Re: [Hipsec] Comments on hiccups draft
Tobias Heer <heer@cs.rwth-aachen.de> Tue, 28 July 2009 14:42 UTC
Return-Path: <heer@informatik.rwth-aachen.de>
X-Original-To: hipsec@core3.amsl.com
Delivered-To: hipsec@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 7FB193A7035 for <hipsec@core3.amsl.com>; Tue, 28 Jul 2009 07:42:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.102
X-Spam-Level:
X-Spam-Status: No, score=-4.102 tagged_above=-999 required=5 tests=[AWL=0.699, BAYES_00=-2.599, HELO_EQ_DE=0.35, HELO_MISMATCH_DE=1.448, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id nmZTawKMREVH for <hipsec@core3.amsl.com>; Tue, 28 Jul 2009 07:41:59 -0700 (PDT)
Received: from mta-1.ms.rz.rwth-aachen.de (mta-1.ms.rz.RWTH-Aachen.DE [134.130.7.72]) by core3.amsl.com (Postfix) with ESMTP id 721283A6E3F for <hipsec@ietf.org>; Tue, 28 Jul 2009 07:41:59 -0700 (PDT)
MIME-version: 1.0
Content-transfer-encoding: 7bit
Content-type: text/plain; charset="US-ASCII"; format="flowed"; delsp="yes"
Received: from ironport-out-1.rz.rwth-aachen.de ([134.130.5.40]) by mta-1.ms.rz.RWTH-Aachen.de (Sun Java(tm) System Messaging Server 6.3-7.04 (built Sep 26 2008)) with ESMTP id <0KNH00CQNY5ZNLA0@mta-1.ms.rz.RWTH-Aachen.de> for hipsec@ietf.org; Tue, 28 Jul 2009 16:41:59 +0200 (CEST)
X-IronPort-AV: E=Sophos;i="4.43,283,1246831200"; d="scan'208";a="20658201"
Received: from relay-auth-1.ms.rz.rwth-aachen.de (HELO relay-auth-1) ([134.130.7.78]) by ironport-in-1.rz.rwth-aachen.de with ESMTP; Tue, 28 Jul 2009 16:41:58 +0200
Received: from dhcp-11f5.meeting.ietf.org ([unknown] [130.129.17.245]) by relay-auth-1.ms.rz.rwth-aachen.de (Sun Java(tm) System Messaging Server 7.0-3.01 64bit (built Dec 9 2008)) with ESMTPA id <0KNH0058GY5Y4B80@relay-auth-1.ms.rz.rwth-aachen.de> for hipsec@ietf.org; Tue, 28 Jul 2009 16:41:59 +0200 (CEST)
Message-id: <DBE7A7ED-1979-4BB3-B349-40773E9780A1@cs.rwth-aachen.de>
From: Tobias Heer <heer@cs.rwth-aachen.de>
To: hip WG <hipsec@ietf.org>
In-reply-to: <4A6F0B98.5000006@nomadiclab.com>
Date: Tue, 28 Jul 2009 16:41:56 +0200
References: <6512FD53-0253-4B49-BC0D-41022DBB9644@cs.rwth-aachen.de> <4A6F0B98.5000006@nomadiclab.com>
X-Mailer: Apple Mail (2.935.3)
Subject: Re: [Hipsec] Comments on hiccups draft
X-BeenThere: hipsec@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/hipsec>
List-Post: <mailto:hipsec@ietf.org>
List-Help: <mailto:hipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 28 Jul 2009 14:42:00 -0000
Hi Jan, Am 28.07.2009 um 16:30 schrieb Jan Melen: >> Section 3: Existence of the HMAC in the packet: >> The hiccups draft states that "[the payload is] protected by a >> PAYLOAD_HMAC parameter". To me it is unclear how such protection >> can possibly work. Since there is no previous handshake there are >> no keys for use in the HMAC. Jan explained that the HMAC is merely >> used as a way to create a digest over the packet for making the >> signature more efficient. However, if it is only used for creating >> the digest, I wonder why it is actually transmitted in the packet >> because without a secret included in the packet, the digest can >> easily be calculated and transmitting the digest in a packet seems >> to be a unnecessary waste of space. Am I missing something here? It >> would be nice if the draft was more precise about the nature and >> the use of the HMAC. >> > > if you do send it as the receiving end doesn't have to generate the > actual parameter that was used to create MAC code in order to verify > the signature. You must recalculate the digest anyway. Otherwise the receiver will only check that the signature covers the HMAC but the receiver will not check that the packet contents match the HMAC. In that sense only the HMAC but not the packet contents would be integrity-protected. Since you have to generate the digest over the whole packet anew anyway I do not see the advantage of sending it in the packet. Best regards, Tobias -- Dipl.-Inform. Tobias Heer, Ph.D. Student Distributed Systems Group RWTH Aachen University, Germany tel: +49 241 80 207 76 web: http://ds.cs.rwth-aachen.de/members/heer
- [Hipsec] Comments on hiccups draft Tobias Heer
- Re: [Hipsec] Comments on hiccups draft Jan Melen
- Re: [Hipsec] Comments on hiccups draft Tobias Heer
- Re: [Hipsec] Comments on hiccups draft Jan Melen
- Re: [Hipsec] Comments on hiccups draft Tobias Heer
- Re: [Hipsec] Comments on hiccups draft Jan Melen
- Re: [Hipsec] Comments on hiccups draft Jan Melen
- Re: [Hipsec] Comments on hiccups draft Tobias Heer