IETF Logo Mail Archive

Re: [Detnet] DetNet Use Cases comment - time properties of cryptographic algorithms used to verify traffic

"Black, David" <David.Black@dell.com> Fri, 21 December 2018 22:53 UTC

Return-Path: <David.Black@dell.com>
X-Original-To: detnet@ietfa.amsl.com
Delivered-To: detnet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A600F130EA3 for <detnet@ietfa.amsl.com>; Fri, 21 Dec 2018 14:53:24 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.765
X-Spam-Level:
X-Spam-Status: No, score=-2.765 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.065, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=dell.com header.b=T7MKC1Zp; dkim=fail (1024-bit key) reason="fail (message has been altered)" header.d=emc.com header.b=lQeNQ5V6
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rLmzFuWExAyQ for <detnet@ietfa.amsl.com>; Fri, 21 Dec 2018 14:53:21 -0800 (PST)
Received: from esa6.dell-outbound.iphmx.com (esa6.dell-outbound.iphmx.com [68.232.149.229]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6A59B130E9C for <detnet@ietf.org>; Fri, 21 Dec 2018 14:53:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dell.com; i=@dell.com; q=dns/txt; s=smtpout; t=1545432801; x=1576968801; h=from:to:cc:subject:date:message-id:references: in-reply-to:mime-version; bh=qWElIZL7jBeKrE/u2M8EQX1o+6gJfowAH/LZiGZLBko=; b=T7MKC1ZpS3EG5zmu0EN/1/ckZzTjj1g1RigGxbr/awm+K3VEQVpF0BBp Qqv/X2aYf1bfnamYTUpjM0V+P61UqL57eV6fCb+5oLn8r9GC6h84XDXwH mp6RMYXRzbu6+mq2qeh20lTTRdrvwUomqBeneX60N9EmnKsATLlvRda3c I=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A2EHAAAHbh1chyeV50NkHAEBAQQBAQcEAQGBUQcBAQsBgQ0jgTmBAicKjAxfixyCDZdgFIErPAsBAS6EPgKCbyI0CQ0BAwEBAgEBAgEBAhABAQEKCwkIKSMMgjopARRNLwkzAQEBAQEBAQEBAQEBAQEBAQEBFwJDEwEBGAEBAQECARIbEx8aAQQLAgEIEQEDAQELHQcyFAMGCAEBBAENBQgagwABgR1cCAGZdD0CgW6JBgEBAYIdgn2HIgiJd4EGJn4egVg+gRFGgTdnLoROAQsHASE0gwOCJolNfoR/YJBDWgMEAgKRf5Ffgw2GRpAiAgQCBAUCFIFGgR5xcFCCbAmCLBuDOIpTQTGMaA8XgQiBHwEB
X-IPAS-Result: A2EHAAAHbh1chyeV50NkHAEBAQQBAQcEAQGBUQcBAQsBgQ0jgTmBAicKjAxfixyCDZdgFIErPAsBAS6EPgKCbyI0CQ0BAwEBAgEBAgEBAhABAQEKCwkIKSMMgjopARRNLwkzAQEBAQEBAQEBAQEBAQEBAQEBFwJDEwEBGAEBAQECARIbEx8aAQQLAgEIEQEDAQELHQcyFAMGCAEBBAENBQgagwABgR1cCAGZdD0CgW6JBgEBAYIdgn2HIgiJd4EGJn4egVg+gRFGgTdnLoROAQsHASE0gwOCJolNfoR/YJBDWgMEAgKRf5Ffgw2GRpAiAgQCBAUCFIFGgR5xcFCCbAmCLBuDOIpTQTGMaA8XgQiBHwEB
Received: from mx0a-00154901.pphosted.com ([67.231.149.39]) by esa6.dell-outbound.iphmx.com with ESMTP/TLS/AES256-SHA256; 21 Dec 2018 16:53:18 -0600
Received: from pps.filterd (m0142699.ppops.net [127.0.0.1]) by mx0a-00154901.pphosted.com (8.16.0.27/8.16.0.27) with SMTP id wBLMgxNx188858 for <detnet@ietf.org>; Fri, 21 Dec 2018 17:53:18 -0500
Received: from esa2.dell-outbound2.iphmx.com (esa2.dell-outbound2.iphmx.com [68.232.153.202]) by mx0a-00154901.pphosted.com with ESMTP id 2ph8ebg6ps-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=FAIL) for <detnet@ietf.org>; Fri, 21 Dec 2018 17:53:18 -0500
From: "Black, David" <David.Black@dell.com>
Received: from mailuogwdur.emc.com ([128.221.224.79]) by esa2.dell-outbound2.iphmx.com with ESMTP/TLS/DHE-RSA-AES256-SHA256; 22 Dec 2018 04:53:10 +0600
Received: from maildlpprd53.lss.emc.com (maildlpprd53.lss.emc.com [10.106.48.157]) by mailuogwprd52.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id wBLMrEDR015133 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Fri, 21 Dec 2018 17:53:15 -0500
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd52.lss.emc.com wBLMrEDR015133
