Re: [lisp] LISP crypto
Dino Farinacci <farinacci@gmail.com> Fri, 06 November 2015 12:29 UTC
Return-Path: <farinacci@gmail.com>
X-Original-To: lisp@ietfa.amsl.com
Delivered-To: lisp@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B68671A007C for <lisp@ietfa.amsl.com>; Fri, 6 Nov 2015 04:29:22 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ex_Mew0p4BlD for <lisp@ietfa.amsl.com>; Fri, 6 Nov 2015 04:29:20 -0800 (PST)
Received: from mail-pa0-x22f.google.com (mail-pa0-x22f.google.com [IPv6:2607:f8b0:400e:c03::22f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id CE6FE1A0074 for <lisp@ietf.org>; Fri, 6 Nov 2015 04:29:20 -0800 (PST)
Received: by pacdm15 with SMTP id dm15so97855506pac.3 for <lisp@ietf.org>; Fri, 06 Nov 2015 04:29:20 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=content-type:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=4ZmUwprlSFAH60qZsZtt4fwbGgSo6o3EvZKKqpUi79o=; b=GxGOJsAnmGsObS6PNhSuZao8vouLov4nrhMRo4gLWgFSZqgZ7acbvaXZJqG5KdaG/l /3ByuP6df0QkdpH3q7RJqqxDefno8kHIxLo8dK+4458Ylv9CMPf9BxZCpvtT0jN6dnIA Mzyo0GlYrlw6IMnCq+xnhGWEwvyGEaFBfH98mGdAvruW7fqBXfjUVo5KDfoMK1E6bj8h d7pxIQCYtt68H7g6v7oqkal3I26Z4Rt9tNrh4HDk2u2bbRWJz8VoPU8+A1wl2rIF/dc4 lMqPxkKmGYiWifATkEYMHvlTBPsHEZFyfDTT9NkTcUgYd6vmqAXe4FMMa3v31qa+c4Bq +dDA==
X-Received: by 10.68.196.131 with SMTP id im3mr17267389pbc.59.1446812960401; Fri, 06 Nov 2015 04:29:20 -0800 (PST)
Received: from [10.71.7.211] ([101.110.53.38]) by smtp.gmail.com with ESMTPSA id ro3sm13889546pbc.69.2015.11.06.04.29.19 (version=TLSv1/SSLv3 cipher=OTHER); Fri, 06 Nov 2015 04:29:19 -0800 (PST)
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (1.0)
From: Dino Farinacci <farinacci@gmail.com>
X-Mailer: iPhone Mail (13B143)
In-Reply-To: <5508eb83eb0c4d7abfd28c71c1d46c7e@XCH-ALN-006.cisco.com>
Date: Fri, 06 Nov 2015 21:29:18 +0900
Content-Transfer-Encoding: quoted-printable
Message-Id: <E185B418-2B90-4D60-A168-07253A62CDC0@gmail.com>
References: <0289fb1a84a84cff89fa92a4559c829c@XCH-ALN-006.cisco.com> <FA68153A-54CE-4572-87E6-2167F6AB48F3@gmail.com> <46848e1566054f18828428d721391388@XCH-ALN-006.cisco.com> <326CA60F-2952-408E-B78D-2FD1540C6CEB@gmail.com> <5508eb83eb0c4d7abfd28c71c1d46c7e@XCH-ALN-006.cisco.com>
To: "Amjad Inamdar (amjads)" <amjads@cisco.com>
Archived-At: <http://mailarchive.ietf.org/arch/msg/lisp/rVowDpYTGhPgmQiLOElLMCTFuiI>
Cc: "lisp@ietf.org" <lisp@ietf.org>
Subject: Re: [lisp] LISP crypto
X-BeenThere: lisp@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: List for the discussion of the Locator/ID Separation Protocol <lisp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/lisp>, <mailto:lisp-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/lisp/>
List-Post: <mailto:lisp@ietf.org>
List-Help: <mailto:lisp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/lisp>, <mailto:lisp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2015 12:29:22 -0000
Configured shared-keys is a non- starter for LISP. Imagine and ITR, just with 10K map-cache entries that point to dual-homed LISP sites. That is 20K keys that not only need to be configured but colocated with those 20K RLOCs. RLOCs that can change due to EID-prefix mobility. Dino > On Nov 6, 2015, at 6:36 PM, Amjad Inamdar (amjads) <amjads@cisco.com> wrote: > > Hi Dino, > > The pre-shared key I mentioned about would need to be pre-configured on the peers/xTRs. DH shared secret is based on DH public values exchanged on the wire which QC can