IETF Logo Mail Archive

Re: some comments/suggestions on draft-gont-6man-non-stable-iids-02

Dave Plonka <dave@plonka.us> Fri, 23 March 2018 14:27 UTC

Return-Path: <dave@plonka.us>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5224512D96B for <ipv6@ietfa.amsl.com>; Fri, 23 Mar 2018 07:27:55 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=plonka-us.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mK4uzPAXJn9m for <ipv6@ietfa.amsl.com>; Fri, 23 Mar 2018 07:27:53 -0700 (PDT)
Received: from mail-oi0-x22f.google.com (mail-oi0-x22f.google.com [IPv6:2607:f8b0:4003:c06::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6CFFE127863 for <ipv6@ietf.org>; Fri, 23 Mar 2018 07:27:53 -0700 (PDT)
Received: by mail-oi0-x22f.google.com with SMTP id u84-v6so1222612oie.10 for <ipv6@ietf.org>; Fri, 23 Mar 2018 07:27:53 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=plonka-us.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=ZUnjJzZRVhoQ4QZN9QYotPC18Sb5yfAVRQKox23QvOg=; b=CO7rk5xQXPh1vVF5U9khYgyAuiIoUluxnAwfswSCIemP2xowTCOK6zoDGkuCtjvqeU 97NhVx64Z5rYXC00FP8fHTdUANS1tPfz43EAvpLTjdp4cf+nDwEOd5FuduZKXcJWz9qn mmSUskcfhB5wm0BBy3R5ESc9tnJ41Z0gvpxhVMejPz62xRst/xbQaPs6AIdbNL/oo3jI ++jmnPHBQtxRHEiocYlWe010cF5Du4z+ChFo2rR/6qkPGt9BZLETHUCQ5YrAX74rOcTH Afy8+55E98TESS5pLKVA0S4btBCDLSRgWBFAwn43jR7jWbU/AzOvHFOkhR+YwB6CPmLr VLVQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=ZUnjJzZRVhoQ4QZN9QYotPC18Sb5yfAVRQKox23QvOg=; b=PwbTshoewkoX/pe3KOydKimlvzNXf0Qxf5cbR4mYeGCBCOvZkE7a4yVFaYFeZFLmYW S35sBLnDp3iydOFRdTrl5oITe4sGiPMsgAiepS3rkDh3x0rSZU4GAv5eDursw7FqqSDo +PAonrDknHpZbNmn40vpg48igJUtxZJZmTqc6YcR2V/IufzA39/tSYSCMBXblIdI1lhS yHc0EuGfmHGP/5UFP5+ID0C7HBzxToD3HV6U9nXphS+BPV8GFHVBVKaBXP1kyWx2qPBd RgU1PF3sI5oMos/Ma/M1taHbZY2D9nlJ7e6bMZBL+tqgNULCRQL1FnYbGCO3t8hCusc/ qU7A==
X-Gm-Message-State: AElRT7FHsC2x0xrx5gNbLizsQh5VGEU+mOd0ZLszd1alnBGQv7vii6UK qBFCivKvgqSYf0KR3BfR88/MD3sGsvSBM8zGiNVQGg==
X-Google-Smtp-Source: AG47ELtDo+LMpJ4nQb45NxGY54G1jb8CX1gP+SX+t8T0pPiMwLcu645W3kT5VaFHjbVp8Rgzh+HluxGkCCHvpx8UjgY=
X-Received: by 10.202.9.19 with SMTP id 19mr10190040oij.358.1521815272774; Fri, 23 Mar 2018 07:27:52 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.74.211.139 with HTTP; Fri, 23 Mar 2018 07:27:52 -0700 (PDT)
Received: by 10.74.211.139 with HTTP; Fri, 23 Mar 2018 07:27:52 -0700 (PDT)
In-Reply-To: <3de3fd01-185c-b2c6-2d38-d16014d0bd5d@gmail.com>
References: <CANPwAQYyT-54UHeD_nmrY+_4hW_P5n+kRh=FDBB51ii5mq1Vdg@mail.gmail.com> <7839777f-6b93-be5d-62ec-0823a21ec5bd@si6networks.com> <CANPwAQa1VH+Mp=BPR97z8x9V6Jx9R=3pX9GRYDCzMh9Qqfwd1g@mail.gmail.com> <b1fd4463-1062-2c88-70fc-ff60ea1862b0@si6networks.com> <127c3bf9-3e68-6117-6de1-a271ff35d5e5@gmail.com> <CANPwAQYYqxiqxdBeX0+0MPrxuzQVJJBLudegSvH-hCGUMgG3jA@mail.gmail.com> <3de3fd01-185c-b2c6-2d38-d16014d0bd5d@gmail.com>
From: Dave Plonka <dave@plonka.us>
Date: Fri, 23 Mar 2018 14:27:52 +0000
Message-ID: <CANPwAQaHe+m2qrrzpRsJF_KmM7NcU0GSLTn=zob2=A5K+BZxUg@mail.gmail.com>
Subject: Re: some comments/suggestions on draft-gont-6man-non-stable-iids-02
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Cc: Fernando Gont <fgont@si6networks.com>, lorenzo@google.com, ipv6@ietf.org
Content-Type: multipart/alternative; boundary="f4f5e808e63cbfbda70568153a24"
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/M1fq5C9gpU4RxQQ19c4th0911jQ>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 23 Mar 2018 14:27:55 -0000

