Re: [dtn] bpsec implementations

Mehmet Adalier <madalier@antarateknik.com> Thu, 19 July 2018 20:33 UTC

Return-Path: <madalier@antarateknik.com>
X-Original-To: dtn@ietfa.amsl.com
Delivered-To: dtn@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C5B0130EE7 for <dtn@ietfa.amsl.com>; Thu, 19 Jul 2018 13:33:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.745
X-Spam-Level:
X-Spam-Status: No, score=-0.745 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_NUMERIC_HELO=1.164, T_DKIMWL_WL_MED=-0.01] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c2Vpj_jcehMa for <dtn@ietfa.amsl.com>; Thu, 19 Jul 2018 13:33:32 -0700 (PDT)
Received: from sonic306-26.consmr.mail.gq1.yahoo.com (sonic306-26.consmr.mail.gq1.yahoo.com [98.137.68.89]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 788BB130F29 for <dtn@ietf.org>; Thu, 19 Jul 2018 13:33:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1532032412; bh=SXi7moYhNY8Tv5KHP64JzouezEsjED75P1C67xA3zGM=; h=Date:Subject:From:To:References:In-Reply-To:From:Subject; b=e2MLxyxjUyEKnocuG2geq5c+pHlCayBaIo2T7OywPOxG1KKUhMmVOG/5rnt/UVnSVW3uTH1UUhCtrix8fNs0PCOqtamJBxgMdTHf2va8D71xNzcbl69dx65DY3XK7VI6PBhG5odkEe0GvA9OPySpanE9chLnC45V+3Rl1iTEUKszodXnAX9rUYLDNb5+oSGbPTSF9Adxv2WOWnS1wuhD9yslgzgnoIkm0cORBmze5ZeTjKsTHKw7+5Ed1Z2kKno0x0VNNP95Eyn1NQHTY6IfqZK4KZbdZSodQE/sdvzNit1aa9IO2vql0dI//gLU86dnr8fN5McTKdmiv0tMx7Creg==
X-YMail-OSG: mGQCgDgVM1n6LdBYTX0BzpbHIKyYX9ehIOZFM1Mvza7QfplgiGHNjIBNdYnnQEv E8nHqiHPyhVmblJ7dqqu.xFc8SmXBAfgdtiz6dQDY0j4lhRSpy0AsSLXZAROvUntVncMUpZhKXA7 hDataltw8IMtM0Ziks3wA94kSlsknPczqr8iaFpCBpjrTcfjlWBueQ.WHBsmynlMPFPIAeKzcKvL F33wf9RsH32IV28KIba7K8zXjO9sgYDzOGrM58A5kvMBNtuRP47iMZ4txMqOMA3tjA6WXvEE.4d0 sdK3IzP9zeN5oCqPqJXg1HBiy49f5hEmu45QeVQ2D_Nayq3DRccTgs1Z1vtVtDi8QMWHH0blHNgD rb0SmCtpEW7T_BoMB_rcsUbh5Jy0LaxHN9VI45q3tDYsvLUm5IX1NR2rpmcv7TzMCkix8hS7vncN LgqUBFIMXaB2CMz5Ji59EMzs_1By9PzDcpY4QbKCukFFRRYDJs5U9tZmXeVYHMRZxCtEeKTwFRQ3 sww4mjp.Y.XEacOpAunk7nA4hz0dtZjvOM_3jhy3nkHrzqVUmaUqrwoBuGw7kGqN_yVIv4WwsaPJ BA4U7QyZHTZBOdh3w.KRDsDkFrssW3liBxGKtZm4e1KSTfOYeu_Dd6D_9YRcvofGm9ApjRXGBSDc OgiCALH3hBm_y7fm32RzZeO.9nBVljKJsqrRQvb0VXQ1vJYc8Sh5biaO3tjrgRvt2agh2s8BWW83 GB0OMfUg8IoAn_VbbbWu9L_fDOJ4GwlT8xx_OpjKnxcPFt1Hc2.SI5WlmU49UOs9PObsNSQVwW0u MYFEQuxE6v3KxOSZO6V59FSMn6FEKvf1KtU9yqLdILlJd7JFwREQjmYcavn5V4Svw0nglNOC.1.W HfQSk6eVwtjTMLAdG9u9cXwlmgtft0RKiswuPMM6hwUDGb5iAjLtqHmUBJnRvxUXrRA2FQEcQPBv LH.XQI9kvS.po29tHFbfpyIlfgU3SeO6Ai.W0blG2o1.xHGMqnpf3MnypNKdG7AwLoxC0Bpx3xC6 id9Pj3g--
Received: from sonic.gate.mail.ne1.yahoo.com by sonic306.consmr.mail.gq1.yahoo.com with HTTP; Thu, 19 Jul 2018 20:33:32 +0000
Received: from 67.159.150.85 (EHLO [192.168.1.5]) ([67.159.150.85]) by smtp404.mail.gq1.yahoo.com (Oath Hermes SMTP Server) with ESMTPA ID 146647f08ec9249917fed5811b97a755; Thu, 19 Jul 2018 20:33:28 +0000 (UTC)
User-Agent: Microsoft-MacOutlook/10.e.1.180613
Date: Thu, 19 Jul 2018 13:33:26 -0700
From: Mehmet Adalier <madalier@antarateknik.com>
To: Marc Blanchet <marc.blanchet@viagenie.ca>, DTN WG <dtn@ietf.org>
Message-ID: <63419EA7-657C-4E16-B0A8-2CAA4F576B61@antarateknik.com>
Thread-Topic: [dtn] bpsec implementations
References: <67554550-77E9-4CDD-A846-40F3B02085A5@viagenie.ca>
In-Reply-To: <67554550-77E9-4CDD-A846-40F3B02085A5@viagenie.ca>
Mime-version: 1.0
Content-type: text/plain; charset="UTF-8"
Content-transfer-encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/dtn/7ATmHegTMlbVIgXHYJLTddzvClc>
Subject: Re: [dtn] bpsec implementations
X-BeenThere: dtn@ietf.org
X-Mailman-Version: 2.1.27
Precedence: list
List-Id: "Delay Tolerant Networking \(DTN\) discussion list at the IETF." <dtn.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dtn>, <mailto:dtn-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dtn/>
List-Post: <mailto:dtn@ietf.org>
List-Help: <mailto:dtn-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dtn>, <mailto:dtn-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 19 Jul 2018 20:33:35 -0000

