Re: [dtn-security] Updated SBSP Document
"Zoller, David A. (MSFC-EO50)[HOSC SERVICES CONTRACT]" <david.a.zoller@nasa.gov> Thu, 29 May 2014 19:09 UTC
Return-Path: <david.a.zoller@nasa.gov>
X-Original-To: dtn-security@ietfa.amsl.com
Delivered-To: dtn-security@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DC0CF1A04F6 for <dtn-security@ietfa.amsl.com>; Thu, 29 May 2014 12:09:14 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.551
X-Spam-Level:
X-Spam-Status: No, score=-2.551 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, RP_MATCHES_RCVD=-0.651, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nl4hD5OKr_Cb for <dtn-security@ietfa.amsl.com>; Thu, 29 May 2014 12:09:09 -0700 (PDT)
Received: from ndjsnpf01.ndc.nasa.gov (ndjsnpf01.ndc.nasa.gov [IPv6:2001:4d0:a302:1100::101]) by ietfa.amsl.com (Postfix) with ESMTP id 40A2E1A0B72 for <dtn-security@irtf.org>; Thu, 29 May 2014 12:09:08 -0700 (PDT)
Received: from ndmsppt103.ndc.nasa.gov (ndmsppt103.ndc.nasa.gov [198.117.0.68]) by ndjsnpf01.ndc.nasa.gov (Postfix) with ESMTP id 8021CD055D; Thu, 29 May 2014 14:03:39 -0500 (CDT)
Received: from NDMSCHT115.ndc.nasa.gov (ndmscht115-pub.ndc.nasa.gov [198.117.0.215]) by ndmsppt103.ndc.nasa.gov (8.14.5/8.14.5) with ESMTP id s4TJ93Qm009392; Thu, 29 May 2014 14:09:03 -0500
Received: from NDMSMBX404.ndc.nasa.gov ([169.254.4.107]) by NDMSCHT115.ndc.nasa.gov ([198.117.0.215]) with mapi id 14.03.0174.001; Thu, 29 May 2014 14:09:03 -0500
From: "Zoller, David A. (MSFC-EO50)[HOSC SERVICES CONTRACT]" <david.a.zoller@nasa.gov>
To: "Birrane, Edward J." <Edward.Birrane@jhuapl.edu>, "dtn-security@irtf.org" <dtn-security@irtf.org>
Thread-Topic: Updated SBSP Document
Thread-Index: Ac96egHBtIlHfqjpRHK8eG5est6OOQA736Hg
Date: Thu, 29 May 2014 19:09:02 +0000
Message-ID: <94CFB3711B4CAE4DBFC5BEB3374BF0C60D1835@NDMSMBX404.ndc.nasa.gov>
References: <329D879C76FDD04AAAE84BB1D89B3970094FBF9EAA@aplesfreedom.dom1.jhuapl.edu>
In-Reply-To: <329D879C76FDD04AAAE84BB1D89B3970094FBF9EAA@aplesfreedom.dom1.jhuapl.edu>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [198.119.225.34]
Content-Type: multipart/alternative; boundary="_000_94CFB3711B4CAE4DBFC5BEB3374BF0C60D1835NDMSMBX404ndcnasa_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.11.96, 1.0.14, 0.0.0000 definitions=2014-05-29_06:2014-05-29,2014-05-29,1970-01-01 signatures=0
Archived-At: http://mailarchive.ietf.org/arch/msg/dtn-security/NvvaPFm3TSpOGXHEV-50SFXpBXM
Subject: Re: [dtn-security] Updated SBSP Document
X-BeenThere: dtn-security@irtf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The Delay-Tolerant Networking Research Group \(DTNRG\) - Security." <dtn-security.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/dtn-security/>
List-Post: <mailto:dtn-security@irtf.org>
List-Help: <mailto:dtn-security-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 29 May 2014 19:09:15 -0000
Ed, Good work - the SBSP spec continues to evolve nicely. I'll kick off the discussions with my comments below. Cheers, DZ [Page 12] 2.4 Bundle Authentication Block The security-target MUST be the entire bundle, which MUST be represented by a <block type><occurrence number> of <0x00><0x00>. * Per 3.4 Bundle Fragmentation and Reassembly, bundle authentication may be applied to bundle fragments as well as non-fragmented bundles. * If a bundle fragment is received that has a BAB, there is no way to determine if the BAB applies to the bundle fragment or if it applies to an entire bundle that was later fragmented by a non-security-aware BA. o I propose that a <block type><occurrence number> of <0x00><payload frag length> indicate that the BAB applies to a bundle fragment * If such a bundle fragment is further fragmented by a non-security-aware BA then the <payload frag length> can be used to determine that the original fragmented bundle must be reassembled before authentication is checked because it will not match the length field in the payload block. o Some discussion may be desirable in section 3.4 as well as 2.4 if accepted [Page 14] 2.6 Block Confidentiality Block The block processing control flags value can be set to whatever values are required by local policy, except that a Lone BCB or First BCB MUST have the "replicate in every fragment" flag set. This indicates to a receiving node that the payload portion in each fragment represents cipher-text. * The intent here is only if the target of the Lone BCB or First BCB is the payload block which would need to be added if this is kept as a requirement. * I think this requirement should be removed or at least reduced to a "MAY" 1. It assumes that the Lone or First BCB must be prior to the payload block which is not a specific requirement and is not necessary in any case for SBSP 2. A BCB block could be quite large and add a lot of bandwidth overhead if included in every fragment 3. I do not see a benefit gained by including the block in every fragment i. Even the destination node likely cannot decrypt any individual fragment except the first one and it probably would only decrypt a partial bundle as a last resort or forensic function if the entire bundle was not received before expiration ii. Intermediate nodes shouldn't generally be poking around in bundle payloads anyway and no need to provide additional clues as to whether a fragment payload is encrypted or a bunch of binary values - keep the bad guys guessing and wasting CPU cycles if possible iii. BSP includes this requirement - have any of the implementations found a need or benefit for this and would it still apply in context of the SBSP? [Page 24] 3.1.2.3 Extension Block Canonicalization Endpoint ID references in blocks are canonicalized using the de- referenced text form in