IETF Logo Mail Archive

Re: [IPsec] IPsec with QKD

<Paul_Koning@Dell.com> Wed, 12 November 2014 20:12 UTC

Return-Path: <Paul_Koning@dell.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 33EED1AD248 for <ipsec@ietfa.amsl.com>; Wed, 12 Nov 2014 12:12:30 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -7.595
X-Spam-Level:
X-Spam-Status: No, score=-7.595 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.594, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id yta0FvGJL5OI for <ipsec@ietfa.amsl.com>; Wed, 12 Nov 2014 12:12:23 -0800 (PST)
Received: from ausxipps301.us.dell.com (ausxipps301.us.dell.com [143.166.148.223]) (using TLSv1 with cipher DHE-RSA-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 169951AD0AE for <ipsec@ietf.org>; Wed, 12 Nov 2014 12:11:27 -0800 (PST)
DomainKey-Signature: s=smtpout; d=dell.com; c=nofws; q=dns; h=X-LoopCount0:X-IronPort-AV:From:To:CC:Subject: Thread-Topic:Thread-Index:Date:Message-ID:References: In-Reply-To:Accept-Language:Content-Language: X-MS-Has-Attach:X-MS-TNEF-Correlator:x-originating-ip: Content-Type:Content-ID:Content-Transfer-Encoding: MIME-Version:Return-Path; b=l5s+w1i1pKikYWSD3IQNRr2u+27INQKcmmpgQkV960d4QYYFf8SsX8Sq 23ktmIZlTEjhHiMlD9rIn5+fgTHnrr0yyj2J1E9yTw/i8t75Aw/pClPuo wVtzrCyUP1KBS+jy0usRXZ+0lurIKKH/jOOM/LqNPApAhZFqmlRdM98hP o=;
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=dell.com; i=@dell.com; q=dns/txt; s=smtpout; t=1415823088; x=1447359088; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-id:content-transfer-encoding: mime-version; bh=lZEYR4FYzzU+o6oZyPp82hhEjthbDwic3J7WZCT1S9A=; b=iqmCs8+OLgBCZVPXC8okpUrP2uUN94vhGNMBZvsZx3+b8v0PEHMYVDpC h/CmLVHfLIzv/aBzpuPZeFIp9LBC8tZlsg32Earx12yjHaWPHI0Tz/RQn HyAPtgNxJog57kpPjvm7Ojnc0rksdIhfFiBK1GgPYKRUQjbVf7Ojv5JxJ U=;
X-LoopCount0: from 10.170.28.41
X-IronPort-AV: E=Sophos;i="5.07,370,1413262800"; d="scan'208";a="588285818"
From: Paul_Koning@Dell.com
To: t-ietf@putwet.me.uk
Thread-Topic: [IPsec] IPsec with QKD
Thread-Index: AQHP/gwgxJlXedT23kqGoNCWS0yan5xcuEIAgAEXAgCAAALfgA==
Date: Wed, 12 Nov 2014 20:11:23 +0000
Message-ID: <FA37C5CA-6F55-4A30-ADC0-7C902849CC5F@dell.com>
References: <14BE57EA00BC0C469E17B5AD698FE67783D07A82@FR711WXCHMBA03.zeu.alcatel-lucent.com> <5462A3C5.8050601@putwet.me.uk> <34767662-9F6F-4C36-8B77-1787FD705157@sfc.wide.ad.jp> <5463BC80.5020702@putwet.me.uk>
In-Reply-To: <5463BC80.5020702@putwet.me.uk>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [10.166.135.92]
Content-Type: text/plain; charset="Windows-1252"
Content-ID: <98B6FC7BBCAAF640B29D0687C34FB827@dell.com>
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/ipsec/nBs3KLaAGBu7gq_oLMZ9yLk30-Y
Cc: rdv@sfc.wide.ad.jp, ipsec@ietf.org, kurosagi@sfc.wide.ad.jp, shigeya@wide.ad.jp
Subject: Re: [IPsec] IPsec with QKD
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Nov 2014 20:12:30 -0000

On Nov 12, 2014, at 3:01 PM, Tony Putman <t-ietf@putwet.me.uk> wrote:

> ...
> Perhaps this the key point: will the initiator ever be in a position
> where it does not know that the responder will accept QKD?

I would say yes.  That would be a policy matter; it could be viewed as a downgrade, and if so you may want to block downgrade attacks by insisting on QKD.  But if the QKD channel has failed, your options are (a) don’t communicate, (b) use a conventional key agreement algorithm, or (c) send in the clear.  (c) is an unlikely choice in practice, but both (a) and (b) are plausible depending on policy preferences.  What you suggest would enable (b) in a straightforward way.

> ...
> At this stage, I'm not taking a position on whether a new Payload ID is
> used.  I'm only saying that the same format can be used either way.  In
> this case, the "Key Exchange Method Num" (which may or may not be
> identical to the "Diffie-Hellman Group Num" in the KE Payload) is
> equivalent to your "version": evolving just consists of defining a new
> Method; also, this will be the same number as is used as the Transform
> ID (and should be maintained by IANA), so that you can negotiate which
> version to use.  I described previously how I envisage implementing
> negotiation on fallback policy, so I don't see a need to explicitly
> include it in the QKD KeyID payload.

In a sense, the existing DH group number already carries a kind of method selector: we have the MODP flavor of D-H and the ECP one.  While they share basic concepts, they clearly are not the same algorithm.  So redefining that field to have that more general meaning certainly seems reasonable.

	paul

v2.23.0 | Report a Bug | By Email