Re: [dtn-security] Issue implementing security source/destination with ESB blocks

ahennes1@math.umd.edu Mon, 03 September 2012 13:05 UTC

Return-Path: <ahennes1@math.umd.edu>
X-Original-To: dtn-security@ietfa.amsl.com
Delivered-To: dtn-security@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E551B21F8540 for <dtn-security@ietfa.amsl.com>; Mon, 3 Sep 2012 06:05:31 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.999
X-Spam-Level:
X-Spam-Status: No, score=-3.999 tagged_above=-999 required=5 tests=[BAYES_50=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dxsT9vnELOd5 for <dtn-security@ietfa.amsl.com>; Mon, 3 Sep 2012 06:05:28 -0700 (PDT)
Received: from mailfilter.ece.umd.edu (mailfilter.ece.umd.edu [129.2.90.4]) by ietfa.amsl.com (Postfix) with ESMTP id A523721F853E for <dtn-security@irtf.org>; Mon, 3 Sep 2012 06:05:28 -0700 (PDT)
X-ASG-Debug-ID: 1346677526-04739d1028244330001-NoPDhg
Received: from svr4.math.umd.edu (svr4.math.umd.edu [129.2.56.14]) by mailfilter.ece.umd.edu with ESMTP id hlUHYyTMQEB4F6po; Mon, 03 Sep 2012 09:05:26 -0400 (EDT)
X-Barracuda-Envelope-From: ahennes1@math.umd.edu
X-Barracuda-Apparent-Source-IP: 129.2.56.14
Received: by svr4.math.umd.edu (Postfix, from userid 48) id 0AA3C6FC83; Mon, 3 Sep 2012 09:05:25 -0400 (EDT)
Received: from 69.243.25.71 by webmail.math.umd.edu with HTTP; Mon, 3 Sep 2012 09:05:25 -0400
Message-ID: <cae89cc48d18dea2288489bce7473621.squirrel@webmail.math.umd.edu>
In-Reply-To: <20120824185650.1151428911@smtp.mail.me.com>
References: <f1abb474b138939c6494addd3ac356bb.squirrel@webmail.math.umd.edu> <CAB9rx+9v4T9f-RXQbzKV67h7wiDbqZoyLjbKSesc+mnJ_TKhtw@mail.gmail.com> <CAB9rx+9WnNdwhDJq9HEqkHW49C+F8q_7MgZuzwzGcp9tH9+BHA@mail.gmail.com> <dd65229141b55c413fa835120b5477aa.squirrel@webmail.math.umd.edu> <20120821141321.215374808@smtp.mail.me.com> <CAB9rx+-ZVvQ+rT8kVMu_TQOUm6q55gtjecWj-qb0oXhdJkmizw@mail.gmail.com> <97735113a72c3d32d66ca834c84ff8a4.squirrel@webmail.math.umd.edu> <20120824185650.1151428911@smtp.mail.me.com>
Date: Mon, 3 Sep 2012 09:05:25 -0400
From: ahennes1@math.umd.edu
X-ASG-Orig-Subj: Re: Issue implementing security source/destination with ESB blocks
To: "Peter Lovell" <plovell@mac.com>, dtn-security@irtf.org
User-Agent: SquirrelMail/1.4.20
MIME-Version: 1.0
Content-Type: text/plain;charset=iso-8859-1
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
X-Barracuda-Connect: svr4.math.umd.edu[129.2.56.14]
X-Barracuda-Start-Time: 1346677526
X-Barracuda-URL: http://mailfilter.ece.umd.edu:8000/cgi-mod/mark.cgi
X-Virus-Scanned: by bsmtpd at ece.umd.edu
X-Barracuda-Spam-Score: 0.00
X-Barracuda-Spam-Status: No, SCORE=0.00 using per-user scores of TAG_LEVEL=1000.0 QUARANTINE_LEVEL=7.0 KILL_LEVEL=1000.0 tests=NO_REAL_NAME
X-Barracuda-Spam-Report: Code version 3.2, rules version 3.2.2.107488 Rule breakdown below pts rule name description ---- ---------------------- -------------------------------------------------- 0.00 NO_REAL_NAME From: does not include a real name
Subject: Re: [dtn-security] Issue implementing security source/destination with ESB blocks
X-BeenThere: dtn-security@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The Delay-Tolerant Networking Research Group \(DTNRG\) - Security." <dtn-security.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/dtn-security>
List-Post: <mailto:dtn-security@irtf.org>
List-Help: <mailto:dtn-security-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=subscribe>
X-List-Received-Date: Mon, 03 Sep 2012 13:05:32 -0000