place of the reference pair. The reference count is not included, nor is the length of the endpoint ID text. The EID reference is, therefore, canonicalized as <scheme>:<SSP>, which includes the ":" character. * Need to include a statement to the effect: o Artificial EIDs as defined in this document (ssp reference is 0x00) must be skipped and are not included in the canonicalization. [Page 24] 3.1.2.3 Extension Block Canonicalization The block-length is canonicalized as its unpacked SDNV value. If the data to be canonicalized is less than the complete, original block data, this field contains the size of the data being canonicalized (the "effective block") rather than the actual size of the block. * Section 3.1.2.1 (Primary Block Canonicalization) details the length fields as 4 byte values and effectively reserves the term "unpacked SDNV value" to mean the 8 byte value. I recommend using the same convention here. o Personally, I would specify all SDNV values canonicalized as 8 byte values and be done with it * Add a statement to the effect: o The entirety or portion(s) of the block body data are canonicalized as is. [Page 23] 3.1.2.2 Payload Block Canonicalization When canonicalizing the payload block, the block processing control flags value used for canonicalization is the unpacked SDNV value with reserved and mutable bits masked to zero. The unpacked value is ANDed with mask 0x0000 0000 0000 0077 to zero reserved bits and the "last block" bit. The "last block" bit is ignored because BABs and other security blocks MAY be added for some parts of the journey but not others, so the setting of this bit might change from hop to hop. Payload blocks are canonicalized as-is, with the exception that, in some instances, only a portion of the payload data is to be protected. In such a case, only those bytes are included in the canonical form, and additional cipher suite parameters are required to specify which part of the payload is protected, as discussed further below. * The processing control flags are pulled out and masked so the Payload block can no longer be considered canonicalized "as-is". * A Payload Block is the same underlying format as an Extension Block with the restriction that the 'block contains an EID-reference field' is never set and it should follow the same canonicalization methodology as that of the Extension Block o I propose a single "Non-Primary Block Canonicalization" section based on the finalized version of the Extension Block Canonicalization [Page 26] 3.3.2 Receiving BCB Blocks If the relevant parts of an encrypted payload cannot be decrypted (i.e., the decryption key cannot be deduced or decryption fails), then the bundle MUST be discarded and processed no further; in this case, a bundle deletion status report (see [RFC5050]) indicating the decryption failure MAY be generated. * Does a new deletion reason code need to be defined? -----Original Message----- From: dtn-interest [mailto:dtn-interest-bounces@irtf.org] On Behalf Of Birrane, Edward J. Sent: Wednesday, May 28, 2014 8:40 AM To: dtn-interest@irtf.org; dtn-security@irtf.org Subject: [dtn-interest] Updated SBSP Document Good morning. I've released a new version of the Streamlined Bundle Security Protocol (SBSP) document (see information below). This change incorporates comments received to date, including: - Minor spelling/grammar changes and text cleanup. - Expanded discussion on extension block identification (Section 2.1) - Clarified that a BIB may not be added to sign an encrypted block. (Section 2.7) - Clarified block processing order in Section 2.7. - Clarified BIB processing (Section 3.3.3) - Simplified bundle fragmentation discussion (Section 3.4) - Clarified interaction of authentication and reactive fragmentation. - Updated policy considerations. I am cross-posting to dtn-interest and dtn-security as an announcement, but would ask that technical discussion occur on dtn-security. -Ed A New Internet-Draft is available from the on-line Internet-Drafts directories. This draft is a work item of the Delay-Tolerant Networking Research Group Working Group of the IETF. Title : Streamlined Bundle Security Protocol Specification Author : Edward J. Birrane Filename : draft-irtf-dtnrg-sbsp-01.txt Pages : 34 Date : 2014-05-27 Abstract: This document defines a streamlined bundle security protocol, which provides data authentication, integrity, and confidentiality services for the Bundle Protocol. Capabilities are provided to protect the bundle payload, and additional data that may be included within the bundle, along a single path through a network. The IETF datatracker status page for this draft is: https://datatracker.ietf.org/doc/draft-irtf-dtnrg-sbsp/ There's also a htmlized version available at: http://tools.ietf.org/html/draft-irtf-dtnrg-sbsp-01 A diff from the previous version is available at: http://www.ietf.org/rfcdiff?url2=draft-irtf-dtnrg-sbsp-01 --- Ed Birrane Principal Professional Staff, Space Department Johns Hopkins Applied Physics Laboratory (W) 443-778-7423 / (F) 443-228-3839 _______________________________________________ dtn-interest mailing list dtn-interest@irtf.org<mailto:dtn-interest@irtf.org> https://www.irtf.org/mailman/listinfo/dtn-interest
- [dtn-security] Updated SBSP Document Birrane, Edward J.
- Re: [dtn-security] Updated SBSP Document Zoller, David A. (MSFC-EO50)[HOSC SERVICES CONTRACT]
- Re: [dtn-security] Updated SBSP Document Burleigh, Scott C (312G)
- Re: [dtn-security] Updated SBSP Document Amy Alford
- Re: [dtn-security] Updated SBSP Document Burleigh, Scott C (312G)
- Re: [dtn-security] Updated SBSP Document Scott, Keith L.
- Re: [dtn-security] Updated SBSP Document Burleigh, Scott C (312G)