IETF Logo Mail Archive

Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-checksum-trailer-05.txt

Miroslav Lichvar <mlichvar@redhat.com> Mon, 07 March 2016 09:26 UTC

Return-Path: <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>
X-Original-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Delivered-To: ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EBFB01B3D21 for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Mon, 7 Mar 2016 01:26:06 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o8MHMPXPyuhp for <ietfarch-ntp-archives-ahFae6za@ietfa.amsl.com>; Mon, 7 Mar 2016 01:26:05 -0800 (PST)
Received: from lists.ntp.org (lists.ntp.org [IPv6:2001:4f8:fff7:1::7]) by ietfa.amsl.com (Postfix) with ESMTP id 7E0C61B3D20 for <ntp-archives-ahFae6za@lists.ietf.org>; Mon, 7 Mar 2016 01:26:05 -0800 (PST)
Received: from lists.ntp.org (lists.ntp.org [149.20.68.7]) by lists.ntp.org (Postfix) with ESMTP id 31FCD86DB25 for <ntp-archives-ahFae6za@lists.ietf.org>; Mon, 7 Mar 2016 09:26:05 +0000 (UTC)
X-Original-To: ntpwg@lists.ntp.org
Delivered-To: ntpwg@lists.ntp.org
Received: from mail1.ntp.org (mail1.ntp.org [IPv6:2001:4f8:fff7:1::5]) by lists.ntp.org (Postfix) with ESMTP id 06D4A86D4A6 for <ntpwg@lists.ntp.org>; Mon, 7 Mar 2016 09:07:47 +0000 (UTC)
Received: from mx1.redhat.com ([209.132.183.28]) by mail1.ntp.org with esmtps (TLSv1:AES256-SHA:256) (Exim 4.77 (FreeBSD)) (envelope-from <mlichvar@redhat.com>) id 1acr8a-0006GM-E4 for ntpwg@lists.ntp.org; Mon, 07 Mar 2016 09:07:46 +0000
Received: from int-mx11.intmail.prod.int.phx2.redhat.com (int-mx11.intmail.prod.int.phx2.redhat.com [10.5.11.24]) by mx1.redhat.com (Postfix) with ESMTPS id 67E7E90E4B; Mon, 7 Mar 2016 09:07:35 +0000 (UTC)
Received: from localhost (dhcp-24-154.brq.redhat.com [10.34.24.154]) by int-mx11.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u2797YtG010124; Mon, 7 Mar 2016 04:07:34 -0500
Date: Mon, 07 Mar 2016 10:07:33 +0100
From: Miroslav Lichvar <mlichvar@redhat.com>
To: Harlan Stenn <stenn@ntp.org>
Message-ID: <20160307090733.GI20222@localhost>
References: <E1abMUh-0007lW-Hl@stenn.ntp.org> <56D88E4E.4090408@pdmconsulting.net> <8D2BF679AAC7C346848A489074F9F8BF7AADAE9D@sjsrvexchmbx2.microsemi.net> <56D8B1FD.7050108@ntp.org> <8D2BF679AAC7C346848A489074F9F8BF7AADB214@sjsrvexchmbx2.microsemi.net> <56D8FCE2.2080007@ntp.org> <56D94613020000A100020287@gwsmtp1.uni-regensburg.de> <E1abmFT-0009RS-Cp@stenn.ntp.org> <20160304102922.GC20222@localhost> <E1ac29S-000AKG-30@stenn.ntp.org>
MIME-Version: 1.0
Content-Disposition: inline
In-Reply-To: <E1ac29S-000AKG-30@stenn.ntp.org>
User-Agent: Mutt/1.5.24 (2015-08-30)
X-Scanned-By: MIMEDefang 2.68 on 10.5.11.24
X-SA-Exim-Connect-IP: 209.132.183.28
X-SA-Exim-Rcpt-To: ntpwg@lists.ntp.org
X-SA-Exim-Mail-From: mlichvar@redhat.com
X-SA-Exim-Version: 4.2
X-SA-Exim-Scanned: Yes (on mail1.ntp.org)
Subject: Re: [ntpwg] Antw: Re: I-D Action: draft-ietf-ntp-checksum-trailer-05.txt
X-BeenThere: ntpwg@lists.ntp.org
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: IETF Working Group for Network Time Protocol <ntpwg.lists.ntp.org>
List-Unsubscribe: <http://lists.ntp.org/options/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=unsubscribe>
List-Archive: <http://lists.ntp.org/pipermail/ntpwg/>
List-Post: <mailto:ntpwg@lists.ntp.org>
List-Help: <mailto:ntpwg-request@lists.ntp.org?subject=help>
List-Subscribe: <http://lists.ntp.org/listinfo/ntpwg>, <mailto:ntpwg-request@lists.ntp.org?subject=subscribe>
Cc: ntpwg@lists.ntp.org
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Errors-To: ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org
Sender: ntpwg <ntpwg-bounces+ntp-archives-ahfae6za=lists.ietf.org@lists.ntp.org>

On Sat, Mar 05, 2016 at 02:41:05AM +0000, Harlan Stenn wrote:
> Miroslav Lichvar writes:
> > On Fri, Mar 04, 2016 at 09:42:15AM +0000, Harlan Stenn wrote:
> > > In fact one problem with the current MAC scheme is that one can easily
> > > deduce the algorithm based on the number of bytes in the payload.  This
> > > makes for an attack vector, and we have a way to fix this in an upcoming
> > > draft.
> > 
> > Hm, are there so many different lengths that hiding that information
> > would slow down the search more than adding a few bits to the key? How
> > do you propose to hide it, truncation of the hash to some constant
> > length?
> 
> Two things.
> 
> First, we could pad the exsting MAC to an arbitrary length today, and
> solve that aspect of the problem.

If the hash was padded to 64 bytes with random data to allow SHA512
and hide the length with smaller hashes, with MD5 and no extension
fields the padding would waste up to 40% of the bandwidth. I don't
think it's worth it, given how little value hiding the length has.

> The proposal Danny and I are working on will create a new extension
> field for the MAC, and that solves both of these problems.  But it's not
> backward-compatible.  It's not backward-INcompatible either.

An extension field for the old NTPv3 MAC would be nice. It would allow
authentication to cover only part of the packet and extension fields
for corrections from HW timestamping, NTP-aware switches/routers, etc,
could be still included. As you say, this would be an incompatible
change, so I'd like to see some discussion on how it would work with
old servers and clients.

I'm slightly worried about confusion from having different MAC
extension fields as the NTS drafts already introduced a new "MAC"
field for the 128-bit HMAC.

-- 
Miroslav Lichvar
_______________________________________________
ntpwg mailing list
ntpwg@lists.ntp.org
http://lists.ntp.org/listinfo/ntpwg

v2.23.0 | Report a Bug | By Email