Re: [dtn-security] Issue implementing security source/destination with ESB blocks

Elwyn Davies <elwynd@folly.org.uk> Fri, 03 August 2012 02:45 UTC

Return-Path: <elwynd@folly.org.uk>
X-Original-To: dtn-security@ietfa.amsl.com
Delivered-To: dtn-security@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF43C11E80A4 for <dtn-security@ietfa.amsl.com>; Thu, 2 Aug 2012 19:45:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, J_CHICKENPOX_63=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 93+m-z6UDfh6 for <dtn-security@ietfa.amsl.com>; Thu, 2 Aug 2012 19:45:19 -0700 (PDT)
Received: from b.painless.aa.net.uk (b.painless.aa.net.uk [IPv6:2001:8b0:0:30::51bb:1e34]) by ietfa.amsl.com (Postfix) with ESMTP id 15D0711E8072 for <dtn-security@irtf.org>; Thu, 2 Aug 2012 19:45:19 -0700 (PDT)
Received: from [210.11.95.209] (helo=[192.168.173.65]) by b.painless.aa.net.uk with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.72) (envelope-from <elwynd@folly.org.uk>) id 1Sx7t2-00051z-66; Fri, 03 Aug 2012 03:45:12 +0100
Message-ID: <501B3B2F.5090508@folly.org.uk>
Date: Fri, 03 Aug 2012 12:45:03 +1000
From: Elwyn Davies <elwynd@folly.org.uk>
User-Agent: Mozilla/5.0 (X11; Linux i686; rv:12.0) Gecko/20120430 Thunderbird/12.0.1
MIME-Version: 1.0
To: Peter Lovell <plovell@mac.com>
References: <20120802214016.1861780438@smtp.mail.me.com>
In-Reply-To: <20120802214016.1861780438@smtp.mail.me.com>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: dtn-security@irtf.org, ahennes1@math.umd.edu
Subject: Re: [dtn-security] Issue implementing security source/destination with ESB blocks
X-BeenThere: dtn-security@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: elwynd@folly.org.uk
List-Id: "The Delay-Tolerant Networking Research Group \(DTNRG\) - Security." <dtn-security.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/dtn-security>
List-Post: <mailto:dtn-security@irtf.org>
List-Help: <mailto:dtn-security-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 03 Aug 2012 02:45:20 -0000

Hi.

Comment in line below...

On 03/08/12 07:40, Peter Lovell wrote:
> re-send for list members as my origib=nal one bounced :(
> I guess I need to revise my addresses
>
> On Thu, Aug 2, 2012, ahennes1@math.umd.edu<ahennes1@math.umd.edu>  wrote:
>
>> We've run into a problem while implementing the security source and
>> destination in the ESB blocks.  When ESB encapsulates a block, the BSP RFC
>> states that the eid ref list of the encapsulated block should be used as
>> the eid ref list of the encapsulating block, as in PCB.  However, the eid
>> ref list of the encapsulating block also needs to store the security
>> source and destination. We aren't sure if the eid ref list of the
>> encapsulated block should be appended to the eid ref list of the
>> encapsulating block.  The RFC states that an Abstract Security Block
>> should have at most 2 eid references, and this would contradict that
>> statement.
>>
>> We get around this problem with PCB because the first PCB block's eid ref
>> list stores the security source and destination, and an extra PCB block is
>> added for any encapsulated blocks (and this extra PCB block contains the
>> eid ref list of the encapsulated block).  With ESB, there is a one-to-one
>> correspondence between the 'replacing' ESB block and the block to be
>> encapsulated, so we do not have an extra block as in PCB.
>>
>>
>>
>> thanks,
>> Angela
>>
>>
>> Angela Hennessy
>> Laboratory for Telecommunication Sciences (LTS)
>
> Hi Angela,
>
> you're right - this is an issue that is not addressed in the spec. Some of the ESB language was taken from that for PCB, which it closely resembles, but this is an edge case not foreseen.
>
> There can be only two EIDs in the list because there are only two flags to indicate their presence. The list is not length-counted for total size so one can't skip over it.
>
> However, an EID list is specific to security blocks and doesn't occur in other block types.
>
> ESBs and other security blocks are in separate spaces, i.e. an ESB must never encapsulate PIBs or PCBs, and vice-versa.
>
> So the issue you describe can only occur in the super-encapsulation of ESBs. For now, I'm not sure how best to deal with it, but my initial thought is to use the previous EID list as the starting EID list, and then push security-source and security-dest on the front, if needed and as appropriate. The problem is how to indicate that there are other EIDs because, if we do not, the processing of the block will fail. This will require some change to the header and that will be a slow and deliberate process.
But not that difficult since the flag fields are SDNVs - so adding extra 
flags will not break the ASB definition.

Regards,
Elwyn
>
> In the meantime, let me suggest that you encapsulate the block and reconstitute it at the security-dest without special EID processing. THat means that any EID-munging between source and dest will be ineffective but I suspect that it isn't common anyway [please correct me if that's wrong].
>
> The alternative is to avoid super-encryption of ESBs.
>
> Regards.....Peter
>
>
>
> _______________________________________________
> dtn-security mailing list
> dtn-security@irtf.org
> https://www.irtf.org/mailman/listinfo/dtn-security