IETF Logo Mail Archive

Re: [babel] hmac info model elements

"STARK, BARBARA H" <bs7652@att.com> Fri, 04 January 2019 19:54 UTC

Return-Path: <bs7652@att.com>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 17C14130E89 for <babel@ietfa.amsl.com>; Fri, 4 Jan 2019 11:54:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.601
X-Spam-Level:
X-Spam-Status: No, score=-2.601 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yOaTBVOs5BtM for <babel@ietfa.amsl.com>; Fri, 4 Jan 2019 11:54:44 -0800 (PST)
Received: from mx0a-00191d01.pphosted.com (mx0a-00191d01.pphosted.com [67.231.149.140]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C271D130E85 for <babel@ietf.org>; Fri, 4 Jan 2019 11:54:42 -0800 (PST)
Received: from pps.filterd (m0049287.ppops.net [127.0.0.1]) by m0049287.ppops.net-00191d01. (8.16.0.22/8.16.0.22) with SMTP id x04JmgHq044937; Fri, 4 Jan 2019 14:54:42 -0500
Received: from alpi154.enaf.aldc.att.com (sbcsmtp6.sbc.com [144.160.229.23]) by m0049287.ppops.net-00191d01. with ESMTP id 2ptd1thq9p-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Fri, 04 Jan 2019 14:54:41 -0500
Received: from enaf.aldc.att.com (localhost [127.0.0.1]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id x04Jsew8026584; Fri, 4 Jan 2019 14:54:40 -0500
Received: from zlp30487.vci.att.com (zlp30487.vci.att.com [135.47.91.176]) by alpi154.enaf.aldc.att.com (8.14.5/8.14.5) with ESMTP id x04JsYE1026469; Fri, 4 Jan 2019 14:54:34 -0500
Received: from zlp30487.vci.att.com (zlp30487.vci.att.com [127.0.0.1]) by zlp30487.vci.att.com (Service) with ESMTP id 290A34014055; Fri, 4 Jan 2019 19:54:34 +0000 (GMT)
Received: from GAALPA1MSGHUBAB.ITServices.sbc.com (unknown [130.8.218.151]) by zlp30487.vci.att.com (Service) with ESMTPS id 12EC840006BF; Fri, 4 Jan 2019 19:54:34 +0000 (GMT)
Received: from GAALPA1MSGUSRBF.ITServices.sbc.com ([169.254.5.5]) by GAALPA1MSGHUBAB.ITServices.sbc.com ([130.8.218.151]) with mapi id 14.03.0415.000; Fri, 4 Jan 2019 14:54:33 -0500
From: "STARK, BARBARA H" <bs7652@att.com>
To: 'Mahesh Jethanandani' <mjethanandani@gmail.com>
CC: Babel at IETF <babel@ietf.org>
Thread-Topic: [babel] hmac info model elements
Thread-Index: AdSi6E9jJwLKz5kXQlCy2NNONpdJZQA7HaOAAB1GhjA=
Date: Fri, 04 Jan 2019 19:54:32 +0000
Message-ID: <2D09D61DDFA73D4C884805CC7865E6114DF8354B@GAALPA1MSGUSRBF.ITServices.sbc.com>
References: <2D09D61DDFA73D4C884805CC7865E6114DF7EECB@GAALPA1MSGUSRBF.ITServices.sbc.com> <91CABBA9-DFC0-48C5-9A36-E2B12FC376D9@gmail.com>
In-Reply-To: <91CABBA9-DFC0-48C5-9A36-E2B12FC376D9@gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [135.70.254.227]
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2019-01-04_09:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_policy_notspam policy=outbound_policy score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1901040168
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/xK9McL3OBkUEc_lUnyC8gBdL2eQ>
Subject: Re: [babel] hmac info model elements
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Jan 2019 19:54:46 -0000

> > We had discussed previously that keys should not be readable -- only add
> and delete keys. In this case, it's good for a non-readable parameter to have
> a "nickname" or index to reference it with. And it can be useful to know
> when the key was added. In my experience, these sorts of shared keys are
> modeled as strings.
> 
> I would think the keys are modeled as binary.

