[dtn-security] Re(4): Bundle Security Protocol details

"Peter Lovell" <peter.lovell@sparta.com> Fri, 17 November 2006 18:04 UTC

Received: from M4.sparta.com (M4.sparta.com []) by webbie.berkeley.intel-research.net (8.11.6/8.11.6) with ESMTP id kAHI4DY19265 for <dtn-security@mailman.dtnrg.org>; Fri, 17 Nov 2006 10:04:13 -0800
Received: from Beta5.sparta.com (beta5.sparta.com []) by M4.sparta.com (8.13.5/8.13.5) with ESMTP id kAHI479S011103; Fri, 17 Nov 2006 12:04:07 -0600
Received: from nemo.columbia.ads.sparta.com (nemo.columbia.sparta.com []) by Beta5.sparta.com (8.12.11/8.13.1) with ESMTP id kAHI46gp020049; Fri, 17 Nov 2006 12:04:07 -0600
Received: from [] ([]) by nemo.columbia.ads.sparta.com with Microsoft SMTPSVC(6.0.3790.1830); Fri, 17 Nov 2006 13:04:06 -0500
From: "Peter Lovell" <peter.lovell@sparta.com>
To: "Symington, Susan F." <susan@mitre.org>, "Stephen Farrell" <stephen.farrell@cs.tcd.ie>
Cc: hsw <hsw@sparta.com>, <dtn-security@mailman.dtnrg.org>
Date: Fri, 17 Nov 2006 13:04:03 -0500
Message-Id: <20061117180403.31940@nemo.columbia.sparta.com>
In-Reply-To: <8E507634779E22488719233DB3DF9FF0012296CB@IMCSRV4.MITRE.ORG>
References: <20061117000457.309686795@> <8E507634779E22488719233DB3DF9FF0012296CB@IMCSRV4.MITRE.ORG>
X-Mailer: CTM PowerMail version 5.2.3 build 4406 English <http://www.ctmdev.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 17 Nov 2006 18:04:06.0302 (UTC) FILETIME=[C5B743E0:01C70A72]
Subject: [dtn-security] Re(4): Bundle Security Protocol details
Sender: dtn-security-admin@mailman.dtnrg.org
Errors-To: dtn-security-admin@mailman.dtnrg.org
X-BeenThere: dtn-security@mailman.dtnrg.org
X-Mailman-Version: 2.0.13
Precedence: bulk
Reply-To: dtn-security@mailman.dtnrg.org
List-Unsubscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=unsubscribe>
List-Id: DTN Security Discussion <dtn-security.mailman.dtnrg.org>
List-Post: <mailto:dtn-security@mailman.dtnrg.org>
List-Help: <mailto:dtn-security-request@mailman.dtnrg.org?subject=help>
List-Subscribe: <http://mailman.dtnrg.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@mailman.dtnrg.org?subject=subscribe>
List-Archive: <http://mailman.dtnrg.org/pipermail/dtn-security/>

Hi Susan,

>>My interpretation is that the source, destination and security
>>are compound fields, as suggested by having a single bit for 
>>each. As such, security-result-length and security-result
>>would both be in the first block (res bit set) or both be
>>in the second (res bit off).
>Yes, I agree.

I suggest that we clarify the language to indicate that "security
result" is a compound field, consisting of "security result length" and
"security result data". The phrase "security result" refers to the
compound field.

Bit 11 ("res" bit) indicates whether or not the "security result" (length
+data) is in a block (bit is set) or not (bit is zero). Length+data
always go together and are never split.

>>In addition, there is no requirement that the
>>security-result-length be known in advance. Of course, 
>>in many cases it will be but I'm not aware
>>that it is required to be. 
>Well I've been assuming it is always known in advance.
>Is this an invalid assumption?

I don't think it's invalid, it's just that I had not also made that

I don't know of a digest mechanism which produces results which vary in
length but I can imagine that there are some. 

>>If the security-result-length is included in the canonicalization
>>then it must be fixed before any digesting begins. If it is not
>>fixed, then canonicalization must exclude the security result data
>>(as it already does), the security result length (because it is
>>size known since it's SDNV) and the block-length field must be
>>not known, nor is its adjusted to exclude the size for these two.
>>If we digest the length field than it can't ever be variable-length.
>Why can't it be variable length?  

The problem comes if you have multiple BA blocks. Not the "split block"
kind, but where there are multiple BAs for some reason, such as key-
rollover or whatever. Which one do you canonicalize first and what value
can you use for the length of the second, if you don't know that until
you do the second?

The answer is that you can't do this unless the lengths for ALL BAs are
known before you start digesting for ANY of them. And these lengths also
are part of the overall block length for each block.

Since I didn't want to preclude variable-length, and also because it
seemed that "security result" intended to mean "length+data", I had
thought to exclude both parts of that field from canonicalization.

However, I don't think this is a big deal. If we require fixed length
then that's OK with me. We just need to clarify what we mean.

>>>2. The new "security result offset" field that is being suggested
>>>should indicte the offset of the start of the security result field
>>>(not of the security result length field).

In line with the definition suggested at the top, I prefer that it point
to the start of the "security result" field and not the start of the
data field ["security result data"]. This is the same start point as the
length field["security result length"], of course.