Re: [Anima-bootstrap] [Anima] Ownership Concept
"Max Pritikin (pritikin)" <pritikin@cisco.com> Wed, 22 July 2015 13:04 UTC
Return-Path: <pritikin@cisco.com>
X-Original-To: anima-bootstrap@ietfa.amsl.com
Delivered-To: anima-bootstrap@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4C47B1B333E for <anima-bootstrap@ietfa.amsl.com>; Wed, 22 Jul 2015 06:04:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.51
X-Spam-Level:
X-Spam-Status: No, score=-14.51 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, T_RP_MATCHES_RCVD=-0.01, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iQYB0X70999d for <anima-bootstrap@ietfa.amsl.com>; Wed, 22 Jul 2015 06:04:23 -0700 (PDT)
Received: from rcdn-iport-1.cisco.com (rcdn-iport-1.cisco.com [173.37.86.72]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACE9C1B3341 for <anima-bootstrap@ietf.org>; Wed, 22 Jul 2015 06:04:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=38978; q=dns/txt; s=iport; t=1437570255; x=1438779855; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=wAfpyK9Lhru4FLHiv6qWb4U2/XIvWnSTZvrFKOMjUtk=; b=mCviUCJ4bzx3eKdTq+K74wObWG3Eb/5n+iw47zIxSmAsM/2xvUgA0JO2 Unq9It7ZH0psFaaXAN1kPRylXoFAXrkx9XkRI5G43HIIWnmUB3d5Ge2u9 vy5XFfJr3nIu1IK+elEInSTMJRcrcMjbSySUzjomaC/4evzV6rrYl6VK2 c=;
X-Files: draft-pritikin-anima-bootstrapping-keyinfra-diags.txt : 8771
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0CEBQDfk69V/4MNJK1RAQmDFVRpBoUmticqCYF3hB6BYQKBTTgUAQEBAQEBAX8LhCQBAQQaDUUCCxACAQg4BwcCMBQRAgQOBQ6IIA3MZwEBAQEBAQEBAQEBAQEBAQEBAQEBAReLTIQpAQMOFBwWAQQHAgKDE4EUAQSHDo1JAYI1gj+CYIRdgUNGg1eLGIQ5g2ERFYFfgh1vAYEDQ4EEAQEB
X-IronPort-AV: E=Sophos;i="5.15,523,1432598400"; d="txt'?scan'208,217";a="17668189"
Received: from alln-core-1.cisco.com ([173.36.13.131]) by rcdn-iport-1.cisco.com with ESMTP; 22 Jul 2015 13:04:14 +0000
Received: from xhc-rcd-x14.cisco.com (xhc-rcd-x14.cisco.com [173.37.183.88]) by alln-core-1.cisco.com (8.14.5/8.14.5) with ESMTP id t6MD4Evh032000 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Wed, 22 Jul 2015 13:04:14 GMT
Received: from xmb-rcd-x03.cisco.com ([169.254.7.176]) by xhc-rcd-x14.cisco.com ([173.37.183.88]) with mapi id 14.03.0195.001; Wed, 22 Jul 2015 08:04:13 -0500
From: "Max Pritikin (pritikin)" <pritikin@cisco.com>
To: "robert.cragie@gridmerge.com" <robert.cragie@gridmerge.com>
Thread-Topic: [Anima] Ownership Concept
Thread-Index: AQHQZn+Wm4eAxWuLS02QOiRijuPZe50siH6AgAErG4CAAORAgIAAqhaAgAAKs4CAAAlUAIAAbsyA///G6uSAA1+gAIACsoiAgAKxFICAsDW3gA==
Date: Wed, 22 Jul 2015 13:04:13 +0000
Message-ID: <C82C1BC2-8B35-444B-9D5E-ACB650F8B90C@cisco.com>
References: <5511E12E.9050002@gmx.net> <5511E359.10600@gmail.com> <5512DE41.6030209@gmail.com> <77FA386512F0D748BC7C02C36EB1106D956D45@szxeml557-mbs.china.huawei.com> <7912.1427385447@sandelman.ca> <77FA386512F0D748BC7C02C36EB1106D95700F@szxeml557-mbs.china.huawei.com> <1F85BE1D-44A3-420A-8852-A4BA0DE213AC@cisco.com> <CADrU+dLy-tvDXEHx97BXHjccdmoTY1hh960zDA6WU6h80CveuQ@mail.gmail.com> <DD32C1D9-F504-4D11-9C5D-88C9354D6B56@cisco.com> <CADrU+dK1eHncrZBb8imondi3Mp9kqjbQO7h0jZK4+5bXLwK=mA@mail.gmail.com> <247ADDB2-807D-4AB5-A814-58381A929EB5@cisco.com> <551BC405.3070204@gridmerge.com>
In-Reply-To: <551BC405.3070204@gridmerge.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach: yes
X-MS-TNEF-Correlator:
x-originating-ip: [10.61.93.205]
Content-Type: multipart/mixed; boundary="_004_C82C1BC28B35444B9D5EACB650F8B90Cciscocom_"
MIME-Version: 1.0
Archived-At: <http://mailarchive.ietf.org/arch/msg/anima-bootstrap/JaNCNwMkXtKWBjkUxYsYrNds4t8>
Cc: Michael Richardson <mcr+ietf@sandelman.ca>, "anima-bootstrap@ietf.org" <anima-bootstrap@ietf.org>, "Hedanping (Ana)" <ana.hedanping@huawei.com>
Subject: Re: [Anima-bootstrap] [Anima] Ownership Concept
X-BeenThere: anima-bootstrap@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Mailing list for the bootstrap design team of the ANIMA WG <anima-bootstrap.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/anima-bootstrap/>
List-Post: <mailto:anima-bootstrap@ietf.org>
List-Help: <mailto:anima-bootstrap-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/anima-bootstrap>, <mailto:anima-bootstrap-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 22 Jul 2015 13:04:28 -0000
