Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-flow-protection
Tero Kivinen <kivinen@iki.fi> Wed, 19 July 2017 08:17 UTC
Return-Path: <kivinen@iki.fi>
X-Original-To: i2nsf@ietfa.amsl.com
Delivered-To: i2nsf@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 98527131BFE; Wed, 19 Jul 2017 01:17:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.12
X-Spam-Level:
X-Spam-Status: No, score=-1.12 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JMrzcKewK28m; Wed, 19 Jul 2017 01:17:07 -0700 (PDT)
Received: from mail.kivinen.iki.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C785131C13; Wed, 19 Jul 2017 01:17:06 -0700 (PDT)
Received: from fireball.acr.fi (localhost [127.0.0.1]) by mail.kivinen.iki.fi (8.15.2/8.15.2) with ESMTPS id v6J8H1XW020355 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Wed, 19 Jul 2017 11:17:01 +0300 (EEST)
Received: (from kivinen@localhost) by fireball.acr.fi (8.15.2/8.14.8/Submit) id v6J8H1Il013588; Wed, 19 Jul 2017 11:17:01 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
Message-ID: <22895.5501.430778.169927@fireball.acr.fi>
Date: Wed, 19 Jul 2017 11:17:01 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Rafa Marin-Lopez <rafa@um.es>
Cc: Valery Smyslov <svanru@gmail.com>, i2nsf@ietf.org, IPsecME WG <ipsec@ietf.org>
In-Reply-To: <CC3CAE3F-8562-4259-B53A-F22B1F019BFC@um.es>
References: <021c01d2ffcf$95f043b0$c1d0cb10$@gmail.com> <22894.9183.134135.875338@fireball.acr.fi> <CC3CAE3F-8562-4259-B53A-F22B1F019BFC@um.es>
X-Mailer: VM 8.2.0b under 25.1.1 (x86_64--netbsd)
X-Edit-Time: 31 min
X-Total-Time: 31 min
Archived-At: <https://mailarchive.ietf.org/arch/msg/i2nsf/txG5B_XJB_pZvC51tdqwBToZAuE>
Subject: Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-flow-protection
X-BeenThere: i2nsf@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "*I2NSF: Interface to Network Security Functions mailing list*" <i2nsf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/i2nsf/>
List-Post: <mailto:i2nsf@ietf.org>
List-Help: <mailto:i2nsf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i2nsf>, <mailto:i2nsf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 19 Jul 2017 08:17:09 -0000
Rafa Marin-Lopez writes: > I.e. any TLA would love to get their hands on all the traffic keys in > one location, and then be able to decrypt any traffic going inside any > of the IPsec tunnels. > > If controller only has the PSKs or similar to do the authentication > between peers, then that means that the TLA needs to do active attack > for each connection they want to break. > > Beause of this I think it is always best not to move the transport > keys outside the boxes that needs them, i.e., keep them only on the > nodes doing actual encryption / decryption. > > Also knowing that the controller most likely keeps all kind of logs > and takes backup of the configurations it is keeping, this also makes > the backups suitable targets for attacks, as they allow decryption > previously stored flows of traffic, and this can be done years later > when one of those backups accidently finds its way to wrong hands. > > [Rafa] In reality, the controller can forget immediately the > credentials that has been generated. As a security measure , the > controller does not need to store any keys it has distributed. No it cannot. The keys needs to be installed in multiple nodes, which means that when it generates them it needs to store them until it is sure that every single device needing them has them. Also if any single device restarts, it will need new keys, and those keys again needs to be destributed to all other entities sharing SA keys with the node. Also even if if could remove the keys quite quickly after generating them, in practice I do not think that is going to happen, as operators want to be able to see what is the configuration that was sent to node, which then requires controller to keep configuration available. > This I think is important question, i.e., what is the gain for not > running IKEv2 between the nodes? > > [Rafa] As Yoav mentioned, simpler devices. I do not really belive that. You need security protocol to be able to transmit the configuration to the nodes, and that security protocol will require similar resource than what IKEv2 needs. To be able to do the actual ESP traffic for links will require much more resources than running IKE to setting up the SA. Yes, you can leave few kilobytes of code out from the flash, as you do not need to implement IKEv2. Also you loose all kind of features too, like ability to spport roaming clients (i.e., laptop, or phone etc connecting to network through VPN, or actually connecting IPsec to any other node that is not directly controlled by the controller). Note, that the controller cannot run IKEv2 in behalf of any of nodes it is controlling, as that is forbidden by the IPsec (IKE and Child SA are tied together so that if one goes down, the other MUST go down too). See section 2.4 of RFC7296 end of 4th paragraph (line 14 of page 28). Also if you are limiting yourself to the endpoint-to-endpoint transport mode (section 1.1.2 of RFC7296) with policy given by the controller, you do not need full IKEv2 implementation, you can implement minimal IKEv2 (RFC7815), with exception that you also need to implement the responder side also. Using the frequently generated PSKs distributed from the controller, and minimal IKEv2, will give you much better security than when you transport traffic keys from controller. Btw, on Friday there will be presentation in ipsecme where they implemented minimal IKEv2 with GDOI modifications (i.e., IKEv2 + multicast key distribution) in device which having 256 kB of flash, and 32 kB of ram, and that implementation included the full network support also, not only IKEv2... > [Rafa] Basically, the SDN controller will know when to do the rekey. Please, > see the YANG model in our draft. There is notification “expire” Ah, sorry, I have not read the draft yet, as I have been too busy with other things, but if there is two way communication between the node and controller, than that works fine. -- kivinen@iki.fi
- [I2nsf] draft-abad-i2nsf-sdn-ipsec-flow-protection Valery Smyslov
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Paul Wouters
- [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-flow-p… Tero Kivinen
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Yoav Nir
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Yaron Sheffer
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Yoav Nir
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Alejandro Pérez Méndez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Gabriel Lopez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Valery Smyslov
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Valery Smyslov
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Alejandro Pérez Méndez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Tero Kivinen
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Valery Smyslov
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Gabriel Lopez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Rafa Marin-Lopez
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Valery Smyslov
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Yoav Nir
- Re: [I2nsf] [IPsec] draft-abad-i2nsf-sdn-ipsec-fl… Gabriel Lopez