for <anima-bootstrap@ietfa.amsl.com>; Wed, 9 Dec 2015 12:48:46 -0800 (PST)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 809C61A90CE for <anima-bootstrap@ietf.org>; Wed, 9 Dec 2015 12:48:46 -0800 (PST)
Received: from sandelman.ca (obiwan.sandelman.ca [IPv6:2607:f0b0:f:2::247]) by tuna.sandelman.ca (Postfix) with ESMTP id EC287203CA for <anima-bootstrap@ietf.org>; Wed, 9 Dec 2015 15:54:22 -0500 (EST)
Received: by sandelman.ca (Postfix, from userid 179) id 8250563757; Wed, 9 Dec 2015 15:48:45 -0500 (EST)
Received: from sandelman.ca (localhost [127.0.0.1]) by sandelman.ca (Postfix) with ESMTP id 6619C63745 for <anima-bootstrap@ietf.org>; Wed, 9 Dec 2015 15:48:45 -0500 (EST)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>
In-Reply-To: <f2e7d37fa6a74ce786f2aebfcded060b@XCH-RCD-006.cisco.com>
References: <20151204014333.GZ29056@cisco.com> <A4DCBB7E-A722-4AC1-A7B7-BD185ABEBF7F@cisco.com> <13379.1449515233@dooku.sandelman.ca> <20D831CB-5075-4899-9C4F-D3D04334B1CF@cisco.com> <2495.1449614267@dooku.sandelman.ca> <43C69994-D02E-44A0-A739-4A6E45A3CE8C@cisco.com> <566776A4.4080804@gmail.com> <f2e7d37fa6a74ce786f2aebfcded060b@XCH-RCD-006.cisco.com>
X-Mailer: MH-E 8.6; nmh 1.3-dev; GNU Emacs 24.4.2
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha1"; protocol="application/pgp-signature"
Date: Wed, 09 Dec 2015 15:48:45 -0500
Message-ID: <18690.1449694125@sandelman.ca>
Sender: mcr@sandelman.ca
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-bootstrap/1UxDDvfNvST5y4aSji4izUP8t4o>
Subject: Re: [Anima-bootstrap] anima-bootstrap: Bootstrap proxy discovery options
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 09 Dec 2015 20:48:48 -0000

Michael Behringer (mbehring) <mbehring@cisco.com> wrote:
    > I agree with Brian. New node and proxy need find each other, this
    > invariably will involve some mcast probe. And, mcr, I think also your
    > IKE proposal included IKE mcast packets initially, right? So also that
    > is not "normal" and will be detected. I think trying to hide the
    > process is impossible, thus we shouldn't even try to optimise toward
    > it, but focus on minimising disclosure.

Autonomic nodes will be regularly looking for other autonomic nodes on all
links in order to form redundant links for the ACP to use.  This is how the
adjacency table will be filled out.

We have a wide variety of possible multicasts available for populating the
advancy table. (And we should pick one, not many)
        1) NDs
        2) RPL DIS/DIO messages
        3) insecure-GRASPs
        4) mDNS

The advantage of doing this with IKEv2 (or TLS1.3) is that the identities
(and therefore bootstrap state) of each end point is only revealed within the
privacy of the initial DH.  [This is still subject to active eavesdropping!]

    > I think the optimum is:
    > - if the proxy sends out minimal information. Probably just something
    > identifying a domain. I don't see another way right now than doing this
    > periodically.
    > - if the new node sends nothing at all (ie just responds)

Well, my process would like:
      1) a multicast packet saying, "I'm an autonomic node" is sent out.
         It would have no domain or other identifying information.
         IKEv2 SA_INIT look something like:

IPv6 (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 864)
    fe80::3a60:77ff:fe38:e647.500 > ff02::1a.500: isakmp 2.0 msgid 00000000: parent_sa ikev2_init[I]:
    (sa: len=504
        (p: #1 protoid=isakmp transform=4 len=44
            (t: #1 type=encr id=aes (type=keylen value=0080))
            (t: #2 type=integ id=hmac-sha )
            (t: #3 type=prf id=hmac-sha )
            (t: #4 type=dh id=modp2048 ))
            ... see https://goo.gl/IHm6BJ for more details)
    (v2ke: len=256 group=modp2048)
    (nonce: len=16 data=(20989d37a814a64d8ff0...d320e9e3000000104f45706c75746f756e697430))
    (v2vid: len=12 vid=OEababababab)

2) a node seeing this, and wanting to establish a tunnel with that
      node, (whether to run an ACP over it, to offer to bootstrap it, or
      because it needs to be bootstraped), would reply, asking for the
      initiator to provide an IKEv2 cookie.
      (This acts as a sender address validation much like TCP SYN/ACK.
      see section 2.6 of rfc7296)

IPv6 (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 864)
    fe80::3a60:c0ff:ffee:babe.500 > fe80::3a60:77ff:fe38:e647.500: isakmp 2.0
    msgid 00000000: parent_sa ikev2_init[R]
    (cookie: COOKIE)

3) original initiator, seeing a new peer, replies with a new initiation,
    including the cookie as provided.

IPv6 (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 864)
    fe80::3a60:77ff:fe38:e647.500 > fe80::3a60:c0ff:ffee:babe.500: isakmp 2.0
    msgid 00000000: parent_sa ikev2_init[I]:
    (cookie: COOKIE)
    (sa: len=504
        (p: #1 protoid=isakmp transform=4 len=44
            (t: #1 type=encr id=aes (type=keylen value=0080))
            (t: #2 type=integ id=hmac-sha )
            (t: #3 type=prf id=hmac-sha )
            (t: #4 type=dh id=modp2048 ))
            ... see https://goo.gl/IHm6BJ for more details)
    (v2ke: len=256 group=modp2048)
    (nonce: len=16 data=(20989d37a814a64d8ff0...d320e9e3000000104f45706c75746f756e697430))
    (v2vid: len=12 vid=OEababababab)
...

4) then responder replies, and the IKEv2 PARENT SA is alive, and one could do
   all sorts of things, including:
        a) turn on a one-hop prospective ACP to get to the enrollment proxy.
        b) use EAP-TLS as the proxy mechanism.
        c) use something else/new as the proxy mechanism within IKEv2.
        d) recognize the other party, and bring up a real ACP.

The brilliant part is that no observer can tell which of a,b,c,d is really
going on from outside, they just see port-500 and ESP packets, which all
they'd ever see of the ACP anyway.

--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
 -= IPv6 IoT consulting =-

v2.23.0 | Report a Bug | By Email