IETF Logo Mail Archive

Re: [ntpwg] The next step of draft-ietf-ntp-checksum-trailer

Miroslav Lichvar <mlichvar@redhat.com> Mon, 07 March 2016 11:53 UTC

Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 78FA91B3F74 for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Mon, 7 Mar 2016 03:53:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -6.901
X-Spam-Level:
X-Spam-Status: No, score=-6.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id U9_5_NOAKg51 for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Mon, 7 Mar 2016 03:53:50 -0800 (PST)
Received: from lists.ntp.org (lists.ntp.org [149.20.68.7]) by ietfa.amsl.com (Postfix) with ESMTP id E57161B3F73 for <ntp-archives-ahFae6za@lists.ietf.org>; Mon, 7 Mar 2016 03:53:50 -0800 (PST)
Received: from lists.ntp.org (lists.ntp.org [149.20.68.7]) by lists.ntp.org (Postfix) with ESMTP id C782C86DAD7 for <ntp-archives-ahFae6za@lists.ietf.org>; Mon, 7 Mar 2016 11:53:50 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (mail1.ntp.org [IPv6:2001:4f8:fff7:1::5]) by lists.ntp.org (Postfix) with ESMTP id A6BE686D90D for <ntpwg@lists.ntp.org>; Mon, 7 Mar 2016 11:29:00 +0000 (UTC)
Received: from mx1.redhat.com ([209.132.183.28]) by mail1.ntp.org with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <mlichvar@redhat.com>) id 1actLE-000DKH-2s for ntpwg@lists.ntp.org; Mon, 07 Mar 2016 11:28:59 +0000
Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (Postfix) with ESMTPS id 8266F1E41; Mon, 7 Mar 2016 11:28:47 +0000 (UTC)
Received: from localhost (dhcp-24-154.brq.redhat.com [10.34.24.154]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u27BSkZ8026274; Mon, 7 Mar 2016 06:28:47 -0500
Date: Mon, 07 Mar 2016 12:28:40 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: Harlan Stenn <stenn@ntp.org>
Message-ID: <20160307112840.GK20222@localhost>
References: <4569da98236441699fb26aebb71f90a7@IL-EXCH01.marvell.com> <E1acVNL-000CK8-RW@stenn.ntp.org> <20160307093202.GJ20222@localhost> <E1acsHr-000Dmy-Bf@stenn.ntp.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <E1acsHr-000Dmy-Bf@stenn.ntp.org>
User-Agent: Mutt/1.5.24 (2015-08-30)
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
X-SA-Exim-Connect-IP: 209.132.183.28
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: mlichvar@redhat.com
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
Subject: Re: [ntpwg] The next step of draft-ietf-ntp-checksum-trailer
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Cc: "'ntpwg@lists.ntp.org'" <ntpwg@lists.ntp.org>, "Karen ODonoghue (odonoghue@isoc.org)" <odonoghue@isoc.org>, Suresh Krishnan <suresh.krishnan@ericsson.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>

On Mon, Mar 07, 2016 at 10:21:15AM +0000, Harlan Stenn wrote:
> Therefore, I have recommended 2 things:
> 
> - clean up Tal's' errata so that it says a MAC SHOULD be provided.  That
> means "Provide a MAC unless you really understand what's going on and
> have a good reason for not using one."

I still don't follow here.

> - Use a flag bit in the Field Type that says "My extension field does
> not require a following MAC."

Meaning the field is not related to authentication?

> There are 2 players here, and I'll call them "A" and "B".  It's one
> thing for A to say "I think the extension field I am sending should be
> covered by a MAC".  It's another thing for B to have the option to have
> looser requirements.

Can you give an example in which it would be useful to exchange that
information in NTP packets?

From the client's point of view, it either requires the server packets
to be authenticated or not. If it does, it will send a field that
enables some form of authentication and the server will have to
process them in order to sent acceptable replies. When the association
is initialized, the client will verify that MAC in the reply is good
and covers all fields in the packet. There could be exceptions in the
future like correction fields for NTP-aware networking devices, but
that would a part of the specification that they are not covered by
MAC and are placed in the packet after the extension field containing
MAC.

> > What would prevent a server from misinterpreting a random MAC in a
> > client packet that doesn't include this extension field as some
> > extension field?

> - the only 2 implemented MACs we know about are 20 bytes for MD5 and 24
> bytes for DES.  There's also a 28 byte MAC for SHA.  We have at least
> partial support for longer digests, at least 256 bit and 512 bit.

The SHA1 MAC is 24 octets, that's why there is a requirement for the
last extension field to be at least 28 octets.

> - a MAC consists of a 4-byte keyid and a payload.  If there is no
> autokey extension field, the keyid MUST be <65535, and we SHOULD have

Isn't that restriction for keyid just for the autokey RFC? There are
NTP implementations that allow any keyid with symmetric keys.

> that keyid in our chain.  If there is an autokey extension field, the
> keyid MUST be >65535 and the key ID MUST (but at worst, SHOULD) be in
> our chain.  As a secondary check, we could see if there is any way the
> first two octets are a Field Type, and the second 2 octets would have to
> be a longword-aligned length that was <= the remaining packet length,
> and if you wanted to be really careful, if there was leftover data then
> this fragment MUST be an extension field, or the next fragment MUST be
> either an extension field or a MAC.  So it's pretty easy to validate
> these things.

I think a MAC could still pass all these tests and appear as an
extension field. It wouldn't be a valid MAC, that would be extremely
unlikely, but the expected digest would have to be calculated in order
to detect that. The new restrictions on lengths of extension fields
are supposed to prevent that if I understand it correctly.

-- 
Miroslav Lichvar
_______________________________________________
ntpwg mailing list
ntpwg@lists.ntp.org
http://lists.ntp.org/listinfo/ntpwg

v2.23.0 | Report a Bug | By Email