Re: [babel] Some open HMAC issues
Juliusz Chroboczek <jch@irif.fr> Sun, 15 July 2018 11:25 UTC
Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A14C5130F65 for <babel@ietfa.amsl.com>; Sun, 15 Jul 2018 04:25:38 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Je_kFClVSZY6 for <babel@ietfa.amsl.com>; Sun, 15 Jul 2018 04:25:36 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 4A4B9130E25 for <babel@ietf.org>; Sun, 15 Jul 2018 04:25:36 -0700 (PDT)
Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/75695) with ESMTP id w6FBOq9c003690 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 15 Jul 2018 13:24:52 +0200
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/75695) with ESMTP id w6FBP4pl014439; Sun, 15 Jul 2018 13:25:04 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 4285CEB22E; Sun, 15 Jul 2018 13:25:33 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id WXCCq7kNz6LF; Sun, 15 Jul 2018 13:25:32 +0200 (CEST)
Received: from trurl.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id B5F1FEB200; Sun, 15 Jul 2018 13:25:29 +0200 (CEST)
Date: Sun, 15 Jul 2018 13:25:29 +0200
Message-ID: <87h8l0hhau.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Toke Høiland-Jørgensen <toke@toke.dk>
Cc: babel@ietf.org, Weronika Kołodziejak <weronika.kolodziejak@gmail.com>, Clara Dô <clarado_perso@yahoo.fr>
In-Reply-To: <87r2k495y0.fsf@toke.dk>
References: <87sh545st3.wl-jch@irif.fr> <87bmbb9jyw.fsf@toke.dk> <87sh4luzrn.wl-jch@irif.fr> <87r2k495y0.fsf@toke.dk>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Sun, 15 Jul 2018 13:24:52 +0200 (CEST)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Sun, 15 Jul 2018 13:25:05 +0200 (CEST)
X-Miltered: at korolev with ID 5B4B2F04.002 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-Miltered: at potemkin with ID 5B4B2F10.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5B4B2F04.002 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/<jch@irif.fr>
X-j-chkmail-Enveloppe: 5B4B2F10.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5B4B2F04.002 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Score: MSGID : 5B4B2F10.000 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/Dj_TLzLNl3KGzDRUWgbXHKh5c7U>
Subject: Re: [babel] Some open HMAC issues
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 15 Jul 2018 11:25:39 -0000
>> 2. Having nonces of arbitrary size implies dynamic allocation. At any >> rate, you need dynamic allocation for nonces, since they're >> short-lived and per-neighbour. > Not necessarily. When receiving a challenge request, you can just do > memcpy(outgoing_packet_buffer, incoming_packet_buffer, nonce->size). And > for the nonces you send yourself you know in advance what size they are > going to be, so you can just put a static buffer of that size in 'struct > neighbour'. Right on both counts. My bad. >> 3. You do want to allow tiny indices (unless we adopt Markus' proposal), >> since some implementations will want to save bytes on the wire by >> using a real-time clock. > Sure, that's fine. Should 0-size be allowed, or should we require at > least one byte? Allow it. The property that's required is that a node never reuses the same index with the same key -- one possible implementation strategy would be to perform key rotation whenever state has been lost, in which case 0-size indices would be fine. >> I haven't made an opinion yet on whether we want a limit to the size of >> indices. > Well, I think we should. My implementation will currently discard any PC > TLVs with an index longer than 10 bytes :) Hmm. I mean, hmm. >>> Or maybe just forgo the complexity entirely and make the index a >>> fixed size; you just know that someone is going to pick a way too >>> small value and make themselves susceptible to replay attacks at some >>> point... >> >> Disagreed. > Right, fair enough. As long as the danger of replay attacks is spelled > out clearly in the draft I guess we can trust implementors to not do > something stupid... More implementation guidance is needed in the draft, granted. -- Juliusz
- Re: [babel] Some open HMAC issues Markus Stenberg
- [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues David Schinazi
- Re: [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen
- Re: [babel] Some open HMAC issues David Schinazi
- Re: [babel] Some open HMAC issues David Schinazi
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen
- Re: [babel] Some open HMAC issues David Schinazi
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen
- Re: [babel] Some open HMAC issues Dave Taht
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen
- Re: [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues David Schinazi
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen
- Re: [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen
- Re: [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues David Schinazi
- [babel] Packet trailer [was: Some open HMAC issue… Juliusz Chroboczek
- Re: [babel] Packet trailer [was: Some open HMAC i… David Schinazi
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen
- Re: [babel] Packet trailer [was: Some open HMAC i… Toke Høiland-Jørgensen
- Re: [babel] Some open HMAC issues Juliusz Chroboczek
- Re: [babel] Some open HMAC issues Toke Høiland-Jørgensen