We've hashed out some of the wording, and below is what we'd like to
propose for the BSP errata list. Any comments are welcome.

Thanks,
Angela




Section 3.4.1,pg.32 says:

   The first algorithm that can be used permits no changes at all to the
   bundle between the security-source and the security-destination.  It
   is mainly intended for use in BAB ciphersuites.  This algorithm
   conceptually catenates all blocks in the order presented, but omits
   all security-result data fields in blocks of this ciphersuite type.
   That is, when a BAB ciphersuite specifies this algorithm, we omit all
   BAB security-results for all BAB ciphersuites.  When a PIB
   ciphersuite specifies this algorithm, we omit all PIB security-
   results for all PIB ciphersuites.  All security-result length fields
   are included, even though their corresponding security-result data
   fields are omitted.

It should say:

   The first algorithm that can be used permits no changes at all to the
   bundle between the security-source and the security-destination, with
   the exception of one of the Block Processing Control Flags, as
   described  below.  It is mainly intended for use in BAB ciphersuites.
   This algorithm conceptually catenates all blocks in the order presented,
   but omits all security-result data fields in blocks of this ciphersuite
   type.  That is, when a BAB ciphersuite specifies this algorithm, we omit
   all BAB security-results for all BAB ciphersuites.  When a PIB
   ciphersuite specifies this algorithm, we omit all PIB security-
   results for all PIB ciphersuites.  All security-result length fields
   are included, even though their corresponding security-result data
   fields are omitted.

   Notes:

   o  In the Block Processing Control Flags field, in every block other
      than the Primary Block, the flag at bit 5, "Block was forwarded
      without being processed" is canonicalized as zero.  The Block
Processing
      Control Flags field, which is an SDNV, is unpacked into a fixed-width
      field, and some bits are masked out. The unpacked field is ANDed with
      mask 0xFFFF FFFF FFFF FFDF to set to zero the "Block was forwarded
      without being processed" bit for the purposes of canonicalization.

Notes: If this flag is not zeroed out, when a bundle passes through a
non-security aware node, this flag will be set. This will then change the
message digest, and a BAB block will fail to verify.



Section 3.4.2,pg.35 says:

   For non-primary blocks being included in the canonicalization, the
   block processing control flags value used for canonicalization is the
   unpacked SDNV value with reserved and mutable bits masked to zero.
   The unpacked value is ANDed with mask 0x0000 0000 0000 0077 to zero
   reserved bits and the "last block" flag.  The "last block" flag is
   ignored because BABs and other security blocks MAY be added for some
   parts of the journey but not others, so the setting of this bit might
   change from hop to hop.

It should say:

   For non-primary blocks being included in the canonicalization, the
   block processing control flags value used for canonicalization is the
   unpacked SDNV value with reserved and mutable bits are masked to zero.
   The unpacked value is ANDed with mask 0x0000 0000 0000 0057 to zero
   reserved bits, the "last block" flag and the "Block was forwarded
   without being processed" bit.  The "last block" flag is ignored because
   BABs and other security blocks MAY be added for some parts of the
   journey but not others, so the setting of this bit might change from hop
   to hop. The "Block was forwarded without being processed" flag is
   ignored because the bundle may pass through a non security-aware node,
   and this flag would be set.



Section 2.1,pg.10 says:

   o  EID-references - composite field defined in [DTNBP] containing
      references to one or two endpoint identifiers (EIDs).  Presence of
      the EID-reference field is indicated by the setting of the "Block
      contains an EID-reference field" (EID_REF) bit of the block
      processing control flags.  If one or more references are present,
      flags in the ciphersuite ID field, described below, specify which.