That depends on how we generally expect the keys to be generated. If we think they'll be randomly generated by a centralized machine, then binary makes sense. If we think they'll be created by a human being who will input them through a keyboard, then string makes sense. I was thinking the latter would be more common. I'm curious what others think?
 
> > Appendix A (incremental deployment and key rotation) indicates it should
> be possible to configure a mode where authenticated packets are sent but all
> packets are accepted.
> > Multiple HMAC algorithms are possible. The draft doesn't say how the
> nodes know which algorithm is being used (if multiple are implemented). The
> draft does say that only one HMAC is calculated per key. Is it assumed the
> algorithm choice is configured?
> > Should the challenge expiry timer be configurable?
> > I've decided to have completely separate HMAC and DTLS objects, because
> they're very different now that I have detailed designs to work with.
> > I'm adding an "operation" datatype to support key and cert manipulation.
> This is intended to be consistent with YANG "action" datatype.
> 
> Is the idea that there is both an input and an output expected for key and
> cert manipulation? If it is input only, i.e. configuring key and cert., then you
> would not need an action type. Having said that, in the examples you give
> below, I expect delete to be an action.

The only output needed is the result of the operation (success or failure). 
As I think about why BBF went with an operation for adding/deleting a X.509 cert, I realize it had to do with things related to its being an X.509 cert and not a "credential". So I think I agree with you here that for an HMAC key, the regular model manipulation mechanisms are fine (including for delete) and the key can just be noted as non-readable.
 
> I am not clear on the ‘check-key’ operation. I would expect that the device is
> either enabled or disabled to check for HMAC. If enabled, and when a packet
> is received, the receiver will compute the HMAC (using the key configured
> for it) on the packet and compare it what is in the packet. If the HMAC
> compariosn fails, the receiver will drop the packet, and log a count of
> dropped packets because of mismatch. Why would the management plane
> need to perform a ‘check-key’ operation?

We're making the key non-readable, once written. The check-key operation gives the router something to hash, and a hash of that something that you've created on your end (using what you think the key is), and asks the router if the hash it creates is the same as the hash you created. If yes, then you know (1) the key is what you think it is, and (2) the hash is being computed using the algorithm you think it is using. If the HMAC comparison is consistently failing, this can be a useful troubleshooting mechanism (especially when setting up a new network using routers with different implementations). Just knowing the packet is getting dropped doesn't tell you much. There are many things that could cause droppage.
But this would be optional to support. And I won't insist on it if others don't think it's a good idea.
It's similar to a fingerprint comparison done for an X.509 certificate.
 
> > Proposed HMAC model:
> > add to top level information-obj:
> > babel-hmac-algorithms (enumerated list of supported HMAC computation
> > algorithms)
> >
> > security-hmac-obj
> >  security-hmac-enable (boolean: enable / disable this instance)
> > security-hmac-mode (Boolean: do or don't authenticate received
> > packets)
> 
> I have the same question as Toke here.

OK. I've sent a reply to Toke's email.

> >  security-hmac-algorithm (string: one of the supported HMAC
> > algorithms)
> 
> You mean one of the enum values defined above.

Yes.
 
> Thanks for putting this together.
> 
> >  security-interfaces (string list of references to interfaces-obj: the
> > interfaces this instance applies to; if empty, it applies to all interfaces)
> security-add-hmac-key (operation: inputs (reference name, key))
> >     hmac-key-obj
> >         key-name (string: reference name)
> >         key-date (datetime: timestamp when key was added)
> >         delete-key (operation)
> >         check-key (operation: inputs (string, HMAC of string)) ; the node does
> its own HMAC computation of the input string and compares this to the input
> HMAC of string; if the computed and input HMAC are the same the operation
> succeeds.
> >
> > Thoughts?
> > Barbara
> >
> > _______________________________________________
> > babel mailing list
> > babel@ietf.org
> 
> Mahesh Jethanandani
> mjethanandani@gmail.com

v2.23.0 | Report a Bug | By Email