IETF Logo Mail Archive

Re: [babel] hmac info model elements

Mahesh Jethanandani <mjethanandani@gmail.com> Thu, 03 January 2019 21:25 UTC

Return-Path: <mjethanandani@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 395CA130F0A for <babel@ietfa.amsl.com>; Thu, 3 Jan 2019 13:25:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3uBTIQPtH8WK for <babel@ietfa.amsl.com>; Thu, 3 Jan 2019 13:25:38 -0800 (PST)
Received: from mail-pf1-x444.google.com (mail-pf1-x444.google.com [IPv6:2607:f8b0:4864:20::444]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 550B9126BED for <babel@ietf.org>; Thu, 3 Jan 2019 13:25:38 -0800 (PST)
Received: by mail-pf1-x444.google.com with SMTP id c73so17228050pfe.13 for <babel@ietf.org>; Thu, 03 Jan 2019 13:25:38 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vZY6tQN+lalcVSg7cwDQsPRDXc1ANQDhOwu3qSeweN4=; b=UjbpTfZfkeoWs3SFFoXYzl5Yt4NBLPG2uYtKl90oDzfUl/uqpcRETGlC8kVutzV4bQ VI126n8K1viZ8ZExvllPZAw/PaUOw3MD4ai5gMLBWeTNp0ZN5nKsvZmMi/+aH3zWxnNK hgn5tez2IzB0Hy+gtIr9yhZj9zPtVzZWwSFMTJ42YfH8pmXQEdmFQ110IIm1rWdsvxw9 lVZp026q4N7JDsB5RM0lpGCzkR3BLoISmqSkHNN00fcaGThqv1YdjzrlnwJsVibdFvn7 hzY0wRZiWE5tJ5TbMteRsefwoov4gy2EHQnQwu659UTs/d0m1N1GcqWy1/HGsZ0uFHZk HVgA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=vZY6tQN+lalcVSg7cwDQsPRDXc1ANQDhOwu3qSeweN4=; b=BiFtdM3EfgT214Qkd70CGDAqK1fnPdjeqrZTVpci5DKMzUfAaE5KJEjuo2G891w7u/ 4QJRGGJCpl/mbDEfr2ZNWTwC3A80qbT0dt7WzPiyMw76StRPZNfqzVNiIxxKwiUsk2x/ FAKk+Dj5UKt5zaW8qgAoeSPwHeiDBgm3HXr0kuw6j6KXN4Lo33DYV/3nB7kzPOvI6TIt iKhrtrtINNqMvquelxLVMq5k+kplINWbulogYzCXxZ/p2vhWnVtBuAb7IkmRjfD9xrXI HBjwrGbIaYQ61Wp8upBJPbAw4TZM3Gq/0d4jyNWwG5YS/IPgF3bmgNqN/pH5CaDfNgHW ENTg==
X-Gm-Message-State: AJcUukcOtPy04R7pHDRTB9fEwi+pTFCLV5C16Ipq6EIV9FbqaJEnV4by 8JHJgYds4WbHlRufaShMSYk=
X-Google-Smtp-Source: ALg8bN4lPmSAgUgB0ScPANxqBXs55MAi4yEFNkX9EVgF8tYpv7KWMzQt0lGacwjfH63KOv7R7klJRA==
X-Received: by 2002:a62:c583:: with SMTP id j125mr50204791pfg.37.1546550737761; Thu, 03 Jan 2019 13:25:37 -0800 (PST)
Received: from [10.33.122.97] ([66.170.99.2]) by smtp.gmail.com with ESMTPSA id n70sm88513250pfi.185.2019.01.03.13.25.35 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 03 Jan 2019 13:25:36 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.1\))
From: Mahesh Jethanandani <mjethanandani@gmail.com>
In-Reply-To: <2D09D61DDFA73D4C884805CC7865E6114DF7EECB@GAALPA1MSGUSRBF.ITServices.sbc.com>
Date: Thu, 03 Jan 2019 13:25:35 -0800
Cc: Babel at IETF <babel@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <91CABBA9-DFC0-48C5-9A36-E2B12FC376D9@gmail.com>
References: <2D09D61DDFA73D4C884805CC7865E6114DF7EECB@GAALPA1MSGUSRBF.ITServices.sbc.com>
To: "STARK, BARBARA H" <bs7652@att.com>
X-Mailer: Apple Mail (2.3445.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/Wfxq3f9dng25Vz8t3hJdqwxdFmM>
Subject: Re: [babel] hmac info model elements
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Jan 2019 21:25:40 -0000


> On Jan 3, 2019, at 6:41 AM, STARK, BARBARA H <bs7652@att.com> wrote:
> 
> I'm looking at what's needed in the info model for HMAC.
> 
> I don't think the Index and PC of the Interface and Neighbor tables need to (or should) be exposed in the info model.
> We had discussed previously that keys should not be readable -- only add and delete keys. In this case, it's good for a non-readable parameter to have a "nickname" or index to reference it with. And it can be useful to know when the key was added. In my experience, these sorts of shared keys are modeled as strings.

I would think the keys are modeled as binary.

> Appendix A (incremental deployment and key rotation) indicates it should be possible to configure a mode where authenticated packets are sent but all packets are accepted.
> Multiple HMAC algorithms are possible. The draft doesn't say how the nodes know which algorithm is being used (if multiple are implemented). The draft does say that only one HMAC is calculated per key. Is it assumed the algorithm choice is configured?
> Should the challenge expiry timer be configurable?
> I've decided to have completely separate HMAC and DTLS objects, because they're very different now that I have detailed designs to work with.
> I'm adding an "operation" datatype to support key and cert manipulation. This is intended to be consistent with YANG "action" datatype.

Is the idea that there is both an input and an output expected for key and cert manipulation? If it is input only, i.e. configuring key and cert., then you would not need an action type. Having said that, in the examples you give below, I expect delete to be an action. 

I am not clear on the ‘check-key’ operation. I would expect that the device is either enabled or disabled to check for HMAC. If enabled, and when a packet is received, the receiver will compute the HMAC (using the key configured for it) on the packet and compare it what is in the packet. If the HMAC compariosn fails, the receiver will drop the packet, and log a count of dropped packets because of mismatch. Why would the management plane need to perform a ‘check-key’ operation?

> 
> Proposed HMAC model:
> add to top level information-obj:
> babel-hmac-algorithms (enumerated list of supported HMAC computation algorithms)
> 
> security-hmac-obj
>  security-hmac-enable (boolean: enable / disable this instance)
>  security-hmac-mode (Boolean: do or don't authenticate received packets)

I have the same question as Toke here.

>  security-hmac-algorithm (string: one of the supported HMAC algorithms)

You mean one of the enum values defined above.

Thanks for putting this together.

>  security-interfaces (string list of references to interfaces-obj: the interfaces this instance applies to; if empty, it applies to all interfaces)
>  security-add-hmac-key (operation: inputs (reference name, key))  
>     hmac-key-obj
>         key-name (string: reference name)
>         key-date (datetime: timestamp when key was added)
>         delete-key (operation)
>         check-key (operation: inputs (string, HMAC of string)) ; the node does its own HMAC computation of the input string and compares this to the input HMAC of string; if the computed and input HMAC are the same the operation succeeds.
> 
> Thoughts?
> Barbara
> 
> _______________________________________________
> babel mailing list
> babel@ietf.org
> https://www.ietf.org/mailman/listinfo/babel

Mahesh Jethanandani
mjethanandani@gmail.com

v2.23.0 | Report a Bug | By Email