Re: [dtn-security] Key Management hop-by-hop ciphersuite
Stephen Farrell <stephen.farrell@cs.tcd.ie> Tue, 09 June 2009 10:10 UTC
Received: from SG2EHSOBE002.bigfish.com (sg2ehsobe002.messaging.microsoft.com [207.46.51.76]) by maillists.intel-research.net (8.13.8/8.13.8) with ESMTP id n59AAJOj030248 for <dtn-security@maillists.intel-research.net>; Tue, 9 Jun 2009 03:10:20 -0700
Received: from mail2-sin-R.bigfish.com (10.210.100.240) by SG2EHSOBE002.bigfish.com (10.210.112.22) with Microsoft SMTP Server id 8.1.340.0; Tue, 9 Jun 2009 10:02:14 +0000
Received: from mail2-sin (localhost.localdomain [127.0.0.1]) by mail2-sin-R.bigfish.com (Postfix) with ESMTP id 046771650208; Tue, 9 Jun 2009 10:02:14 +0000 (UTC)
X-SpamScore: -35
X-BigFish: VPS-35(zz1418M1432R98dR148cM1805Mzz1202hzz1033ILz2dh6bh17ch87il61h)
X-Spam-TCS-SCL: 0:0
X-FB-DOMAIN-IP-MATCH: fail
Received: by mail2-sin (MessageSwitch) id 1244541731899065_31084; Tue, 9 Jun 2009 10:02:11 +0000 (UCT)
Received: from imx2.tcd.ie (imx2.tcd.ie [134.226.1.156]) by mail2-sin.bigfish.com (Postfix) with ESMTP id 14B87A8052; Tue, 9 Jun 2009 10:02:11 +0000 (UTC)
Received: from Vams.imx2 (imx2.tcd.ie [134.226.1.156]) by imx2.tcd.ie (Postfix) with SMTP id 21F5968005; Tue, 9 Jun 2009 11:02:09 +0100 (IST)
Received: from imx2.tcd.ie ([134.226.1.156]) by imx2.tcd.ie ([134.226.1.156]) with SMTP (gateway) id A02988152C8; Tue, 09 Jun 2009 11:02:09 +0100
Received: from [134.226.36.180] (sfarrell.dsg.cs.tcd.ie [134.226.36.180]) by imx2.tcd.ie (Postfix) with ESMTP id E989668005; Tue, 9 Jun 2009 11:02:08 +0100 (IST)
Message-ID: <4A2E3321.901@cs.tcd.ie>
Date: Tue, 09 Jun 2009 11:02:09 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Thunderbird 2.0.0.21 (X11/20090302)
MIME-Version: 1.0
To: M.Bhutta@surrey.ac.uk
References: <89E48AE60E64EF4E8EB32B0B7EC74920A1B159@EVS-EC1-NODE2.surrey.ac.uk>
In-Reply-To: <89E48AE60E64EF4E8EB32B0B7EC74920A1B159@EVS-EC1-NODE2.surrey.ac.uk>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-AntiVirus-Status: MessageID = A12988152C8
X-AntiVirus-Status: Host: imx2.tcd.ie
X-AntiVirus-Status: Action Taken:
X-AntiVirus-Status: NONE
X-AntiVirus-Status: Checked by TCD Vexira. (version=1.60.2 VDF=10.107.6)
Cc: dtn-security@maillists.intel-research.net
Subject: Re: [dtn-security] Key Management hop-by-hop ciphersuite
X-BeenThere: dtn-security@maillists.intel-research.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: DTN Security Discussion <dtn-security.maillists.intel-research.net>
List-Unsubscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=unsubscribe>
List-Archive: <http://maillists.intel-research.net/pipermail/dtn-security>
List-Post: <mailto:dtn-security@maillists.intel-research.net>
List-Help: <mailto:dtn-security-request@maillists.intel-research.net?subject=help>
List-Subscribe: <http://maillists.intel-research.net/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@maillists.intel-research.net?subject=subscribe>
X-List-Received-Date: Tue, 09 Jun 2009 10:10:21 -0000
Hi Nasir, M.Bhutta@surrey.ac.uk wrote: > Hi, > >>From internet-draft "Key Management Requirements", it is a requirement > that key management should support all mandatory ciphersuites. First I wouldn't take that (expired) draft as being something that's gotten broad consensus - at this stage I think its really just a set of opinions of mine, but I'm really happy to get others' input, so thanks for bringing it up. The point I was trying to make with that requirement is that if someone does go and define a (generic) key management scheme for DTNs, then they had better consider the existing ciphersuites. I've seen some papers both in DTN and more generally related to PKI where the authors define a key management scheme that won't do that (e.g. I guess some of the IBE things). The problem with that would be that we'd end up with a way to establish keys, but no (interoperable) way to use 'em. Were the authors of such key management schemes to also fully specify accompanying ciphersuites then I think that'd be fine. (I'm not saying I'd agree with 'em, but at that point at least we could have a good argument:-) > For Hop-by-Hop integrity and authentication, the ciphersuite > BAB-HMAC only supports symmetric cryptography.. > > 1. Does this means, when we are looking for key establishment > while assuming pre-installed public keys, then we also have to take > assumption that symmetric keys also exist between two nodes for > hop-by-hop authentication and integrity.. Not necessarily. If you assume pre-installed public keys, then you could define a new bundle payload protocol (or set of extension blocks, not sure) that'd allow you to do key transport or key agreement in order to manage those shared secrets. I'd really like to see someone write that I-D. The core of that is pretty easy, it probably just needs to adopt some CMS structures for key transport/agreement. I think the main issue though would be how to gracefully handle lost or badly delayed bundles. For example, if a key manager tries to distribute new keys to nodes 1 & 2 but the relevant bundles only arrive at node 1, then how do we ensure that we don't break BAB verification between nodes 1 & 2? Probably by allowing some kind of window but there's work to be done to get that right. Actually that might usefully use the stuff about superseding bundles [1] now that I think of it. And/or maybe node 1 could pass along the key mgmt extension to node 2 similar to how kerberos does things. Getting that right requires a bit of thought and consideration of various use cases and failure modes so its non-trivial. (But again, I'd love to see someone take it on.) > > 2. Are we not making Key Management dependent on distribution of > symmetric keys between forwarder and intermediate receiver while using > public key only.. No. See #1 above:-) S. [1] http://www.ietf.org/internet-drafts/draft-parikh-bundle-superseding-extension-block-00.txt > > Please comment... > > thanks > > regards, > Nasir > > > ------------------------------------------------------------------------ > > _______________________________________________ > dtn-security mailing list > dtn-security@maillists.intel-research.net > http://maillists.intel-research.net/mailman/listinfo/dtn-security
- Re: [dtn-security] Key Management hop-by-hop ciph… Stephen Farrell
- [dtn-security] Key Management hop-by-hop ciphersu… M.Bhutta