Robert, good to meet you in person today. I’m picking up this old thread but any references I make concern the current version of the document as found here: https://tools.ietf.org/html/draft-pritikin-anima-bootstrapping-keyinfra-02 The bootstrap design team wiki is here: http://trac.tools.ietf.org/wg/anima/trac/wiki/Bootstrap Please *please* feel free to join the mailing list and/or meetings. The feedback is appreciated even as I admit this thread petered out. I’ve modified this thread to go to the bootstrap design team rather than anima at large. Anyway, back to the thread, On Apr 1, 2015, at 12:10 PM, Robert Cragie <robert.cragie@gridmerge.com<mailto:robert.cragie@gridmerge.com>> wrote: Hi Max, Thanks for your responses. Further responses inline, bracketed by <RCC2></RCC2> Robert On 30/03/2015 18:03, Max Pritikin (pritikin) wrote: There are certainly cases where I can see this being used but conceptually it is not much different to a whitelist on the registrar. The registrar is owned and operated by the domain owner. The cloud service is not. I argue MASA substantially simplifies the threat model. <RCC>I see now that the purpose of the MASA service is not online whitelisting, and the difference in the domain authority and the MASA.</RCC> The only other operation it seems to do is to sign the domain certificate. But the registrar could also do this - so I guess this is really combining MASA and registrar in a single box. Either way, the NE has to have the domain public key, whether the MASA or the Registrar is authorised to issue domain certificates on behalf of the Domain CA and any other public keys relevant to the certificate chain. The MASA does not sign certs <RCC>So why is it called a "signing authority" then? Confusing. I can see it may sign authorisation tokes (see later). Correct, it is called the “manufacturer authorized signing authority (MASA)” because it is signing something, the authorization token, using an authorized key issued by the manufacturer trust anchor. Understood. It signs the “proof of logging” things we called “authorization tokens”. Please feel free to suggest terms that resonate. <RCC2>I think "authorization token" is fine. There needs to be more detail on the process, that's all.</RCC2> <RCC> So please explain the authorisation token in more detail and what leads to its generation. This is a bit more than just logging. The authorization token contains a signed statement to the device indicating that: a) the MASA is aware the device is joining this domain b) the MASA has logged information about how the device is joining this domain (e.g. was a nonce involved) It would be entirely fair to call this some sort of “proof of logging token” instead of an authorization token! s4.1.2: NE only joins a domain if an authorization token is provided. This behavior of the NE ensures that a log of the authorization token is also a log of every time the NE joins a domain. <RCC2>OK</RCC2> s4.3.2: Registrar only allows the device to join the domain if the devices history (e.g. the log information) doesn’t show it has joined Mallory’s domain. Or, if the registar doesn’t care, maybe it just doesn’t check. <RCC2>I would imagine Mallory's purpose is to manipulate the joining to make it look as if the NE didn't join Mallory's domain. Right. And the device refusing to join Mallory’s domain until and ‘authorization token’ from the MASA server is presented provides a proof that logging has captured this event. This directly mitigates the threat that Mallory attempts to manipulate the NE to join without this being logged. I see that the MASA check is auxiliary and optional</RCC2> The current draft indicates that MASA verification of Mallory’s identity is mandated when nonce-less tokens are requested. But that this is optional the rest of the time with associated DoS risks as discussed in the security considerations. I’m totally open to improvements if we can meet the other requirements. s4.3.3: Registrar MUST claim the device, obtaining an authorization token and ensuring a log entry is generated, in order to get the device to trust it. <RCC2>OK</RCC2> As far as I can see (and please correct me if I am wrong), the Mallory/honeypot detection isn't really shown in Figure 1. See Figure 2 here: https://tools.ietf.org/html/draft-pritikin-anima-bootstrapping-keyinfra-02#section-3 "[ still accept device?]” is a reference to the registrar verifying the log information, detecting Mallory and deciding what to