      If no EID fields are present, then the composite field itself MUST
      be omitted entirely and the EID_REF bit MUST be unset.  A count
      field of zero is not permitted.

   o  The possible EIDs are:

      *  (OPTIONAL) Security-source - specifies the security-source for
         the block.  If this is omitted, then the source of the bundle
         is assumed to be the security-source unless otherwise
         indicated.

      *  (OPTIONAL) Security-destination - specifies the security-
         destination for the block.  If this is omitted, then the
         destination of the bundle is assumed to be the security-
         destination unless otherwise indicated.

      If two EIDs are present, security-source is first and security-
      destination comes second.

It should say:

   o  EID-references - composite field defined in [DTNBP] containing one
      or more references to endpoint identifiers (EIDs) (optional) [DTNBP].
      Presence of the EID-reference field is indicated by the setting
      of the "Block contains an EID-reference field" (EID_REF) bit of
      the block processing control flags.  If the security-source and
      security-destination are present, flags in the ciphersuite ID
      field, described below, specify which. Additional EID references MAY
      also be present.

      If no EID fields are present, then the composite field itself MUST
      be omitted entirely and the EID_REF bit MUST be unset.  A count
      field of zero is not permitted.

   o  Among the possible EIDs are:

      *  (OPTIONAL) Security-source - specifies the security-source for
         the block.  If this is omitted, then the source of the bundle
         is assumed to be the security-source unless otherwise
         indicated.

      *  (OPTIONAL) Security-destination - specifies the security-
         destination for the block.  If this is omitted, then the
         destination of the bundle is assumed to be the security-
         destination unless otherwise indicated.

      If present, the security-source and security-destination are the
      first EID references, with the security-source first, followed by
      the security-destination.



Section 2.5,pg.21 says:

   The process is reversed at the security-destination with the
   recovered plaintext block replacing the ESB that had encapsulated it.
   Processing of EID-list entries, if any, is described in Section 2.4,
   and this MUST be followed in order to correctly recover EIDs.

It should say:

   The EID reference to the security-source (if present) is the first
   entry in the EID list, followed by the EID reference to the security-
   destination (if present). The EID reference list from the block being
   protected is then copied to the ESB, and the EID reference count is
   updated appropriately.

   The process is reversed at the security-destination with the
   recovered plaintext block replacing the ESB that had encapsulated it.
   The security-source and security-destination (if present) are removed
   from the EID list, and any remaining entries are copied to the
   recovered plaintext block.



Section 4.4,pg.50 says:

   Subsequent ESBs MUST contain a correlator value to link them to the
   first ESB.  Security-source and security-destination are implied from
   the first ESB; however, see the discussion in Section 2.4 concerning
   EID-list entries.  Subsequent ESBs MUST contain security-parameters
   and security-result fields as follows:

It should say:

   Subsequent ESBs MUST contain a correlator value to link them to the
   first ESB.  Security-source and security-destination are implied from
   the first ESB; however, see the discussion in Section 2.5 concerning
   EID-list entries.  Subsequent ESBs MUST contain security-parameters
   and security-result fields as follows:



Section 2.5,pg.21 says:

   The ESB is placed in the bundle in the same position as the block
   being protected.  That is, the entire original block is processed
   (encrypted, etc.) and encapsulated in a "replacing" ESB-type block,
   and this appears in the bundle at the same sequential position as the
   original block.  The processed data is placed in the security-result
   field.

It should say:

   The ESB is placed in the bundle in the same position as the block
   being protected.  That is, the entire original block is processed
   (encrypted, etc.) and encapsulated in a "replacing" ESB-type block,
   and this appears in the bundle at the same sequential position as the
   original block.  The processed data is placed in the security-result
   field.

   Any existing EID-list in the to-be-encapsulated original block
   remains exactly as-is, and is copied to the EID-list for the
   replacing block.  The encapsulation process MUST NOT replace or
   remove the existing EID-list entries.  This is critically important
   for correct updating of entries at the security-destination. The
   EID-list copied into the replacing block MAY be preceded by EID
   references for the security-source and security-destination.