IETF Logo Mail Archive

Re: [babel] hmac info model elements

Dave Taht <dave.taht@gmail.com> Fri, 04 January 2019 20:02 UTC

Return-Path: <dave.taht@gmail.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 821E9130EC0 for <babel@ietfa.amsl.com>; Fri, 4 Jan 2019 12:02:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1
X-Spam-Level:
X-Spam-Status: No, score=-1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1fd1qSAAlaDK for <babel@ietfa.amsl.com>; Fri, 4 Jan 2019 12:02:48 -0800 (PST)
Received: from mail-qt1-x830.google.com (mail-qt1-x830.google.com [IPv6:2607:f8b0:4864:20::830]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 14D0E130EC7 for <babel@ietf.org>; Fri, 4 Jan 2019 12:02:44 -0800 (PST)
Received: by mail-qt1-x830.google.com with SMTP id e5so41565675qtr.12 for <babel@ietf.org>; Fri, 04 Jan 2019 12:02:44 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=ZGF72+rzkq+e91cmdBH31kdtS3hQLuHtgYEsbzwB8uo=; b=ahwD8xAzN111n3GIiO6630IOSCJ0dWzijoVaEZwE9b44qKVOojf2Snz+NJKdXdu8Qd 1JYHQA2vYyLim2GzfBkymfTzp+G0xXbOCV4gvPIg8YNmx9S8p/varda2Zk7J3aShKWZF TS77v+Gye4U7JxumKmJaJ34pTW1DG3Y0OBbIuihnJdnIg3JwDIYntPI4RntGrDN8fvC3 Pdcz+81L/qDTq4KTqlmcOfaBVDR68z32PU7uXgnMlGJGEHZp4x4TNtEgGZuxiREG8RL+ +Sdgl46uCWHd61MkPHskkgI+0kLWPRpGNmuCVEMF+9k/fykgd7eDKwmkOhQtvhUIM9RA EfRQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=ZGF72+rzkq+e91cmdBH31kdtS3hQLuHtgYEsbzwB8uo=; b=BXNUILAI6SlEyTfTSCTPr+oAf90BYYoPdZn1QDUfzyqjSwUWIGhgAEws7qCOWntoKE bEYzVVfLuoAn4UVVHja+AivX1xKZ0isiG+5aDmeDpzdK8OfnV6Ol4z3Uu9UfhTK2HmLt TNARhYnleBWMWdPIHBxZs7C7lIF14fI4GDQjdSk4vCgFU9szXdWqRqFskeUJ26BFyuPS AHD0xO0OFaRLkf3AhacCbCcdO809qcy9nszdCh9cAYArN+iacWQw8yjuOCRm0AbEgG4a +7r20mnumhY1Vv32gauGOaqeDAFr4tdT4DatFfoVyUIxLFXsbjMGAbNYAjvi68tWAVEO MDBw==
X-Gm-Message-State: AA+aEWYd5D9qaCCNrKuf2N0bM1WIMxITvIPJzRW/xIIvc4rmYSS9epa/ bUq4c3YtdRMkmHaNWEGDbdSkvzW/M7sVY+XsB1s=
X-Google-Smtp-Source: AFSGD/XdsnducWudcN8qOsoEtXdUgHbZQTOOe+1FKoCaYX8qQTWF7hlyCeQGy8Laab+1xauATqsZ1BffJYCYypd8yg4=
X-Received: by 2002:ac8:326a:: with SMTP id y39mr51807220qta.175.1546632162905; Fri, 04 Jan 2019 12:02:42 -0800 (PST)
MIME-Version: 1.0
References: <2D09D61DDFA73D4C884805CC7865E6114DF7EECB@GAALPA1MSGUSRBF.ITServices.sbc.com> <91CABBA9-DFC0-48C5-9A36-E2B12FC376D9@gmail.com> <2D09D61DDFA73D4C884805CC7865E6114DF8354B@GAALPA1MSGUSRBF.ITServices.sbc.com>
In-Reply-To: <2D09D61DDFA73D4C884805CC7865E6114DF8354B@GAALPA1MSGUSRBF.ITServices.sbc.com>
From: Dave Taht <dave.taht@gmail.com>
Date: Fri, 04 Jan 2019 12:02:30 -0800
Message-ID: <CAA93jw6fUrEjUvN4xc_1Q1d+b6spUuVVWK3p7AO9yNt1Uudhyg@mail.gmail.com>
To: "STARK, BARBARA H" <bs7652@att.com>
Cc: Mahesh Jethanandani <mjethanandani@gmail.com>, Babel at IETF <babel@ietf.org>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/tJVWKlbInEFwB9P7TG_JAIavxSs>
Subject: Re: [babel] hmac info model elements
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2019 20:02:56 -0000

On Fri, Jan 4, 2019 at 11:54 AM STARK, BARBARA H <bs7652@att.com> wrote:
>
> > > We had discussed previously that keys should not be readable -- only add
> > and delete keys. In this case, it's good for a non-readable parameter to have
> > a "nickname" or index to reference it with. And it can be useful to know
> > when the key was added. In my experience, these sorts of shared keys are
> > modeled as strings.
> >
> > I would think the keys are modeled as binary.
>
> That depends on how we generally expect the keys to be generated. If we think they'll be randomly generated by a centralized machine, then binary makes sense. If we think they'll be created by a human being who will input them through a keyboard, then string makes sense. I was thinking the latter would be more common. I'm curious what others think?

