Re: [babel] HMAC and DTLS cryptographic state can be maintained indefinitely

Toke Høiland-Jørgensen <toke@toke.dk> Sat, 22 December 2018 15:55 UTC

Return-Path: <toke@toke.dk>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D5BAC12785F for <babel@ietfa.amsl.com>; Sat, 22 Dec 2018 07:55:43 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=toke.dk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 47WxKGHDotab for <babel@ietfa.amsl.com>; Sat, 22 Dec 2018 07:55:41 -0800 (PST)
Received: from mail.toke.dk (mail.toke.dk [52.28.52.200]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id ACB891277D2 for <babel@ietf.org>; Sat, 22 Dec 2018 07:55:41 -0800 (PST)
From: Toke Høiland-Jørgensen <toke@toke.dk>
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=toke.dk; s=20161023; t=1545494108; bh=xl+/TUV6rz/vlwY+tIFuo26bBwGYhw4R/xZlT3TrXXE=; h=From:To:Subject:In-Reply-To:References:Date:From; b=epNzWNhrt+PQLmd0KAMfyarn32U63yTkScrkOoX3afbyWLDTwG1g/whq4bacXLdub p/qmMQi975oGYOvjNHqt9YSaR5okTZZuDyPco7tKYtCuWEdFN8GX8oqCHLnPrZ70tJ cg2BATbtpj7GxFubzjvfTY4niGeI6Xs6GCnAlhUjM8Ljevd/6RECVpBV9ygvgFy7De pPAm4sRecGVHXpN31Ywovf7RMFGOahWW2GcU9MfhNwJ7A3u0wSh8hHEmWQHQ9cTSQJ /SAwbrGzvBXQ0HCu/hiCGNIdHTmPb4QrQboAfhdzZO5R2BIpNcWAwScOPTNE5OF+Ih NrjVzbVlqyWAg==
To: Juliusz Chroboczek <jch@irif.fr>, babel@ietf.org
In-Reply-To: <87lg4hlg50.wl-jch@irif.fr>
References: <87lg4hlg50.wl-jch@irif.fr>
Date: Sat, 22 Dec 2018 16:55:07 +0100
X-Clacks-Overhead: GNU Terry Pratchett
Message-ID: <87y38hftes.fsf@toke.dk>
MIME-Version: 1.0
Content-Type: text/plain
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/t7fLhhO2Bma0LfeRMtYd-k_MdJc>
Subject: Re: [babel] HMAC and DTLS cryptographic state can be maintained indefinitely
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 22 Dec 2018 15:55:44 -0000

Juliusz Chroboczek <jch@irif.fr> writes:

> In HMAC, Hellos are authentified, so it is an easy matter to simply
> discard the cryptographic state (but not the neighbour entry) whenever the
> Hello history becomes empty.  I am planning to add wording to that effect
> to Section 4.1 of the draft:
>
>   The receiver MUST ensure that the cryptographic state (index and seqno)
>   is discarded after no packet has been accepted for the sender for
>   a bounded time.  A simple solution is to discard the index and seqno
>   whenever the both hello histories in the neighbour entry becomes empty
>   (see Appendix A of RFC6126bis); another solution is to discard the index
>   and seqno after a fixed time interval (e.g. 5 minutes) has elapsed since
>   the last accepted packet.

I have no objections to this :)

-Toke