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed/relaxed; d=emc.com; s=jan2013; t=1545432796; bh=ShUNhh6SMeMZfRzK8t+9/R1Bjf8=; h=From:To:CC:Subject:Date:Message-ID:References:In-Reply-To: Content-Type:MIME-Version; b=lQeNQ5V6v41OWPN0QWwoBg6zhajxkkbkevhM9Q+LqVtzzFJRqzH3ziCwY9/GXGION TBf1GqSbKbZCn29o9u7tyXUmJVABfx5mFtp21pMwNHjp6UgUChd8lxCdWLw08xsWAO QFxMOXKLFH8qjaTC+04+SPxuUFFvm5YwX94eTgIc=
X-DKIM: OpenDKIM Filter v2.4.3 mailuogwprd52.lss.emc.com wBLMrEDR015133
Received: from mailusrhubprd04.lss.emc.com (mailusrhubprd04.lss.emc.com [10.253.24.22]) by maildlpprd53.lss.emc.com (RSA Interceptor); Fri, 21 Dec 2018 17:52:56 -0500
Received: from MXHUB301.corp.emc.com (MXHUB301.corp.emc.com [10.146.3.27]) by mailusrhubprd04.lss.emc.com (Sentrion-MTA-4.3.1/Sentrion-MTA-4.3.0) with ESMTP id wBLMr2na008205 (version=TLSv1.2 cipher=AES128-SHA256 bits=128 verify=FAIL); Fri, 21 Dec 2018 17:53:03 -0500
Received: from MX307CL04.corp.emc.com ([fe80::849f:5da2:11b:4385]) by MXHUB301.corp.emc.com ([10.146.3.27]) with mapi id 14.03.0399.000; Fri, 21 Dec 2018 17:53:02 -0500
To: "Pascal Thubert (pthubert)" <pthubert@cisco.com>, "Grossman, Ethan A." <eagros@dolby.com>, "detnet@ietf.org" <detnet@ietf.org>
CC: "ekr@rtfm.com" <ekr@rtfm.com>
Thread-Topic: DetNet Use Cases comment - time properties of cryptographic algorithms used to verify traffic
Thread-Index: AdSX+/sLTp7DPyO1QkG1vyM68OeTlQAEW9GwAAoIQfAAUfnZsA==
Date: Fri, 21 Dec 2018 22:53:02 +0000
Message-ID: <CE03DB3D7B45C245BCA0D24327794936303A96D2@MX307CL04.corp.emc.com>
References: <BY1PR0601MB1403A041DF88D362261DA127C4BF0@BY1PR0601MB1403.namprd06.prod.outlook.com> <CE03DB3D7B45C245BCA0D24327794936303A55D1@MX307CL04.corp.emc.com> <85ff3ddbde5f498ab1c680e1a7d97641@XCH-RCD-001.cisco.com>
In-Reply-To: <85ff3ddbde5f498ab1c680e1a7d97641@XCH-RCD-001.cisco.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.238.21.131]
Content-Type: multipart/alternative; boundary="_000_CE03DB3D7B45C245BCA0D24327794936303A96D2MX307CL04corpem_"
MIME-Version: 1.0
X-Sentrion-Hostname: mailusrhubprd04.lss.emc.com
X-RSA-Classifications: public
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10434:, , definitions=2018-12-21_10:, , signatures=0
X-Proofpoint-Spam-Details: rule=outbound_notspam policy=outbound score=0 priorityscore=1501 malwarescore=0 suspectscore=0 phishscore=0 bulkscore=0 spamscore=0 clxscore=1015 lowpriorityscore=0 mlxscore=0 impostorscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.0.1-1810050000 definitions=main-1812210169
Archived-At: <https://mailarchive.ietf.org/arch/msg/detnet/YDfkMT6YnTx8lGn0bTEjhuDoaEo>
Subject: Re: [Detnet] DetNet Use Cases comment - time properties of cryptographic algorithms used to verify traffic
X-BeenThere: detnet@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussions on Deterministic Networking BoF and Proposed WG <detnet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/detnet>, <mailto:detnet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/detnet/>
List-Post: <mailto:detnet@ietf.org>
List-Help: <mailto:detnet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/detnet>, <mailto:detnet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 21 Dec 2018 22:53:25 -0000

Hi Pascal,

I would not preclude that, but I would discourage it, as, if I understand what is proposed, it involves checking a digital signature on each packet at arbitrary intermediate points along the flow, which is indeed rather expensive.

