RE: RE:Pre-draft: SEAL as an IPv6 extensionheader(was:Fragmentation-related Security issues) (Templin, Fred L)
"Templin, Fred L" <Fred.L.Templin@boeing.com> Mon, 16 January 2012 15:30 UTC
Return-Path: <Fred.L.Templin@boeing.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 32BF021F861E for <ipv6@ietfa.amsl.com>; Mon, 16 Jan 2012 07:30:12 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.576
X-Spam-Level:
X-Spam-Status: No, score=-6.576 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l+2-1QpPbNnE for <ipv6@ietfa.amsl.com>; Mon, 16 Jan 2012 07:30:10 -0800 (PST)
Received: from slb-smtpout-01.boeing.com (slb-smtpout-01.boeing.com [130.76.64.48]) by ietfa.amsl.com (Postfix) with ESMTP id ADADD21F860F for <ipv6@ietf.org>; Mon, 16 Jan 2012 07:30:10 -0800 (PST)
Received: from stl-av-01.boeing.com (stl-av-01.boeing.com [192.76.190.6]) by slb-smtpout-01.ns.cs.boeing.com (8.14.4/8.14.4/8.14.4/SMTPOUT) with ESMTP id q0GFTra0013965 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 16 Jan 2012 07:29:56 -0800 (PST)
Received: from stl-av-01.boeing.com (localhost [127.0.0.1]) by stl-av-01.boeing.com (8.14.4/8.14.4/DOWNSTREAM_RELAY) with ESMTP id q0GFU4Kq029534; Mon, 16 Jan 2012 09:30:04 -0600 (CST)
Received: from XCH-NWHT-05.nw.nos.boeing.com (xch-nwht-05.nw.nos.boeing.com [130.247.25.109]) by stl-av-01.boeing.com (8.14.4/8.14.4/UPSTREAM_RELAY) with ESMTP id q0GFU1SR029488 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=OK); Mon, 16 Jan 2012 09:30:02 -0600 (CST)
Received: from XCH-NW-01V.nw.nos.boeing.com ([130.247.64.97]) by XCH-NWHT-05.nw.nos.boeing.com ([130.247.25.109]) with mapi; Mon, 16 Jan 2012 07:29:49 -0800
From: "Templin, Fred L" <Fred.L.Templin@boeing.com>
To: Sreenatha setty <sreenatha.b@huawei.com>
Date: Mon, 16 Jan 2012 07:29:46 -0800
Subject: RE: RE:Pre-draft: SEAL as an IPv6 extensionheader(was:Fragmentation-related Security issues) (Templin, Fred L)
Thread-Topic: RE:Pre-draft: SEAL as an IPv6 extensionheader(was:Fragmentation-related Security issues) (Templin, Fred L)
Thread-Index: AczRritoWWU5eFohSYun74sigPsbGwAXpFLAABD05nAAfLHN4AAH6HZQ
Message-ID: <E1829B60731D1740BB7A0626B4FAF0A65C793AF7BD@XCH-NW-01V.nw.nos.boeing.com>
References: <E1829B60731D1740BB7A0626B4FAF0A65C793AF6EB@XCH-NW-01V.nw.nos.boeing.com> <8F4DB39B04694D3FB200A2F934DF564D@china.huawei.com>
In-Reply-To: <8F4DB39B04694D3FB200A2F934DF564D@china.huawei.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_E1829B60731D1740BB7A0626B4FAF0A65C793AF7BDXCHNW01Vnwnos_"
MIME-Version: 1.0
Cc: "ipv6@ietf.org" <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 16 Jan 2012 15:30:12 -0000
Hi Sreenatha, In the -01 draft, it is indeed proposing that the SEAL field be formatted as a new destination option of type SEAL and not a new extension header. Here is the revised abstract: "The Subnetwork Encapsulation and Adaptation Layer (SEAL) provides a mid-layer header designed for the encapsulation of an inner network layer packet within outer network layer headers. SEAL also supports a transport mode of operation, where the inner payload corresponds to an ordinary transport layer payload. However, SEAL can also provide benefit when used as an IPv6 destination option that contains a digital signature inserted by the source. The source can thereafter use the signature to verify that any ICMPv6 messages received actually came from a router on the path, while destinations that share a secret key with the source can verify the signature to ensure data origin authentication." Thanks - Fred ________________________________ From: Sreenatha setty [mailto:sreenatha.b@huawei.com] Sent: Monday, January 16, 2012 3:51 AM To: Templin, Fred L Cc: ipv6@ietf.org Subject: RE: RE:Pre-draft: SEAL as an IPv6 extensionheader(was:Fragmentation-related Security issues) (Templin, Fred L) Hi Fred, Since SEAL Extension header is need to be processed only by destination node, why it should not be treated as NEW DESTINATION OPTION OF TYPE SEAL rather than NEW EXTENSTION HEADER? I went through the new draft proposed by S. Krishnan and other members by name "An uniform format for IPv6 extension headers". Thins drafts specify that any new extension header proposal should explain the facts why it can not be treated as Option's in any of the Existing Extension header and detailed explanation should be given to clarify why it must be treated as Extension Header? Thanks - Sreenatha ________________________________ From: Templin, Fred L [mailto:Fred.L.Templin@boeing.com] Sent: Saturday, January 14, 2012 5:40 AM To: Sreenatha setty; ipv6@ietf.org Subject: RE: RE:Pre-draft: SEAL as an IPv6 extensionheader(was:Fragmentation-related Security issues) (Templin, Fred L) FYI, I have posted a new version that addresses these issues: https://datatracker.ietf.org/doc/draft-templin-sealopt/ Thanks - Fred ________________________________ From: ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of Templin, Fred L Sent: Friday, January 13, 2012 9:37 AM To: Sreenatha setty; fltemplin@acm.org Cc: ipv6@ietf.org Subject: RE: RE:Pre-draft: SEAL as an IPv6 extension header(was:Fragmentation-related Security issues) (Templin, Fred L) Hi Sreenatha, You are right that the draft needs to be clarified on this point. The answer is that whether or not there is a shared secret key the destination node can validate or not validate