[IPsec] draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt-01
Michael Richardson <mcr+ietf@sandelman.ca> Wed, 03 July 2019 17:38 UTC
Return-Path: <mcr+ietf@sandelman.ca>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DF1C5120663 for <ipsec@ietfa.amsl.com>; Wed, 3 Jul 2019 10:38:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.199
X-Spam-Level:
X-Spam-Status: No, score=-4.199 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KGMAVclUqCj5 for <ipsec@ietfa.amsl.com>; Wed, 3 Jul 2019 10:38:24 -0700 (PDT)
Received: from tuna.sandelman.ca (tuna.sandelman.ca [IPv6:2607:f0b0:f:3:216:3eff:fe7c:d1f3]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 45E1F120630 for <ipsec@ietf.org>; Wed, 3 Jul 2019 10:38:24 -0700 (PDT)
Received: from sandelman.ca (unknown [IPv6:2607:f0b0:f:2:56b2:3ff:fe0b:d84]) by tuna.sandelman.ca (Postfix) with ESMTP id ED81B38192; Wed, 3 Jul 2019 13:36:28 -0400 (EDT)
Received: from localhost (localhost [IPv6:::1]) by sandelman.ca (Postfix) with ESMTP id 8CADCBB7; Wed, 3 Jul 2019 13:38:22 -0400 (EDT)
From: Michael Richardson <mcr+ietf@sandelman.ca>
To: sandeepkampati@huawei.com, ipsec@ietf.org
cc: MeduriS.Bharath@huawei.com
X-Attribution: mcr
X-Mailer: MH-E 8.6; nmh 1.7+dev; GNU Emacs 24.5.1
X-Face: $\n1pF)h^`}$H>Hk{L"x@)JS7<%Az}5RyS@k9X%29-lHB$Ti.V>2bi.~ehC0; <'$9xN5Ub# z!G,p`nR&p7Fz@^UXIn156S8.~^@MJ*mMsD7=QFeq%AL4m<nPbLgmtKK-5dC@#:k
MIME-Version: 1.0
Content-Type: multipart/signed; boundary="=-=-="; micalg="pgp-sha256"; protocol="application/pgp-signature"
Date: Wed, 03 Jul 2019 13:38:22 -0400
Message-ID: <21677.1562175502@localhost>
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/ClN6rmszVjX8AciNWufXUYk1Hek>
Subject: [IPsec] draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt-01
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 03 Jul 2019 17:38:34 -0000
Sandeep, I read the document this past week.
I found the claim that the TS and SA details were worth optimizing to be surprising.
So I counted the size of the CHILDSA proposal.
This means the SAi2, TSi and TSr in the initiator,
With the responder providing SAr2, TSi and TSr.
HDR, SK {N(REKEY_SA), SA, Ni, [KEi,]
TSi, TSr} -->
TSx = 8 (header) + 8 + 8 = 24 (IPv4)
8 + 8 + 32 = 48 (IPv6)
SAi2= 8+4(SPI) + transforms
transforms = 8+ 4(cipher)+ 4(integ) = 16 bytes
total = 28 bytes.
Ni = 4 + nonce-size (16+ bytes)
N(REKEY_SA) = 8 bytes.
total: SAi2 (28bytes) plus 2x TSx 24 * 2 + Ni 20 bytes + N 8= 104 bytes (IPv4).
SAi2 (28bytes) plus 2x TSx 48 * 2 + Ni 20 bytes + N 8= 152 bytes (IPv6).
I have not included KEi, as you did in your section 3.2.1, because I assume
that if computation and netweork resources are at premium, that doing
additional exponentiation is inappropriate. Maybe a new DH every N rekeys.
KEx = 8 + 32 bytes (256-bit ECDSA) = 40 bytes.
potentially there are some notifications, at 8 bytes each, potentially
longer. Replacing this with a single 16-byte Notify would be a win on
total bytes, but as it does not reduce the number of packets at all, I'm
still having difficulty believing it really matters.
It might be worth putting the nonce into the SA_TS_UNCHANGED payload, as that
saves another 4 bytes.
A new Ni/Nr is needed each time as the child SA key derivation needs that
freshness. So, the math is:
all ts-opt all-ke ts-opt-ke
IPv4: 104 36 144 74
IPv6: 152 36 202 74
{There are some assumptions that I have made in this calculation.
Probably some mistakes, so if an important argument point, I'll post a Google
Calc page with my assumptions.
The cost of KE size with DH groups would be bigger than with ECDH groups. }
--
Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works
-= IPv6 IoT consulting =-
- [IPsec] draft-kampati-ipsecme-ikev2-sa-ts-payload… Michael Richardson
- Re: [IPsec] draft-kampati-ipsecme-ikev2-sa-ts-pay… Sandeep Kampati
- Re: [IPsec] draft-kampati-ipsecme-ikev2-sa-ts-pay… Michael Richardson
- Re: [IPsec] draft-kampati-ipsecme-ikev2-sa-ts-pay… Paul Wouters