Re: [ntpwg] Parsing NTP packets regarding MACs and EXTs.
Daniel Franke <dfoxfranke@gmail.com> Wed, 22 June 2016 14:46 UTC
Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4CEA812D98E for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Wed, 22 Jun 2016 07:46:05 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -8.015
X-Spam-Level:
X-Spam-Status: No, score=-8.015 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_ADSP_CUSTOM_MED=0.001, DKIM_SIGNED=0.1, FREEMAIL_FORGED_FROMDOMAIN=0.198, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-1.426, T_DKIM_INVALID=0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=fail (2048-bit key) reason="fail (message has been altered)" header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DD8sh44n9BTs for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Wed, 22 Jun 2016 07:46:03 -0700 (PDT)
Received: from lists.ntp.org (lists.ntp.org [IPv6:2001:4f8:fff7:1::7]) by ietfa.amsl.com (Postfix) with ESMTP id 1B56C12D858 for <ntp-archives-ahFae6za@lists.ietf.org>; Wed, 22 Jun 2016 07:40:54 -0700 (PDT)
Received: from lists.ntp.org (lists.ntp.org [149.20.68.7]) by lists.ntp.org (Postfix) with ESMTP id BDEDA86DB1D for <ntp-archives-ahFae6za@lists.ietf.org>; Wed, 22 Jun 2016 14:40:54 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (mail1.ntp.org [IPv6:2001:4f8:fff7:1::5]) by lists.ntp.org (Postfix) with ESMTP id B64C086D55E for <ntpwg@lists.ntp.org>; Tue, 21 Jun 2016 14:51:35 +0000 (UTC)
Received: from mail-io0-x22c.google.com ([2607:f8b0:4001:c06::22c]) by mail1.ntp.org with esmtps (TLSv1:AES128-SHA:128) (Exim 4.77 (FreeBSD)) (envelope-from <dfoxfranke@gmail.com>) id 1bFN1a-000HxM-5j for ntpwg@lists.ntp.org; Tue, 21 Jun 2016 14:51:35 +0000
Received: by mail-io0-x22c.google.com with SMTP id g13so11646788ioj.1 for <ntpwg@lists.ntp.org>; Tue, 21 Jun 2016 07:51:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=YQLrP5T4qTY9tqrOXj/h1Qb6cgVLWHzYrGkwTpdciR8=; b=y6atoE3KXGKhh9pvKieBAHLEc1g10Oe8Z+nkhntbF7RYpeweXXNDHrurUv9VpyVthB p2+soenjP/qjpLFd8Sao/iHvts5e35sShs77kPMyB8O+ceRMf+e7d78blnUObhx54DPs VPRyOIIi9TdMxoJPW15tVJB64poSCcIdwHBFV0QIh7DhjHm1ggE0ACWZxJAzhGq8W4/u Vb5/RXsG3k+E+SuyEDF+UcTsNPhG1GlsDVOa9hgLjre+5Pe10q200qPWcNWepBMCjy20 HO6I0KukzcEDtebMz2bWjn9VcxysmafsVNwv1Jziyyk1hYekJO3jPKwmMVffM/QlageI rYYQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=YQLrP5T4qTY9tqrOXj/h1Qb6cgVLWHzYrGkwTpdciR8=; b=CoXCFvDTD4bZLhNJhZ2BQU2e8EOSKSQap0etk4a2pn8/27qG6voREPqBheeaEcyq7Y yCQZ1PZrDKh5sVFClIgwcMn4ZcH3ZmJC2Y4zL1jKj7gG4vOt4GoJDUr0qVBCVavAySTo tFU3ZWTQY2ctAR2nq8pc3a132yjhqeBmQKMAgP6CydrOJt8I7/D3dB6yC1T6/IlciBPZ dl1XPV1LruvRyG22e2yBeb1FUPxPiBCpgBKtY8oEIC8eAf7aGXTD46OvnXETSZhVjycN uU9J8BOq5T14FHvCDPAB9gD1mfGpt8QrvY1gyNNoRjOjQtpo4PIHE4Wt4LpXz0BHSnlZ Po0Q==
X-Gm-Message-State: ALyK8tKHJ9Z7OuCiodRA3mAKW4QtukpMsXohHYlMKH1wxgnyBa1/IUauLVkvCEKCMjB2o5pxhn7lL1Tuu8Ntsw==
X-Received: by 10.157.37.242 with SMTP id q105mr14861671ota.29.1466520692963; Tue, 21 Jun 2016 07:51:32 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.224.234 with HTTP; Tue, 21 Jun 2016 07:51:32 -0700 (PDT)
In-Reply-To: <d5934cd7-5808-3e2b-3ed6-b5e1b3f9e2df@ntp.org>
References: <stenn@ntp.org> <E1bFCJh-000G0C-Bf@stenn.ntp.org> <20160621093932.BD9A7406057@ip-64-139-1-69.sjc.megapath.net> <f4f6f8f969ac49ff819ccae06ec2e3db@usma1ex-dag1mb1.msg.corp.akamai.com> <d5934cd7-5808-3e2b-3ed6-b5e1b3f9e2df@ntp.org>
From: Daniel Franke <dfoxfranke@gmail.com>
Date: Tue, 21 Jun 2016 10:51:32 -0400
Message-ID: <CAJm83bAHcSQtOHRjUHVk7o27KmbSqH_dad+dLMAhQ6Vh3hnsWw@mail.gmail.com>
To: mayer@ntp.org
X-SA-Exim-Connect-IP: 2607:f8b0:4001:c06::22c
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: dfoxfranke@gmail.com
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
X-Mailman-Approved-At: Wed, 22 Jun 2016 14:40:42 +0000
Subject: Re: [ntpwg] Parsing NTP packets regarding MACs and EXTs.