If only endpoint checks or checks at a small number of intermediate points are required, a more effective approach is to use asymmetric crypto to authenticate distribution or exchange of a secret key for symmetric crypto - a successful check based on that key provides traffic origin verification as long as the key is kept secret by the participants.  Both TLS and IKE (for IPsec) are examples of this for endpoint checks.

In both cases, origin verification also requires replay detection mechanism as part of the security protocol to prevent an attacker from recording and resending traffic, e.g., as a denial of service attack on flow forwarding resources.

Thanks, --David

From: detnet [mailto:detnet-bounces@ietf.org] On Behalf Of Pascal Thubert (pthubert)
Sent: Thursday, December 20, 2018 2:34 AM
To: Black, David; Grossman, Ethan A.; detnet@ietf.org
Cc: ekr@rtfm.com
Subject: Re: [Detnet] DetNet Use Cases comment - time properties of cryptographic algorithms used to verify traffic


[EXTERNAL EMAIL]
Hello David :

Asymmetric is a lot more expensive, I'm hearing, but could be very useful to ensure that the packets in a DetNet flow are from the proper source.
Say that the DetNet flow is associated with a keypair, and that the private key is available to the source of the flow whereas the public key is distributed with the flow information.
We should not preclude that should we? As long as the crypto time is bounded we should be OK.

All the best

pascal

From: detnet <detnet-bounces@ietf.org<mailto:detnet-bounces@ietf.org>> On Behalf Of Black, David
Sent: jeudi 20 décembre 2018 03:47
To: Grossman, Ethan A. <eagros@dolby.com<mailto:eagros@dolby.com>>; detnet@ietf.org<mailto:detnet@ietf.org>
Cc: ekr@rtfm.com<mailto:ekr@rtfm.com>
Subject: Re: [Detnet] DetNet Use Cases comment - time properties of cryptographic algorithms used to verify traffic

> Good question, for example do such algorithms have deterministic execution times?

Generally, yes, to a first approximation, as the algorithms used to encrypt and verify traffic are usually symmetric crypto algorithms such as AES and SHA-2 which perform the same computation regardless of input.   Non-deterministic execution times are associated with asymmetric crypto algorithms (e.g., public key algorithms), which are not typically used on a packet-by-packet basis - they're used for session setup, including key exchange, from which keys are derived for the symmetric algorithms.

Thanks, --David

From: detnet [mailto:detnet-bounces@ietf.org] On Behalf Of Grossman, Ethan A.
Sent: Wednesday, December 19, 2018 7:42 PM
To: detnet@ietf.org<mailto:detnet@ietf.org>
Cc: ekr@rtfm.com<mailto:ekr@rtfm.com>
Subject: [Detnet] DetNet Use Cases comment - time properties of cryptographic algorithms used to verify traffic


[EXTERNAL EMAIL]

Hi All,

In going over the remaining IESG review comments, there is this question on Sec 11.5 (Security). I don't think it is worth holding up the Use Cases draft for, but it seems worth a conversation on the list.



Text from Section 11.5:

>      addition to arriving with the data content as intended, the data must

>      also arrive at the expected time.  This may present "new" security

>      challenges to implementers, and must be addressed accordingly.  There

>      are other security implications, including (but not limited to) the

>      change in attack surface presented by packet replication and

>      elimination.



Reviewer's Comment:

Do these requirements impose new requirements on the cryptographic algorithms used to verify traffic?



Ethan's thoughts:

Good question, for example do such algorithms have deterministic execution times? Is there a large spread between best- and worst-case execution times? Is this a topic for the Security draft? The Architecture draft? Or is this a more general matter of network (or network silicon) design/implementation/performance, and thus doesn't get covered in DetNet drafts?
--------------------------------------------------

v2.23.0 | Report a Bug | By Email