[dtn-security] bundle security protocol changes...
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 06 December 2005 17:50 UTC
Received: from imx2.tcd.ie (imx2.tcd.ie [134.226.1.156]) by webbie.berkeley.intel-research.net (8.11.6/8.11.6) with ESMTP id jB6HoPg16464 for <dtn-security@mailman.dtnrg.org>; Tue, 6 Dec 2005 09:50:26 -0800
Received: from Vams.imx2 (imx2.tcd.ie [134.226.1.156]) by imx2.tcd.ie (Postfix) with SMTP id 1457F68239; Tue, 6 Dec 2005 17:50:19 +0000 (GMT)
Received: from imx2.tcd.ie ([134.226.1.156]) by imx2.tcd.ie ([134.226.1.156]) with SMTP (gateway) id A016C211381; Tue, 06 Dec 2005 17:50:19 +0000
Received: from [127.0.0.1] (unknown [134.226.144.16]) by imx2.tcd.ie (Postfix) with ESMTP id 0E52068239; Tue, 6 Dec 2005 17:50:19 +0000 (GMT)
Message-ID: <4395CF25.3060108@cs.tcd.ie>
Date: Tue, 06 Dec 2005 17:49:25 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla Thunderbird 1.0.6 (Windows/20050716)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: dtn-security@mailman.dtnrg.org
Cc: "Susan F. Symington" <susan@mitre.org>, Howard Weiss <hsw@sparta.com>
Content-Type: text/plain; charset="ISO-8859-1"; format="flowed"
Content-Transfer-Encoding: 7bit
X-AntiVirus-Status: MessageID = A116C211381
X-AntiVirus-Status: Host: imx2.tcd.ie
X-AntiVirus-Status: Action Taken:
X-AntiVirus-Status: NONE
X-AntiVirus-Status: Checked by TCD Vexira. (version=1.56.3 VDF=8.974)
Subject: [dtn-security] bundle security protocol changes...
Sender: dtn-security-admin@mailman.dtnrg.org
Errors-To: dtn-security-admin@mailman.dtnrg.org
X-BeenThere: dtn-security@mailman.dtnrg.org
X-Mailman-Version: 2.0.13
Precedence: bulk
Reply-To: dtn-security@mailman.dtnrg.org
List-Unsubscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=unsubscribe>
List-Id: DTN Security Discussion <dtn-security.mailman.dtnrg.org>
List-Post: <mailto:dtn-security@mailman.dtnrg.org>
List-Help: <mailto:dtn-security-request@mailman.dtnrg.org?subject=help>
List-Subscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=subscribe>
List-Archive: <http://mailman.dtnrg.org/pipermail/dtn-security/>
Folks, Susan, Howie and I just had a call (thanks skype!) about things to do with the next rev of the bundle security draft [1] and the list below are my rough notes about the main changes we're planning. We'd welcome any comments before doing the I-D production donkey-work:-) We're aiming a bit optimisitically at having -01 out before the holidays. Cheers, Stephen. [1] http://tools.ietf.org/id/draft-irtf-dtnrg-bundle-security-00.txt - Align terminology with the latest bundle spec. - Allow a header to follow the payload in order to carry signatures and MACs. I think the easiest way to do that is to just let it be defined per ciphersuite, so that e.g. HMAC-in-front would be a different ciphersuite from HMAC-at-the-end (which would require two BAH/PSH headers in the bundle). Security result is therefore also optional in an ASH and we add a bit to indicate its presence. - I think that we ought to allow more bits for the ciphersuite say adding another byte to get 13 bits. - Accomodate the changed SDNV. Some fields (e.g. security result) will now be an SDNV encoded length followed by the required number of octets. - Define a type for this header since its no longer in the bundle spec. I guess '2' is fine? I don't think an ASH needs an overall length since the flags and thereafter individual optional fields each specify their own lengths. - C14N. I dunno what to do here yet. This might have to wait on someone coding it all up to be something we can do correctly. But we'll probably think of stuff as we edit it. - Since the bundle spec has gotten rid of most of its API stuff, can we do the same? - Deal with combinations of PSH/BAH & CH. There's more needed there: - Just for a starter let's say that we add a new field to the ASH so we can correlate the front-end and rear-end pairs (say if >1 PSH is applied). We could call that the 'marker' and make it optional for the 1st application of an ASH - all subsequent ASH's would have to include a unique marker. (Might a counter be better?) - Next for CH we include the enciphered payloads in the additional CH header. What I mean is that the first CH of a (marker-matching-set) should contain the keying material and subsequent ones should contain (n the security result field) the ciphertext (e.g. encrypted payloads). A single CH can contain ciphertext for >1 header. The 1st CH can also contain ciphertext for some headers. - PSH and CH service (with markers) can be applied to any headers you like in the obvious way, except that each service applicaiton has to envelope the others. - One exception is that if you're using a signature ciphersuite then if subsequent encryption has to include both the signed data and the signature and not just the signed data. - And since that's all very complicated, we mandate support for only one of each type of ciphersuite (or even fewer), and we also mandate that nodes only need support say one level of combining. Other nodes could of course do more, but that'd be subject to further specification/profiling in some other RFC.
- Re: [dtn-security] bundle security protocol chang… Scott Burleigh
- Re: [dtn-security] bundle security protocol chang… Stephen Farrell
- Re: [dtn-security] bundle security protocol chang… Michael Demmer
- [dtn-security] bundle security protocol changes... Stephen Farrell