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Cc: "ntpwg@lists.ntp.org" <ntpwg@lists.ntp.org>, Hal Murray <hmurray@megapathdsl.net>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
On 6/21/16, Danny Mayer <mayer@ntp.org> wrote: > Yes. The reference code supports the creation of better hashes than MD5 > and SHA-1, since OpenSSL supports it, but the parsing code does not and > that's what needs to get fixed. This is not a NTP WG issue, it's a > problem with the reference implementation that needs to get fixed. I do > note that RFC5905 only references MD5 and that IS a WG problem. A bigger problem than MD5 is the fact that NTP's "HMAC" isn't HMAC; it's the H(K||V) construction vulnerable to length-extension attacks. However, supporting better hash functions shouldn't require any changes to parsing. The length of a MAC tag doesn't have to be the same as the digest size of the hash function you're using. It's perfectly safe, e.g., to truncate HMAC-SHA256 to 128 bits. I oppose putting the legacy MAC field to any new uses or allowing it take on anything other than its current size. Any new crypto should be done in extension fields. The parsing rules should be as follows: If the packet is 48 bytes, it has no extensions and no MAC. If the packet is between 49 and 67 bytes inclusive, it's malformed; discard it. If the packet is 68 bytes, it has a legacy MAC and no extensions. If the packet is more than 68 bytes, the last 20 bytes are the keyid and MAC, the first 48 bytes are the standard fields, and everything in between is extension fields. If the keyid field is 0, then the MAC field is ignored, and these last 20 bytes are basically just filler to make the packet parse correctly. At such time as we publish a standard for NTPv5, we can get rid of the legacy MAC fields and move their functionality into extension fields, so that the 20 bytes of wasted filler is no longer necessary. _______________________________________________ ntpwg mailing list ntpwg@lists.ntp.org http://lists.ntp.org/listinfo/ntpwg
- Re: [ntpwg] Autokey, Shared keys Harlan Stenn
- Re: [ntpwg] Autokey, Shared keys Hal Murray
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Miroslav Lichvar
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Daniel Franke
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Daniel Franke
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Harlan Stenn
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Rob Seaman
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Danny Mayer
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Hal Murray
- [ntpwg] New Version Notification for draft-ietf-n… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… kristof.teichel
- Re: [ntpwg] New Version Notification for draft-ie… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Richard Welty
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- Re: [ntpwg] New Version Notification for draft-ie… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Hal Murray
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… dieter.sibold
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Danny Mayer
- Re: [ntpwg] New Version Notification for draft-ie… Harlan Stenn
- [ntpwg] Antw: Re: New Version Notification for dr… Ulrich Windl
- Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-… Hal Murray
- Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-… Harlan Stenn
- Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-… Hal Murray
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Hal Murray
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Kurt Roeckx
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Harlan Stenn
- Re: [ntpwg] Different security mechanisms (NTS, A… Hal Murray
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Hal Murray
- Re: [ntpwg] Different security mechanisms (NTS, A… Harlan Stenn
- Re: [ntpwg] Fwd: Early Allocations for NTS drafts… Harlan Stenn
- Re: [ntpwg] WGLC on NTS: Round trips for key exch… Hal Murray
- Re: [ntpwg] WGLC on NTS: Round trips for key exch… Harlan Stenn
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Hal Murray
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Harlan Stenn
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Hal Murray
- Re: [ntpwg] [TICTOC] comments on draft-stenn-ntp-… Harlan Stenn
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Salz, Rich
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Daniel Franke
- Re: [ntpwg] Parsing NTP packets regarding MACs an… Harlan Stenn