do. The customer’s network can of course decide to ignore the security risk or to block the device from joining. In figure1 note that “device history log” and “authorization token” are sent to the Domain from the MASA. The Domain then decides “still accept device?” based on the log information. This is the Registrar checking for Mallory. If the log information shows an unknown/unexpected log entry then Mallory has been detected. It is still the Domain’s policy decision about continuing. For this to work, the NE would have to send details of the registrar it has received, presumably relayed by the registrar itself (OCSP)? The logging information from the MASA provides information about previous domains the NE has joined. If Mallory has compromised the NE then we can’t depend on the NE to expose this information. Ummm… didn’t follow you completely. I suggest keeping the log information in the cloud and delivering it to the registrar from there because I don’t trust the NE to reveal that it is has been corrupted by Mallory. <RCC2>I think what is missing is that the request needs to come from the NE and contain information about the Domain the NE thinks it is connecting to as well as the NE. Otherwise Mallory could successfully act as MITM and convince the NE that it is a legitimate domain. See attached diagrams.</RCC2> Then the MASA service sends a signed authorisation token back, attesting the validity of the Registrar. A honeypot would not be able to provide valid credentials so at that point would fail. Correct, the Mallory domain would have to contact the MASA to obtain a signed authorization token which ensures that the event has been logged. Diagram re-attached. In the MiTM diagram a couple of points stand out: a) the MiTM is acting exactly like the anima proxy b) the MiTM isn’t engaged in the exchange with MASA so the resulting authorization is for the ‘domain’ not the ‘MiTM’ c) The NE will reject the "!!MD information!!” because it is not signed by the same Trust Anchor as is indicated in the authorization token d) Enrollment with the MiTM will similarly fail The MiTM in this diagram is ultimately blocked from gaining control of NE but does successfully DoS the bootstrapping. Of course it could have done that by shipping packets to /dev/null (given the topology shown). Your suggestion to bind the domain identity (in the final diagram) also works to mitigate this threat. The reason I reject this, even though it is better at the mitigation, is that it prevents cases where the MASA service is contacted in advance in this (abbreviated) flow: .. Domain——> MASA .. Domain<— authz token MASA .. time passes, NE shipped NE—> Domain [air gap] MASA unreachable NE<—info Domain [air gap] MASA unreachable In this case the domain pre-fetches the MASA responses using the the nonceless method and can now present the token to the NE even when the MASA is unreachable or out of business. If this isn’t clear from the current doc it sounds like expanding on this requirement is a good working group task (update to the doc is in order). Thanks again for the conversation, - max If a honeypot tried to use a honeypot MASA, it wouldn't have the private key to sign the authorisation token so that would fail to. If the honeypot claims the MASA is unreachable - another failure. So I agree, a good way to simplify the threat model. </RCC> Regarding the honeypot (Mallory) attack - the NE is going to find out it's a honeypot as the honeypot will not be able to issue valid domain certificates. The NE can't identify a "valid" domain certificate so I don't believe this is correct. <RCC>It could if it were pre-provisioned with the Registrar's public key and Domain CA public key. As you point out, in Section 2, "As a service offering the MASA can incorporate many of the bootstrapping elements (such as the Registrar and the Domain CA) into the overall service." So surely in this case, there is no separation of CAs?</RCC> For any given domain one could do this. But it doesn’t work at scale or if the target domain isn’t known when the device leaves the vendor. <RCC2>All the more reason for the additional data needed at the beginning of the sequence (Domain ID sent to NE)</RCC2> Robert <draft-pritikin-anima-bootstrapping-keyinfra-diags.txt>
- Re: [Anima-bootstrap] [Anima] Ownership Concept Max Pritikin (pritikin)