IETF Logo Mail Archive

Re: [lisp] Secdir early review of draft-ietf-lisp-nexagon-04

Tero Kivinen <kivinen@iki.fi> Fri, 09 October 2020 18:28 UTC

Return-Path: <kivinen@iki.fi>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B9F203A1000; Fri, 9 Oct 2020 11:28:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.312
X-Spam-Level:
X-Spam-Status: No, score=-2.312 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, NICE_REPLY_A=-0.213, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=iki.fi
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id h8XV4I88zR-q; Fri, 9 Oct 2020 11:28:38 -0700 (PDT)
Received: from lahtoruutu.iki.fi (lahtoruutu.iki.fi [IPv6:2a0b:5c81:1c1::37]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7D0CB3A0FFA; Fri, 9 Oct 2020 11:28:36 -0700 (PDT)
Received: from fireball.acr.fi (fireball.acr.fi [83.145.195.1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: kivinen) by lahtoruutu.iki.fi (Postfix) with ESMTPSA id 53BE31B004DF; Fri, 9 Oct 2020 21:28:32 +0300 (EEST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1602268112; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kbzl6c13OP2iXcQ91WuGpUjrMQdOxpjCA/LdHXdhgbU=; b=XOXrYr+Z+7PbwsLPn9kVRFdFl9D4gCe8Dk80CJPOuagHg4KNzL0UzcHqmICeP49PAF7PiS z8mjD5OBDl54fa1ln+EErxidqO0Ytcl5LkE07xubm5gl04gkTFk19W9Vv/1YEJv8Sn76w/ eaX/F5sPiJvaVQHpd/+HcOkasATupNVNvQi+Bdtq6q5p95saKt88YrqpGBw1leshFwNoHG RKM4N7JiT/LT6s2zizN99X2Y1rJQDs59ABJDgi7x4OwCSB5c/gMbfE1Du8VM9TGFw2RVk9 sDsa4hPyOqVHYYcJqv2VWVjUGrGR3ZH34lPu9Xan73NXEvzrQr20X8/Us8UP/g==
Received: by fireball.acr.fi (Postfix, from userid 15204) id 4954F25C0E24; Fri, 9 Oct 2020 21:27:56 +0300 (EEST)
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Message-ID: <24448.43948.218771.384183@fireball.acr.fi>
Date: Fri, 09 Oct 2020 21:27:56 +0300
From: Tero Kivinen <kivinen@iki.fi>
To: Sharon Barkai <sharon.barkai@getnexar.com>
Cc: secdir@ietf.org, lisp@ietf.org, draft-ietf-lisp-nexagon.all@ietf.org, David Mandelberg <david@mandelberg.org>
In-Reply-To: <90E55F95-C6BB-4D30-814B-ECDF0CDC990A@getnexar.com>
References: <160218848061.12936.5873889616190686198@ietfa.amsl.com> <90E55F95-C6BB-4D30-814B-ECDF0CDC990A@getnexar.com>
X-Mailer: VM 8.2.0b under 26.3 (x86_64--netbsd)
X-Edit-Time: 1 min
X-Total-Time: 0 min
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=iki.fi; s=lahtoruutu; t=1602268112; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=kbzl6c13OP2iXcQ91WuGpUjrMQdOxpjCA/LdHXdhgbU=; b=UkT4Eq7sHlUHJ170eayfHyrBsPHIb2HFUT1IIG4hkw1nkN3ZtRfXaOiPV1hAQTvwmfOI4T /Jfgy5S4zkbiueXWO6vhzWVeuOwjDjCpiSpfNwyYbZHUBy34qQr9+UqI7e16odanEJb1ii Z6rID90fHO6Pn38hWEaHFR1JZVOOwmtMc9sl2EAgMYn0IECqwOb5HsoXEsAQAeJhPPbGPs jzDOQksMpXjZmGLqHSQLqUUl9ai3ZES56/JWX1EugbbQRj6SXfkTiW1Aivmn4U9LpsN0hn yFpX3YuQf85ZvYK0v5ZXRAKolcrV1g40EZhcJGyo1UBwZnu6M2wDHhYS/1tkNw==
ARC-Seal: i=1; s=lahtoruutu; d=iki.fi; t=1602268112; a=rsa-sha256; cv=none; b=eQZsrU2q+QJxyWy+qms1dVQjtYHKiF7F3uWCTfPdUdFjLafcxPKrDkEsELHgDb0vcGVpsr I0L3AK/FGJ9qyHXAq4YS+16sDEj78SU9cN3yCelP4qSxkPZSiE7mUS0B9t59H9i2XxMsTx TY812bO6qLvRoLcx+06TrBwGJVTU5Kkjms4MWROeC5gPo5jhGQkMU1QOyOARUeaP1SqS9Z xxf9EjawMimCNAFmcPEQEVOSGbPiEjGaR7UStxJ3po+CVlT/UW7iJWiVv5uDxmgZttuavm j/D5x4ieYJWTacAjHzNIfeps7Vtp8eJlqy10Z+eTV3bdN6S7x4g14f573TL2wA==
ARC-Authentication-Results: i=1; ORIGINATING; auth=pass smtp.auth=kivinen smtp.mailfrom=kivinen@iki.fi
Archived-At: <https://mailarchive.ietf.org/arch/msg/lisp/8ZljRzEbqjZPpd8Pk4X85-u6aqA>
Subject: Re: [lisp] Secdir early review of draft-ietf-lisp-nexagon-04
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Oct 2020 18:28:41 -0000

Sharon Barkai writes:
> Tero, really want to thank you for putting in the time, you clearly
> understood the draft completely and point to areas we invested
> thought on but can improve the wording.

