Re: [dtn-security] bundle security protocol changes...

Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 06 December 2005 20:23 UTC

Message-ID: <4395F319.4060405@cs.tcd.ie>
Date: Tue, 06 Dec 2005 20:22:49 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
MIME-Version: 1.0
To: dtn-security@mailman.dtnrg.org
CC: "Susan F. Symington" <susan@mitre.org>, Howard Weiss <hsw@sparta.com>
Subject: Re: [dtn-security] bundle security protocol changes...
References: <4395CF25.3060108@cs.tcd.ie> <20051206190244.GH3095@pisco.cs.berkeley.edu>
In-Reply-To: <20051206190244.GH3095@pisco.cs.berkeley.edu>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
Sender: dtn-security-admin@mailman.dtnrg.org
Errors-To: dtn-security-admin@mailman.dtnrg.org
Precedence: bulk
Reply-To: dtn-security@mailman.dtnrg.org

Hi Mike,

Michael Demmer wrote:
>>- Allow a header to follow the payload in order to carry
>>signatures and MACs. I think the easiest way to do that
>>is to just let it be defined per ciphersuite, so that e.g.
>>HMAC-in-front would be a different ciphersuite from
>>HMAC-at-the-end (which would require two BAH/PSH headers
>>in the bundle). Security result is therefore also
>>optional in an ASH and we add a bit to indicate its
>>presence.
> 
> Can you briefly explain why two BAH/PSH headers are required for the
> case where the sig/MAC follows the payload. This may be obvious but I
> don't get it.

So the ciphersuite is up-front, so a node with only small buffers can
still handle large bundles. Using the same header type before and
after is just one possible design, but seems simplest to me given
the way we'll be mixing multiple applications of security headers
later on.

> Also, just so we're on the same page, the rational for having the sig
> at the end is that you can start sending the payload bits before
> you've calculated the signature on the whole thing? As such you don't
> need to pull the whole payload into memory, generate the MAC, then
> send the MAC and send the payload?

Yes, exactly. Its for nodes with small buffers who handle large
bundles (or where scaling creates the same effect).

>>- Define a type for this header since its no longer
>>in the bundle spec. I guess '2' is fine? I don't think
>>an ASH needs an overall length since the flags and
>>thereafter individual optional fields each specify
>>their own lengths.
> 
> 
> But for implementations that don't include the security support, we
> need these headers to follow the standard header preamble (with
> length) so they can be skipped when processing the bundle.

Very true. And I'd forgotten about it. (Susan had also pointed
out that we need three different header values for BAH, PSH and CH
too.) Thanks for catching that.

[...]

> For the above points, I'm too far removed to understand all of what
> you're proposing to even begin to comment :)

Yep they're just abbreviated notes. Basically though what we want to
be able to eventually support is something a bit like a mixture of
s/mime's ability to forward encrypted mail adding a new signature
and a sequence of VPN tunnels. Clearly some ascii-art is needed.

Stephen.

Re: [dtn-security] bundle security protocol chang… Scott Burleigh
Re: [dtn-security] bundle security protocol chang… Stephen Farrell
Re: [dtn-security] bundle security protocol chang… Michael Demmer
[dtn-security] bundle security protocol changes... Stephen Farrell