[babel] HMAC routerid->key mappings?
Dave Taht <dave.taht@gmail.com> Sat, 01 December 2018 19:52 UTC
Return-Path: <dave.taht@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C834F130E4B for <babel@ietfa.amsl.com>; Sat, 1 Dec 2018 11:52:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0DGPS9LWGWYs for <babel@ietfa.amsl.com>; Sat, 1 Dec 2018 11:52:56 -0800 (PST)
Received: from mail-qt1-x834.google.com (mail-qt1-x834.google.com [IPv6:2607:f8b0:4864:20::834]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id AE68B130E46 for <babel@ietf.org>; Sat, 1 Dec 2018 11:52:56 -0800 (PST)
Received: by mail-qt1-x834.google.com with SMTP id k12so9691240qtf.7 for <babel@ietf.org>; Sat, 01 Dec 2018 11:52:56 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=rML4Bj3bDFrCuvdEjagMY+VsQVcLGYshJtb/S7Sy0jA=; b=JRnDgOSiXkY6y+uap4XJRdQEM0kVd2hG6RyqeeghcXdaOtqm8VWIaPPvQ47BL/eUZB bgL9mDEfPKMIP9RkAYzLeKR385tivpWmuDR+OHtBWxF1fVdbAH1NUSOi9DMnWBX3vgoD YRllVqi8UqlL7A9tzgGsKiRtBsCFQg+5UkWQz1ECvzBXcGh/WgJn5724/KiA7zdW1g5y RuQGYWNDeJ7XbLao+IJCKuc1vi7S7fI/oFzigBlaA2H4S7XwWRIK90G++pP5LhdqhtZl EPSkHnVk7fpgBJKt5WDToTRdv0SxlYixjSyZNQdS5HFn4vritHqjWhento7LWpKBOVKG +6NA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to :content-transfer-encoding; bh=rML4Bj3bDFrCuvdEjagMY+VsQVcLGYshJtb/S7Sy0jA=; b=n1VUUu8vgnP28A2M4eYd6NWpvKy2FpiXXbjnyUfRhhWZRVlLZT5p2yw753AWn/wXtO N7OAJE67tdpTtNL9FHVJ0jjZalPqkT82Q2CFF4QfV6+JdQ8QcEz/oPrZwNhq9OegOH/B HkzMm6+7tmaGf+U2yuyYFag2EOaHI5x0ujY0wUFhq/2jARcPr+uZT23/33CmiNlsS0qn Vlx6jEEvx1pPsVrxTlJCtUrqkj3XTBV3w5grJU+GUwmsDLR7/i8N1mrTty5QSsi8SBds UtFfChfOlTteLD6wHAvUDzTOaDkPRRg8lWmvxJy8/+vv5xKRdYy4oJug11sW5o4iJuyz Szgg==
X-Gm-Message-State: AA+aEWYOpUNEDmr3EJcu3MeSx9KLhDR6w1RQIMMQhiAJB1lJYVNRs8HA WS5T16b54EgOi2qLEqRR3qt5V+5rW3rCqnhcV20PnPKt
X-Google-Smtp-Source: AFSGD/VLyDDhNMpCZ+niAtJTaXIvB9kGnulYTGELBS0guufOJr1iI1SlVVxDHMO/JXpWgliF4BSUOpRYbG3SZfiB60A=
X-Received: by 2002:ac8:2e6a:: with SMTP id s39mr10299382qta.355.1543693975610; Sat, 01 Dec 2018 11:52:55 -0800 (PST)
MIME-Version: 1.0
From: Dave Taht <dave.taht@gmail.com>
Date: Sat, 01 Dec 2018 11:52:43 -0800
Message-ID: <CAA93jw4cO2B8uNiw8_zEHZZrNEDe4zk=W8tvZoQJbRcmpd=Wgw@mail.gmail.com>
To: babel-users <babel-users@lists.alioth.debian.org>, Babel at IETF <babel@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/SucjAQH7JMIKMLRQ7F661iDM5CU>
Subject: [babel] HMAC routerid->key mappings?
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 01 Dec 2018 19:52:59 -0000
in reading over and attempting to deploy the hmac specification, I think the code, at least, currently misses an optimization, and perhaps the spec needs a tweak... as keys (currently) protect each interface, not each router association... It protects a single domain from (some) internal attacks. It protects a p2p interchange consider, instead a case where you are dropping a bunch of networks into an information interchange (call it "BIX"[1]), where a bunch of networks have agreed to interconnect, over a single "wire", much like how BGP network interchanges work today. Key exchange here, in the BGP world, is on a per-router, not per-interface, basis. Net A Net B Net C Net D Net E | | | | | ------------------------------------------ | | | | | F G H I J As per the spec: "When a node A receives a packet over an interface that requires cryptographic protection, it independently computes a set of HMACs and compares them to the HMACs appended to the packet; if there is no match, the packet is discarded." It is unwise to share one key with all interchangers. Co-ordinating a key rollover with that many different entities on that wire is hard. Using specific keys instead for each of the A-F, A-G, A-B, etc, associations limits the geometric growth and security vulnerabilities. A) while we can append quite a few HMACs in a hello, at some point, when an interchange's hmacs grows past the size of a packet, we run out of space. What happens? Can we resend that hello with even more HMAC's attached, and win? B) As an optimization, unicast transfers can just be hmac'd with the keys defined for that routerid association. So if the code (in addition to protecting interfaces) could also (or instead of interfaces) associate keys to routerids, we scale to this scenario. Alternatively we could just say: 1) Use BGP instead at large interchanges 2) Use DTLS 3) Use a minimal number for all associations on an interface scaled to the max size of hello + ihu + hmacs [1] I have fond memories of the original BIX from byte magazine -- Dave Täht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740
- [babel] HMAC routerid->key mappings? Dave Taht
- Re: [babel] HMAC routerid->key mappings? Juliusz Chroboczek
- Re: [babel] HMAC routerid->key mappings? Dave Taht
- Re: [babel] HMAC routerid->key mappings? Juliusz Chroboczek