I was not the reviewer, the review was done by David Mandelberg, but
for some reason his review emails did not get delivered to the secdir
list, and I filled them in to the datatracker on his behalf and thats
why the datatracker sent the emails out as coming from me to secdir
and other lists. For discussion about the draft and review, you better
contact him. 

> Before adjusting the draft would like to rehash together with the
> group, Joel, and Luigi the themes pointed, which are spot on, so to
> reach the best possible language.
> 
> 1) End to end encryption -
> 
> Nexagon uses LISP tunnels end to end:
> - between EIDClients and EdgeRTRs
> - between ingress and egress EdgeRTR
> - between EdgeRTRs and H3EIDServices
> 
> Depending on the specific  nexagon network as service offered we would like to
> offer the option to encrypt all communications on these tunnels.
> 
> We could suggest IPSec, draft-ietf-lisp-crypto-10 which specifies RFC2631 key
> exchange over LISP tunnels, also DTLS was suggested.
> 
> Should we determine one or just describe the geo privacy and commercial
> exposure if encryption is not used, especially on the tunnels between
> MobilityEIDClients and EdgeRTRs?
> 
> 2) Spoofing and imposters - 
> 
> EdgeRTRs and H3EIDServices are provisioned in the service provider edge
> network. EdgeRTRs which are added to the network are provisioned with the
> mapping system, H3EIDServices are whitelist provisioned with their designated
> EdgeRTRs.
> 
> We rely on the edge network routers to detect and stop spoofing using industry
> standard double-lookup source/dest  mechanisms.
> Should we state so?
> 
> The MobilityEIDClients are behind mobile access networks and go through AAA
> step before receiving ephemeral EIDs and EdgeRTR  RLOCs as anchors. 
> 
> This EID is based on their client ID credentials, and this EID is whitelist
> provisioned by the AAA to the EdgeRTR given to the client as an anchor. 
> 
> The ipv6 EIDs given to these clients reflect their credibility reputation and
> authorization level to pub-sub into the nexagon network. It is going to be
> very hard to guess a valid EIDClient which an EdgeRTR expects after AAA to
> whitelist provision. These EIDs are temporary and expire after 15 minutes.
> 
> Spoofed EIDClients which are sniffed are going to be detected by the EdgeRTRs
> because of mismatched client RLOC. Spoofed client RLOCs are detected by the
> mobile packet core.
> 
> Should we detail these aspects in security considerations ? 
> 
> 3) Fake news and client trust -
> 
> This is a higher level concern as it is with many other protocols. Privacy and
> reputation require trade-offs. The lisp-nexagon network uses crowd-sourced
> street sampling to reflect current geo-state. Even the most honest client may
> still be wrong, have faulty vision gear, gps interruption, or buggy AI.
> Malicious clients may try to manipulate geo-state to their advantage, clear
> their path from traffic, or simply try to saw confusion. 
> 
> For this reason all detections are corroborated and trust level of each client
> is constantly scored by the H3EIDServices and updates the AAA system. This
> credit score update reflects the behavior of  the assigned ephemeral client
> EID not the client, a car for ecample. But the AAA system knows which client
> ID credentials the EID map to. The AAA system does not need to know the geo
> association of these EID scores. They can be aggregated from all H3EIDServices
> before handed to AAA.
> 
> We can describe this general behavior even though its part of management and
> orchestration and not part of the LISP-Nexagon interface specification.   
> 
> After we clear these 3 key items to everyone satisfaction we can quickly turn
> around the doc to one more iteration. 
> 
> Thank you in advance!
> 
> --szb
> Cell: +972.53.2470068
> WhatsApp: +1.650.492.0794
> 
>     On Oct 8, 2020, at 23:21, Tero Kivinen via Datatracker <noreply@ietf.org>
>     wrote:
> 
>     Reviewer: David Mandelberg
>     Review result: Not Ready
>    
>     I have reviewed this document as part of the security directorate's
>     ongoing effort to review all IETF documents being processed by the
>     IESG.  These comments were written primarily for the benefit of the
>     security area directors.  Document editors and WG chairs should treat
>     these comments just like any other last call comments.
>    
>     The summary of the review is Not ready.
>    
>     If I understand correctly, 64-bit Client EIDs serve as both
>     identification and authentication for a client. How many clients will an
>     EdgeRTR know about at a single time? How many EIDs can an attacker guess
>     per second? If an attacker can guess 1024 EIDs per second, and there are
>     2^32 valid EIDs, I think that would mean it would take about 24 days on
>     average to guess a (non-specific) EID. Are my numbers off? Is that
>     acceptable?
>    
>     How does the Client XTR verify the authenticity of the data coming from
>     Server XTRs? Is it relying on infrastructure security in the LISP and
>     server networks, and the obscurity of its own Client EID? E.g., if a
>     non-participant in the LISP network can get the Client EID and RLOC
>     (e.g., by sniffing packets), could they spoof an unsolicited multicast
>     packet to the client?
>    
>     If the above is possible, I think this part of the Security
>     Considerations section should be fleshed out more, and possibly made
>     mandatory: "The traffic on the MobilityClient<>EdgeRTR interface is
>     tunneled  and its UDP content may be encrypted"
>    
>     The Security Considerations section says "The H3ServiceEIDs themselves
>     decrypt and parse actual H3-R15 annotations" but as far as I can tell,
>     that's the first mention of any mandatory encryption of H3-R15
>     information. How does that encryption work?
>    
>     I assume it wouldn't be that hard for an attacker to get legitimate
>     access to a Mobility Client (e.g., by buying a car). What would stop
>     them from sending the type of "fake-news" updates the Security
>     Considerations section talks about?

-- 
kivinen@iki.fi

v2.23.0 | Report a Bug | By Email