I totally agree.

On Mar 21, 2018 12:13 AM, "Brian E Carpenter" <brian.e.carpenter@gmail.com>
wrote:

> below...
> On 20/03/2018 11:58, Dave Plonka wrote:
> > Hi Brian and Fernando,
> >
> > On Mon, Mar 19, 2018 at 10:27 PM, Brian E Carpenter
> > <brian.e.carpenter@gmail.com> wrote:
> >> On 20/03/2018 09:17, Fernando Gont wrote:
> >>> Hello, Dave,
> >>>
> >>> Thanks for the feedback!
> >>>
> >>> On 03/19/2018 03:48 PM, Dave Plonka wrote:
> >> ...
> >>>> This is why I propose words along these lines:
> >>>>
> >>>>    A Temporary Interface Identifier MUST be unpredictable by an
> >>>> outside entity even having knowledge of the host's method of
> >>>> generating the Interface Identifier, e.g., pseudo-random number
> >>>> generation algorithm, or knowledge of the host's prior or other
> >>>> Interface Identifiers.
> >>
> >> I know theoreticians who would pick holes even in that formulation.
> >> If I know the weaknesses in your PRNG, and how it picks its seed,
> >> I might be able to predict its output with a finite probability of
> >> success. But that seems like an acceptable risk.
> >
> > I agree. I took the "outside entity" to mean someone that didn't know
> > the seed, but might know the algorithm that operates on the seed.
> >
> > I mentioned PRNG as only one example ("e.g.") method of what an
> > implementer might do.
> > I'd actually prefer the draft not mention randomness, but rather that
> > an IID be unpredictable.
> >
> >>> This would be in replacement of this:
> >>>
> >>>    5.  It must be difficult for an outside entity to predict the
> >>>        Interface Identifiers that will be generated by the algorithm,
> >>>        even with knowledge of the Interface Identifiers generated for
> >>>        configuring other addresses.
> >>
> >> It seems to cover the same ground.
> >
> > They are close, but we could strengthen the implementer's goal from
> > "difficult [to predict]" to "unpredictable."
> >
> > This is inline with Brian's comment that a poor PRNG's output may be
> > still remain difficult to predict, yet have a high probability of
> > success.
> >
> > I certainly don't disagree with what the draft is trying to say, I
> > just think it can be stated better by:
> > (a) not mentioning IIDs differing from prior values or (b) that they
> > be random. In (a), requiring it to differ compromises the randomness
> > because it makes them, in small part, a function of the prior value.
> > In (b), there is no way to know that an IID is random, only plausibly
> > so (by testing it as a member of a set as we say here:
> > https://arxiv.org/pdf/1707.03900.pdf Section 2.1 "Identifying
> > Plausible Randomness," for instance.
> >
> > Perhaps a goal of being "unpredictable" and "plausibly random" would
> > be a good solution.
> >
> > What do you think?
>
> If you mean me personally, saying should or must be unpredicatble is
> necessary and sufficient. If we use the words 'random' or 'pseudorandom'
> you tend to wake up the mathematicians to no purpose.
>
>    Brian
>

v2.39.1 | Report a Bug | By Email | System Status