IETF Logo Mail Archive

Re: [IPsec] Comments: New Version Notification for draft-mglt-ipsecme-diet-esp-08

Daniel Migault <mglt.ietf@gmail.com> Tue, 07 June 2022 12:46 UTC

Return-Path: <mglt.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CA637C13C2DE for <ipsec@ietfa.amsl.com>; Tue, 7 Jun 2022 05:46:06 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.106
X-Spam-Level:
X-Spam-Status: No, score=-2.106 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 4R_E0Vpi4CaR for <ipsec@ietfa.amsl.com>; Tue, 7 Jun 2022 05:46:05 -0700 (PDT)
Received: from mail-lj1-x232.google.com (mail-lj1-x232.google.com [IPv6:2a00:1450:4864:20::232]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6EB78C13C2E0 for <ipsec@ietf.org>; Tue, 7 Jun 2022 05:43:35 -0700 (PDT)
Received: by mail-lj1-x232.google.com with SMTP id g25so19027754ljm.2 for <ipsec@ietf.org>; Tue, 07 Jun 2022 05:43:35 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Y+MEYWqP4D5Qcz4Kn8ZYkFdgkHoTZvAWHqGe1U4Va6s=; b=SfFF6WGEjOW6bZ5zlPyHlrY/ZvuUm5IOQoPbCZlURd6J9530G+cXrhp1C1NH1d+/DT ALKxSgjKcVkR87umJIWR1RHxxnxqw8HYP5/tACUNKyhInfwQZ7WwbFe9mDLyWyzCFCCc b2b44Dk7vDPPxMz16JivmSD0kRx5dgIh951KrbBCJ8AsRaS/Pc0UjxVCYJiO+nHUrwLl HN+EafrSfI4Tzv7h1jTZFJWl5aH6Zq4MY+I1d8OtmoDdmlnn7autYFcufkxNrks8T9SF FoE3XNRXg+v8MnQc7dhhAPptYCyHCd6T08+DgMlfvqFWPAI+DoGgoDzrOCKVc1ri0YSu cnIw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Y+MEYWqP4D5Qcz4Kn8ZYkFdgkHoTZvAWHqGe1U4Va6s=; b=8FCGhWc3AEFeMgb6c6ICSuZr2zWph+PkcR0zIkFgwwNuyLoClkNUklhzzOs0VTgKxg B7TOrhCLzdU65OlyqFNdA5zBTSlt4mQJRWcTuTkBQzc0zP+6AkyqhGKXmWZlBn7IGPDD w4ljXFC/EV5Sf4sYWNbfjvnEJThSFSoYTAqCpPQfpL/0MBzk7TXVcXpiphvNlTBX5JMD 6+WVK3aDlB/9PLzAWRzCAxFXcxnpTZ0XN5FcZRlr6r8EIfQn8KQ9J4NZmW0nI6NwMRnF bIKeVU6I370RmM6nfsfmvxAkh3IYOk9QG2L5XfHmDX2WsjCwLjo0mcK/tZG8royCnp9D 2xSA==
X-Gm-Message-State: AOAM532sfadHxUS8dKvINVELIFX3oOZppKQpru9MfmKbOpLYptEAdFIt j+q/TJ08foHBtqnxsSlu1OL0/kFEb0A5OEFi68PtSRO1SJo=
X-Google-Smtp-Source: ABdhPJxSESfNno3P0IQcluWhuchs78SLRsDLeK/2XZwAFIKxIT8KJ7yxXNm1kbwC4ubksKN+ruSpv8OCnmR8c86Lx6k=
X-Received: by 2002:a2e:bf14:0:b0:255:b789:576b with SMTP id c20-20020a2ebf14000000b00255b789576bmr803530ljr.47.1654605813632; Tue, 07 Jun 2022 05:43:33 -0700 (PDT)
MIME-Version: 1.0
References: <165245934076.55873.10897274756238806359@ietfa.amsl.com> <DM6PR15MB36891F40C6CE592453EA70B7E3CA9@DM6PR15MB3689.namprd15.prod.outlook.com> <53e16b45-a7a0-dcbe-2303-81d438749912@htt-consult.com> <437d32fa-9e1f-2711-285f-ad33567b5d4f@htt-consult.com>
In-Reply-To: <437d32fa-9e1f-2711-285f-ad33567b5d4f@htt-consult.com>
From: Daniel Migault <mglt.ietf@gmail.com>
Date: Tue, 07 Jun 2022 08:43:22 -0400
Message-ID: <CADZyTk=Wo9XkowSaMwVT7kqvOTMkVOJMjxk2wna=X+okkXm3vw@mail.gmail.com>
To: Robert Moskowitz <rgm-sec@htt-consult.com>
Cc: Daniel Migault <daniel.migault=40ericsson.com@dmarc.ietf.org>, IPsecME WG <ipsec@ietf.org>
Content-Type: multipart/alternative; boundary="000000000000c3d25605e0daefaf"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/KWMyEXpVmtLCgE3s4CDRzacts9g>
Subject: Re: [IPsec] Comments: New Version Notification for draft-mglt-ipsecme-diet-esp-08
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 07 Jun 2022 12:46:06 -0000

On Tue, Jun 7, 2022 at 8:14 AM Robert Moskowitz <rgm-sec@htt-consult.com>
wrote:

> Daniel,
>
> Back at it, now that ASTM is behind me...
>
> what will it take to bring this in line with SCHC.  I don't know SCHC
> well enough to pick up the differences.
>
> We are basically balancing re-using a framework used / standardized by the
IETF versus defining our own framework. So it is just to remain more
aligned or coherent with what the IETF does.