break. > > Thanks, > -Amjad > > > -----Original Message----- > From: Dino Farinacci [mailto:farinacci@gmail.com] > Sent: 06 November 2015 PM 12:15 > To: Amjad Inamdar (amjads) > Cc: lisp@ietf.org > Subject: Re: [lisp] LISP crypto > > In the lisp-crypto design, the ECDH shared secret is input to the KDF that produces the encryption key and integrity-check key. > > Sounds like we may already be doing what you suggest. > > And not clear to me how much more QC-safe this actually is. > > Dino > >> On Nov 6, 2015, at 1:47 PM, Amjad Inamdar (amjads) <amjads@cisco.com> wrote: >> >> Hi Dino, >> >> The thing being proposed with IKEv2 is to include a pre-shared key in the key derivation and with sufficient entropy in the pre-shared key, this would offer fair amount of protection. You can please refer draft-fluhrer-qr-ikev2 for further details. >> >> Thanks, >> -Amjad >> >> -----Original Message----- >> From: Dino Farinacci [mailto:farinacci@gmail.com] >> Sent: 06 November 2015 AM 05:34 >> To: Amjad Inamdar (amjads) >> Cc: lisp@ietf.org >> Subject: Re: [lisp] LISP crypto >> >> Amjad, we are aware of the QC-safe work going on in CFRG. We are following it but it is very researchy at this point. We can add some text indicating that we’ll follow any CFRG/SAAG recommendations (or any security area working group’s recommendation) on using QC-safe technology. >> >> If there is anything specific you want us to look at with IKE, please send some pointers. Thanks. >> >> Dino >> >>> On Nov 5, 2015, at 10:37 AM, Amjad Inamdar (amjads) <amjads@cisco.com> wrote: >>> >>> Hi Brian/Dino, >>> >>> The key material derivation proposed in draft-ietf-lisp-crypto is based on Diffie-Hellman which is not Quantum Computer resistant. There is some work underway to make IKE that uses DH for key derivation Quantum Computer safe. Might be a good idea to consider this for lisp-crypto as well. >>> >>> Thanks, >>> -Amjad >>> >>> From: Amjad Inamdar (amjads) >>> Sent: 03 November 2015 PM 12:33 >>> To: 'lisp@ietf.org' >>> Subject: LISP NAT Traversal >>> >>> Hi, >>> >>> It will be useful if LISP NAT traversal draft >>> (draft-ermagan-lisp-nat-traversal) can elaborate on the following >>> >>> 1) Why LISP NAT traversal cannot be accomplished without RTR (another network entity) which has implications on deployability, complexity and latency. There are other protocols (e.g IKE/IPsec) that achieve NAT-D and NAT-T without the need for additional network entity. >>> >>> 2) Some more details on RTR deployment >>> - location of RTR in the LISP deployment like there are >>> recommendations on PITR/PETR deployments >>> - is RTR shared across LISP sites behind NAT or each site needs a >>> dedicated RTR >>> - what if RTR is behind another NAT (SP-NAT) >>> >>> 3) How is multiple-NAT handled (e.g. enterprise and SP NAT) >>> >>> Thanks, >>> -Amjad Inamdar CISSP, CCNP R&S, CCNP Security, CCDP, CCSK Senior >>> Technical Leader CSG PI Services Security - India >>> >>> _______________________________________________ >>> lisp mailing list >>> lisp@ietf.org >>> https://www.ietf.org/mailman/listinfo/lisp >>
- [lisp] LISP crypto Amjad Inamdar (amjads)
- Re: [lisp] LISP crypto Dino Farinacci
- Re: [lisp] LISP crypto Stephen Farrell
- Re: [lisp] LISP crypto Dino Farinacci
- Re: [lisp] LISP crypto Amjad Inamdar (amjads)
- Re: [lisp] LISP crypto Dino Farinacci
- Re: [lisp] LISP crypto Amjad Inamdar (amjads)
- Re: [lisp] LISP crypto Dino Farinacci