the signature as it deems fit. If the destination willl not validate the signature, then it simply ignores the SEAL option and processes the next option. If the destination sees the SEAL option as an unknown option type, then it should ignore the option and process the next option. This would seem to indicate that the SEAL digital signature should appear as a Destination Option and not as its own header extension, because the destination would discard any packet with an extension header having an unknown "Next Header" value. I will update the draft with these changes. Thanks - Fred ________________________________ From: ipv6-bounces@ietf.org [mailto:ipv6-bounces@ietf.org] On Behalf Of Sreenatha setty Sent: Thursday, January 12, 2012 8:45 PM To: fltemplin@acm.org Cc: ipv6@ietf.org Subject: RE:Pre-draft: SEAL as an IPv6 extension header(was:Fragmentation-related Security issues) (Templin, Fred L) Hi Fred, In the draft, the behavior of destination node in processing the SEAL header is need to be cleared. If nodes are not exchanging symmetric key and it received SEAL extension header packet and the packet is not ICMPv6 error packet, how destination node should process the SEAL header? It should simply ignore the SEAL header and go to next header processing or it should try to validate the signature in SEAL header? Thanks - Sreenatha ----------------------------------------------------- From: "Templin, Fred L" <Fred.L.Templin@boeing.com> To: Sreenatha setty <sreenatha.b@huawei.com>, "fltemplin@acm.org" <fltemplin@acm.org> Cc: "ipv6@ietf.org" <ipv6@ietf.org> Subject: RE: RE:Pre-draft: SEAL as an IPv6 extension header (was:Fragmentation-related Security issues) Message-ID: <E1829B60731D1740BB7A0626B4FAF0A65C793AF16B@XCH-NW-01V.nw.nos.boeing.com> Content-Type: text/plain; charset="us-ascii" Hi Sreenatha, Since posting my message, I have submitted an actual draft that deprecates the list-posted pre-draft: https://datatracker.ietf.org/doc/draft-templin-sealopt/ The posted version makes the observation that the source can use the SEAL option either in coordination with the destination (in which case the source includes a digital signature that the destination can verify) or independently from the destination (in which case the source can include any type of signature it likes). Your question seems to stem from the former case: > 1. SEAL IPv6 extension header functionality is similar to AH header functionality > which is already standardized in RFC 2402(IP Authentication Header). AH header > also calculates the ICV of the packet [Section 3.3.3.1.2 ICV Computation for IPv6 > in RFC 2402] which is used to check the integrity of the packet. So what is the > advantage of using SEAL header over AH header? When the source and destination share a secret key used for digital signature calculation and verification, it is true that SEAL somewhat resembles AH. However, the SEAL source only calculates the digital signature over the leading 128 bytes of the packet beginning with the SEAL header itself. So, unlike AH, the digital signature does not cover the entire packet and does not cover a pseudo-header of the IPv6 header. This has two important implications. First, when a router on the path needs to drop an IPv6 packet with a SEAL option and return an ICMP error message, the packet-in-error within the ICMP will include enough of the leading portion of the SEAL packet so that the source can verify that the ICMP was generated by an on-path router. The same is not true for AH, since the AH ICV covers the entire packet, and the packet-in-error field within the ICMP message may not include the entire packet. Second, the digital signature will remain valid even if the IPv6 header is subject to network address translation. ------------------------------ Message: 3 Message-ID: <mailman.1071.1326393779.3200.ipv6@ietf.org> ight weight data origin authentication and integrity checking capability for the leading 128 bytes of the packet. The Identification field additionally prov= ides the destination with a means to detect replayed packets. Note that this provides less authentication assurance than AH, since a middlebox on the path could alter the "tail" of the packet beyond the leading 128 bytes. But= , it defeats off-path spoofing attacks. Note again that, when the source and destination are not engaged in a digital signing and verification relationship, the source could sign the message any way it wants, e.g., by writing a constant or time-varying nonce. In that case, the destination would be vulnerable to an off-path attacker guessing the nonce and hence should not use the nonce as a data origin authentication signature. Thanks - Fred PS The number 128 was chosen so that enough of the packet would be included to provide sufficient inter-packet diversity in calculating the di= gital signature. However, I could also see an arguement for a smaller number, e.g., 64, 80, 96, etc.
- RE:Pre-draft: SEAL as an IPv6 extension header(wa… Sreenatha setty
- RE: RE:Pre-draft: SEAL as an IPv6 extension heade… Templin, Fred L
- RE: RE:Pre-draft: SEAL as an IPv6 extension heade… Templin, Fred L
- RE: RE:Pre-draft: SEAL as an IPv6 extensionheader… Sreenatha setty
- RE: RE:Pre-draft: SEAL as an IPv6 extensionheader… Templin, Fred L
- The SEAL IPv6 Destination Option Templin, Fred L