IETF Logo Mail Archive

Re: [babel] hmac info model elements

Dave Taht <dave.taht@gmail.com> Mon, 07 January 2019 17:06 UTC

Return-Path: <dave.taht@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A557C130F7F for <babel@ietfa.amsl.com>; Mon, 7 Jan 2019 09:06:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o5-CV963TRNA for <babel@ietfa.amsl.com>; Mon, 7 Jan 2019 09:06:30 -0800 (PST)
Received: from mail-qt1-x836.google.com (mail-qt1-x836.google.com [IPv6:2607:f8b0:4864:20::836]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A60B7130F72 for <babel@ietf.org>; Mon, 7 Jan 2019 09:06:30 -0800 (PST)
Received: by mail-qt1-x836.google.com with SMTP id d19so1211506qtq.9 for <babel@ietf.org>; Mon, 07 Jan 2019 09:06:30 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=C7dChZcKnLw85I+mt+Ve0q76XYGvHcAke66R1PWGwm0=; b=qmEzjKNVF+B0+mbrd2MNsQXfIFOXngq8ifL0EV5W+PP6o8huVEl7JHiYm94Vi5kZNK cgNlSy18x/tyDz+gNOselt7c+rm3eshv7wecWMMqiVRTAtxZKPRlrW4SkXl0ylGD6qBh WIbM9okGybcJzy3zwocVOqbzOlUUSVTXShG7UQwC9wD2zsaoWKsqviJO5BRqZuqM8Xqm M524fXlfuQa3DqzdYo3MGSRwBncNNp9Us7L5yZNAThwRKTPAWO7uPQTaFQez+d9aliUR Cnw/TPh4eIkpglnHA+jUvrEyfU+t2Vh0jXpfWlb5HHNfhldzYX2WTuu/hQQpWaq1uNUK RYRA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=C7dChZcKnLw85I+mt+Ve0q76XYGvHcAke66R1PWGwm0=; b=SxYjGbpXTr08NZSLGRbPGssMvPYKEOWy9h7KWkGbok90mrc9dcY2adilfhY6oXTjlK CbPqZ0REzAh4Oge1upYWjibVtMBk2EFEsDzXVbDG76F2YUl5M+s1juSpPjskA6ngfc4F 7tFUY/QVfrHTJE/I4MU6fIBymHSxo80MVm3roFuTHjlJB1cLMhZBXlzyIRfNS4+njIMe HaCHBORTJr0k5hrlq1akZvHroGjfo78OfGn36wUXYVSjmx/61SulAKVOrk/3ZHidkpY1 9RI89fIs6UmMEydQGQ+8vLVMechNiiindlBUti7XnFTQhGtveahXA42us4mWyw5kHlPn 8sAA==
X-Gm-Message-State: AA+aEWb6cNpr4vTJ3twKsE9pkBoWOHMa44qw8tnJRfznZqh8slTCGcOz YWnu2yyfOQOO+hJU7J3GL5ve2bl7vSsFtOGB0Xs=
X-Google-Smtp-Source: ALg8bN7GHMADHiPiO6Cvq0b8h9wPilQzjMfSTGFWmlBEPJDV0SeEsIlcjwpGxmA7/cSLRKOaFqhrFLUkYB7F+ZF3qVM=
X-Received: by 2002:ac8:5314:: with SMTP id t20mr59279693qtn.328.1546880789483; Mon, 07 Jan 2019 09:06:29 -0800 (PST)
MIME-Version: 1.0
References: <2D09D61DDFA73D4C884805CC7865E6114DF7EECB@GAALPA1MSGUSRBF.ITServices.sbc.com> <91CABBA9-DFC0-48C5-9A36-E2B12FC376D9@gmail.com> <2D09D61DDFA73D4C884805CC7865E6114DF8354B@GAALPA1MSGUSRBF.ITServices.sbc.com> <87tvio2i9l.wl-jch@irif.fr> <2D09D61DDFA73D4C884805CC7865E6114DF8669E@GAALPA1MSGUSRBF.ITServices.sbc.com> <87k1jgwhlz.fsf@toke.dk>
In-Reply-To: <87k1jgwhlz.fsf@toke.dk>
From: Dave Taht <dave.taht@gmail.com>
Date: Mon, 07 Jan 2019 09:06:16 -0800
Message-ID: <CAA93jw6QR4_035Q7c44hg+gQaG-9riBj5uDbo=0ahxXBwVFG6g@mail.gmail.com>
To: Toke Høiland-Jørgensen <toke@toke.dk>
Cc: "STARK, BARBARA H" <bs7652@att.com>, Juliusz Chroboczek <jch@irif.fr>, Mahesh Jethanandani <mjethanandani@gmail.com>, Babel at IETF <babel@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/pHS9hDK0Ezy7kyhu9aftnEilCZw>
Subject: Re: [babel] hmac info model elements
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 07 Jan 2019 17:06:33 -0000

On Mon, Jan 7, 2019 at 8:35 AM Toke Høiland-Jørgensen <toke@toke.dk> wrote:
>
> "STARK, BARBARA H" <bs7652@att.com> writes:
>
> > Toke said: "Bird uses an unencoded string..."
> > <bhs> I'm not sure what "unencoded" means here? But this sounds like
> > maybe the entered string is a "passphrase" / PSK, like what's used for
> > Wi-Fi, which is then used to derive the HMAC key using Unicode
> > encoding?
>
> Nope, no derivation, just the raw ASCII bytes from the string used as an
> HMAC key, zero-padded to the block size. Unless the supplied ASCII
> string is longer than the block size, in which case it is hashed
> first.

^^^^^^ ???? So you are saying an overlong key is transmuted into
something else entirely, not truncated?

> However, looking at the code again, this is actually controlled by the
> protocol, so if we were to specify something different for Babel, that
> would be doable as well... And I think agreeing on a mechanism would
> probably be a good idea to ensure interoperability.

yea!

Maybe I'm old, but the WEP failure vs the WPA success came down in
part to the human readability of the key.

(I note that I'm actually unhappy we ended up with encrypted wifi
itself, as it's bad for spectrum management etc, but not today)

>
> -Toke
>
> _______________________________________________
> babel mailing list
> babel@ietf.org
> https://www.ietf.org/mailman/listinfo/babel



-- 

Dave Täht
CTO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-831-205-9740

v2.23.0 | Report a Bug | By Email