[dtn-security] Bundle Authentication Block interoperability

"Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov> Mon, 07 December 2009 19:30 UTC

Received: from ndjsnpf03.ndc.nasa.gov (ndjsnpf03.ndc.nasa.gov [198.117.1.123]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id nB7JTxQw012465 for <dtn-security@maillists.intel-research.net>; Mon, 7 Dec 2009 11:30:00 -0800
Received: from ndjsppt02.ndc.nasa.gov (ndjsppt02.ndc.nasa.gov [198.117.1.101]) by ndjsnpf03.ndc.nasa.gov (Postfix) with ESMTP id 4AB6231082E for <dtn-security@maillists.intel-research.net>; Mon, 7 Dec 2009 13:30:29 -0600 (CST)
Received: from ndjshub02.ndc.nasa.gov (ndjshub02-pub.ndc.nasa.gov [198.117.1.161]) by ndjsppt02.ndc.nasa.gov (8.14.3/8.14.3) with ESMTP id nB7JU11N004188 for <dtn-security@maillists.intel-research.net>; Mon, 7 Dec 2009 13:30:29 -0600
Received: from NDJSSCC03.ndc.nasa.gov ([198.117.4.170]) by ndjshub02.ndc.nasa.gov ([198.117.1.161]) with mapi; Mon, 7 Dec 2009 13:24:31 -0600
From: "Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov>
To: "dtn-security@maillists.intel-research.net" <dtn-security@maillists.intel-research.net>
Date: Mon, 7 Dec 2009 13:24:04 -0600
Thread-Topic: Bundle Authentication Block interoperability
Thread-Index: Acp3cta+p5YCBVDVQtitzO8crwDp2A==
Message-ID: <3A5AA67A8B120B48825BFFCF54438561945FE46FA3@NDJSSCC03.ndc.nasa.gov>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.8161:2.4.5, 1.2.40, 4.0.166 definitions=2009-12-07_10:2009-11-30, 2009-12-07, 2009-12-07 signatures=0
Content-Transfer-Encoding: 8bit
X-MIME-Autoconverted: from quoted-printable to 8bit by maillists.intel-research.net id nB7JTxQw012465
Subject: [dtn-security] Bundle Authentication Block interoperability
X-BeenThere: dtn-security@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <dtn-security.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@maillists.intel-research.net>
List-Help: <mailto:dtn-security-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Mon, 07 Dec 2009 19:30:00 -0000

We have been running DTN-2 and ION interoperability tests for BAB up to 64 Kbyte blocks using "dtn" naming.

We have run into a problem in that it appears to be in the Hash algorithm or implementation.

DTN2 code is using the OpenSSL HMAC functions.

According to Scott Burleigh, "The ION code's SHA1 implementation is taken from git, which seems to be using the SHA 180-1 Reference Implementation (Compact Version) developed by Paul Kocher.  The HMAC implementation was written by Bill Van Biesen from RFC 2104 and validated with NIST test vectors."

I was wondering if any other DTN bundling implementations have implemented BAB and tested it with other DTN bundling implementations? (i.e. Spindle III, Symbian, JAVA implementations, etc...).


Will


******************************
William D. Ivancic
Phone 216-433-3494
Fax 216-433-8705
Networking Lab 216-433-2620
DTN Lab 216-433-2981
Mobile 440-503-4892
http://roland.grc.nasa.gov/~ivancic