Marc,
We have defined/ implemented a BPsec Cipher Suite, designed to be interoperable with the bpsec-interop cipher suite 
	It supports both PSK and ECDHE based on ECDSA curves P384 and P256.
	Confidentiality: AES 128 (compatibility) and 256-bit, modes GCM and CTR
	Integrity: HMAC256, HMAC384, ECDSA P256 and P384 signatures.
	For symmetric bundle key encryption, we use NIST SP.800-38F key wrap/unwrap.

We have also implemented BPsec based on the draft, based on Ed and Scott's work within the ION 3.6.1 code base.

Afaik, ION is not BPbis compliant yet, so I guess technically our implementation may be more sbsp.

Mehmet Adalier
Antara Teknik LLC 

On 7/19/18, 12:14 PM, "dtn on behalf of Marc Blanchet" <dtn-bounces@ietf.org on behalf of marc.blanchet@viagenie.ca> wrote:

    Hello,
      given its relative complexity, it would be good to know if the BPSEC 
    specification (draft-ietf-dtn-bpsec and cipher profiles) have been 
    implemented. If you have implemented this specifications, please say so 
    here or directly to the chairs (dtn-chairs@ietf.org).
    
    Marc.
    
    _______________________________________________
    dtn mailing list
    dtn@ietf.org
    https://www.ietf.org/mailman/listinfo/dtn