What I wanted was a representation that was standard and unambiguous.
0xdeadbeef for a hex representation, base64
(https://tools.ietf.org/html/rfc4648#page-7) or (
http://docs.ros.org/diamondback/api/wpa_supplicant/html/base64_8c.html
) for all else.
> > > Appendix A (incremental deployment and key rotation) indicates it should
> > be possible to configure a mode where authenticated packets are sent but all
> > packets are accepted.
> > > Multiple HMAC algorithms are possible. The draft doesn't say how the
> > nodes know which algorithm is being used (if multiple are implemented). The
> > draft does say that only one HMAC is calculated per key. Is it assumed the
> > algorithm choice is configured?
> > > Should the challenge expiry timer be configurable?
> > > I've decided to have completely separate HMAC and DTLS objects, because
> > they're very different now that I have detailed designs to work with.
> > > I'm adding an "operation" datatype to support key and cert manipulation.
> > This is intended to be consistent with YANG "action" datatype.
> >
> > Is the idea that there is both an input and an output expected for key and
> > cert manipulation? If it is input only, i.e. configuring key and cert., then you
> > would not need an action type. Having said that, in the examples you give
> > below, I expect delete to be an action.
>
> The only output needed is the result of the operation (success or failure).
> As I think about why BBF went with an operation for adding/deleting a X.509 cert, I realize it had to do with things related to its being an X.509 cert and not a "credential". So I think I agree with you here that for an HMAC key, the regular model manipulation mechanisms are fine (including for delete) and the key can just be noted as non-readable.
>
> > I am not clear on the ‘check-key’ operation. I would expect that the device is
> > either enabled or disabled to check for HMAC. If enabled, and when a packet
> > is received, the receiver will compute the HMAC (using the key configured
> > for it) on the packet and compare it what is in the packet. If the HMAC
> > compariosn fails, the receiver will drop the packet, and log a count of
> > dropped packets because of mismatch. Why would the management plane
> > need to perform a ‘check-key’ operation?
>
> We're making the key non-readable, once written. The check-key operation gives the router something to hash, and a hash of that something that you've created on your end (using what you think the key is), and asks the router if the hash it creates is the same as the hash you created. If yes, then you know (1) the key is what you think it is, and (2) the hash is being computed using the algorithm you think it is using. If the HMAC comparison is consistently failing, this can be a useful troubleshooting mechanism (especially when setting up a new network using routers with different implementations). Just knowing the packet is getting dropped doesn't tell you much. There are many things that could cause droppage.
> But this would be optional to support. And I won't insist on it if others don't think it's a good idea.
> It's similar to a fingerprint comparison done for an X.509 certificate.
>
> > > Proposed HMAC model:
> > > add to top level information-obj:
> > > babel-hmac-algorithms (enumerated list of supported HMAC computation
> > > algorithms)
> > >
> > > security-hmac-obj
> > >  security-hmac-enable (boolean: enable / disable this instance)
> > > security-hmac-mode (Boolean: do or don't authenticate received
> > > packets)
> >
> > I have the same question as Toke here.
>
> OK. I've sent a reply to Toke's email.
>
> > >  security-hmac-algorithm (string: one of the supported HMAC
> > > algorithms)
> >
> > You mean one of the enum values defined above.
>
> Yes.
>
> > Thanks for putting this together.
> >
> > >  security-interfaces (string list of references to interfaces-obj: the
> > > interfaces this instance applies to; if empty, it applies to all interfaces)
> > security-add-hmac-key (operation: inputs (reference name, key))
> > >     hmac-key-obj
> > >         key-name (string: reference name)
> > >         key-date (datetime: timestamp when key was added)
> > >         delete-key (operation)
> > >         check-key (operation: inputs (string, HMAC of string)) ; the node does
> > its own HMAC computation of the input string and compares this to the input
> > HMAC of string; if the computed and input HMAC are the same the operation
> > succeeds.
> > >
> > > Thoughts?
> > > Barbara
> > >
> > > _______________________________________________
> > > babel mailing list
> > > babel@ietf.org
> >
> > Mahesh Jethanandani
> > mjethanandani@gmail.com
> _______________________________________________
> babel mailing list
> babel@ietf.org
> https://www.ietf.org/mailman/listinfo/babel



-- 

Dave Täht
CTO, TekLibre, LLC
http://www.teklibre.com
Tel: 1-831-205-9740

v2.23.0 | Report a Bug | By Email