IETF Logo Mail Archive

Re: [babel] WG adoption call for draft-do-babel-hmac (7/19 - 8/6)

Juliusz Chroboczek <jch@irif.fr> Sun, 29 July 2018 10:41 UTC

Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EC4C612F295 for <babel@ietfa.amsl.com>; Sun, 29 Jul 2018 03:41:03 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZoB58PtVB-MI for <babel@ietfa.amsl.com>; Sun, 29 Jul 2018 03:41:01 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8E346127148 for <babel@ietf.org>; Sun, 29 Jul 2018 03:41:01 -0700 (PDT)
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/75695) with ESMTP id w6TAe8Z4015146; Sun, 29 Jul 2018 12:40:08 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id B2F80EB22D; Sun, 29 Jul 2018 12:40:59 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id ENPxxeGkC7ty; Sun, 29 Jul 2018 12:40:58 +0200 (CEST)
Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id D67C8EB200; Sun, 29 Jul 2018 12:40:56 +0200 (CEST)
Date: Sun, 29 Jul 2018 12:40:56 +0200
Message-ID: <87lg9ufhon.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Markus Stenberg <markus.stenberg@iki.fi>
Cc: Babel at IETF <babel@ietf.org>
In-Reply-To: <61BD929A-C731-422C-875A-BDF31139A385@iki.fi>
References: <CAF4+nEEubyH7dHmPpdO3P-G-ma3GtVynpGm6=iy_44Ef5wCM_w@mail.gmail.com> <C94064CD-72E9-4D16-AFFE-9F744D5AD409@iki.fi> <87muubhszo.wl-jch@irif.fr> <7432C9DE-664D-4264-B862-0BD4459DA82B@iki.fi> <61BD929A-C731-422C-875A-BDF31139A385@iki.fi>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Sun, 29 Jul 2018 12:40:09 +0200 (CEST)
X-Miltered: at korolev with ID 5B5D9988.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5B5D9988.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5B5D9988.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/JVWrU94DUaue4PEFvStE74JuJtc>
Subject: Re: [babel] WG adoption call for draft-do-babel-hmac (7/19 - 8/6)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 29 Jul 2018 10:41:04 -0000

>> That said, this design leads to N times more efficient CPU DOS
>> (non-accelerated SHA256 on slow CPU times MTU worth of HMACs = quite
>> a lot of computation on low-end devices). Then again, I am not sure it
>> really matters (and implementation can constrain that as they want to
>> anyway).

> Not even that actually, as long as you keep reasonably low number of
> keys on a device (ideally only one);

Exactly.  Section 1.1 says

    The protocol is inapplicable in situations where [...] large numbers
    of trusted keys are provisioned on a single link at the same time.

and Section 4.3 says

    The HMAC of the packet MUST NOT be computed for each HMAC TLV
    contained in the packet, but only once for each configured key.

I'll see if it can be made clearer.

That being said -- Denis Ovsienko and David Schinazi have suggested that
the HMAC should be associated with a key-id, a small integer that allows
matching provisioned keys with in-packet keys.  I'm not a big fan, but I'm
willing to add it to the document if people feel strongly about it.

-- Juliusz

v2.23.0 | Report a Bug | By Email