> What will it take to add AES-GCM-12 to supported ciphers by IKE (and
> thus ESP)?  For my use case, I have a hard time seeing why I need a
> 16-byte ICV.  Even an 30 min operation with streaming video is a limited
> number of packets.  I am going to talk to my contact at DJI to see what
> information they are willing to share...
>

I think we do not enable compression of the signature as the security
implications are too hard to catch. When an reduced ICV is needed, there is
a need to define the transform. In your case rfc4106 seems to address your
concern with a 12 and even 8 byte ICV.



>
> Bob
>
> On 5/16/22 16:47, Robert Moskowitz wrote:
> > Thanks, Daniel for the update.
> >
> > Now some comments.
> >
> >     The necessary state is held within the IPsec Security Association and
> >
> >    The document specifies the necessary parameters of the EHC Context to
> >    allow compression of ESP and the most common included protocols, such
> >    as IPv4, IPv6, UDP and TCP and the corresponding EHC Rules.
> >
> > Should any reference be made to cipher compression?  At least
> > reference to 8750?  Or since this is just the abs
> >
> >    It also
> >    defines the Diet-ESP EHC Strategy which compresses up to 32 bytes per
> >    packet for traditional IPv6 VPN and up to 66 bytes for IPv6 VPN sent
> >    over a single TCP or UDP session.
> >
> >
> > In UDP transport I am reducing 18 bytes (assuming cipher with zero
> > padding) to 4 bytes.  Also worth noting here...
> >
> >
> >    On the other hand, in IoT
> >    communications, sending extra bytes can significantly impact the
> >    battery life of devices and thus the life time of the device. The
> >    document describes a framework that optimizes the networking overhead
> >    associated to IPsec/ESP for these devices.
> >
> >
> > You say nothing about constrained comm links.  This compression may
> > make ESP viable over links like LoRaWAN.
> >
> >    ESP Header Compression (EHC) chooses another form of context
> >    agreement, which is similar to the one defined by Static Context
> >    Header Compression (SCHC).
> >
> > Reference rfc 8724.
> >
> > And more than 'similar"?  Maybe "based on the one"?
> >
> >    The context
> >    itself can be negotiated during the key agreement, which allows only
> >    minimal the changes to the actual ESP implementation.
> >
> > I don't get this.  What only allows minimal changes?  The key
> > agreement protocol or ECH?  If the later then perhaps:
> >
> >    The context
> >    itself can be negotiated during the key agreement, which then needs
> > only
> >    minimal the changes to the actual ESP implementation.
> >
> > More for introduction:
> >
> > Perhaps you can add that in transport mode, an SA may be for a single
> > transport/port to tune the ECH for that use and that multiple SAs
> > could be negotiated for this case.
> >
> > Question:  Can a single IKE exchange produce multiple SAs?
> >
> > Here is my use case:
> >
> > Between the UA and GCS are two flows.  One for Command and Control
> > (C2) the other streaming video.  Both over UDP, but different ports.
> > So instead of having carry the UDP ports in all the messages,
> > negotiate separate SAs with the appropriate ECH.
> >
> > Ah, I see this in Sec 5.  You should say something about this in the
> > intro.
> >
> > sec 4.
> >
> >    EHC is able to compress any protocol encapsulated in ESP and ESP
> >    itself.
> >
> > No really true per other claims.  Does it offer compressing RTP? I
> > need that, probably, for my streaming video app.
> >
> > to compress any IP and transport protocol...
> >
> > And only TCP and UDP are shown, what about, say, SCTP?
> >
> > BTW, I note that you use 'IKEv2'.  At this point is that really
> > needed?  Should just IKE be enough?  Has not IKEv1 been depreicated?
> >
> > 6.  EHC Context
> >
> >
> >    The EHC Context is defined on a per-SA basis.  A context can be
> >    defined for any protocol encapsulated with ESP and for ESP itself.
> >
> > Should that be "any IP or Transport protocol"?  To exclude layer 5
> > protocols (CoAP, RTP,,,)?
> >
> > Layer 5 protocols SHOULD be via standard SCHC with the SCHC Rule ID
> > included...
> >
> > Or maybe 'typically'?  As some layer 5 might be easy?  RTP maybe?
> >
> > So this is it for this round of comments.  I am looking at Appdx A and
> > making a UDP example.  Including IIV.
> >
> > Bob
> >
> > _______________________________________________
> > IPsec mailing list
> > IPsec@ietf.org
> > https://www.ietf.org/mailman/listinfo/ipsec
>
> _______________________________________________
> IPsec mailing list
> IPsec@ietf.org
> https://www.ietf.org/mailman/listinfo/ipsec
>


-- 
Daniel Migault
Ericsson

v2.23.0 | Report a Bug | By Email