IETF Logo Mail Archive

Re: [OSPF] FW: Using dynamically derived Traffic Keys for Routing Protocols

Curtis Villamizar <curtis@occnc.com> Thu, 14 April 2011 05:07 UTC

Return-Path: <curtis@occnc.com>
X-Original-To: ospf@ietfc.amsl.com
Delivered-To: ospf@ietfc.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfc.amsl.com (Postfix) with ESMTP id 294F8E081D for <ospf@ietfc.amsl.com>; Wed, 13 Apr 2011 22:07:23 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.349
X-Spam-Level:
X-Spam-Status: No, score=-2.349 tagged_above=-999 required=5 tests=[AWL=0.250, BAYES_00=-2.599]
Received: from mail.ietf.org ([208.66.40.236]) by localhost (ietfc.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id kV1F8qcRs+Vf for <ospf@ietfc.amsl.com>; Wed, 13 Apr 2011 22:07:22 -0700 (PDT)
Received: from harbor.orleans.occnc.com (harbor.orleans.occnc.com [173.9.106.135]) by ietfc.amsl.com (Postfix) with ESMTP id 4DF02E07FC for <ospf@ietf.org>; Wed, 13 Apr 2011 22:07:22 -0700 (PDT)
Received: from harbor.orleans.occnc.com (harbor.orleans.occnc.com [173.9.106.135]) by harbor.orleans.occnc.com (8.13.6/8.13.6) with ESMTP id p3E57IrZ030963; Thu, 14 Apr 2011 01:07:19 -0400 (EDT) (envelope-from curtis@harbor.orleans.occnc.com)
Message-Id: <201104140507.p3E57IrZ030963@harbor.orleans.occnc.com>
To: Manav Bhatia <manav.bhatia@alcatel-lucent.com>
From: Curtis Villamizar <curtis@occnc.com>
In-reply-to: Your message of "Thu, 14 Apr 2011 09:51:41 +0530." <4DA67655.10301@alcatel-lucent.com>
Date: Thu, 14 Apr 2011 01:07:18 -0400
Sender: curtis@occnc.com
Cc: "ospf@ietf.org" <ospf@ietf.org>
Subject: Re: [OSPF] FW: Using dynamically derived Traffic Keys for Routing Protocols
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: curtis@occnc.com
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 14 Apr 2011 05:07:23 -0000

In message <4DA67655.10301@alcatel-lucent.com>
Manav Bhatia writes:
>  
> Curtis,
>  
> I can write a small ID explaining how this can be used for OSPF if
> folks believe this is something acceptable for doing key rollovers.
>  
> Cheers, Manav


Manav,

You might want to say "for doing *session* key rollovers".  The
persistant key rollover would need a different mechanism.

Curtis


> On 4/14/2011 9:49 AM, Curtis Villamizar wrote:
> >
> > In message<7C362EEF9C7896468B36C9B79200D8350CFD0DE257@INBANSXCHMBSA1.in.alcatel-lucent.com>
> > "Bhatia, Manav (Manav)" writes:
> >>
> >> OSPFers,
> >>
> >> Can a variant of this method be used to protect OSPFv2 and OSPFv3-AT?
> >>
> >> Cheers, Manav
> >
> >
> > Hesitant to say "me too" again for S/N reasons, but ...  yes/agree
> >
> > Someone needs to write up the details though.  (and Manav seems
> > willing to volunteer).
> >
> > Curtis
> >
> >
> >
> >>> -----Original Message-----
> >>> From: karp-bounces@ietf.org [mailto:karp-bounces@ietf.org] On
> >>> Behalf Of Bhatia, Manav (Manav)
> >>> Sent: Thursday, April 14, 2011 5.18 AM
> >>> To: karp@ietf.org
> >>> Subject: [karp] Using dynamically derived Traffic Keys for
> >>> Routing Protocols
> >>>
> >>> Hi,
> >>>
> >>> Instead of using the pre shared key (PSK) in manual keying
> >>> for all packets the routing protocols could use a traffic key
> >>> that's derived from the PSK using some key derivation
> >>> function. Each side could announce a random number (a nonce)
> >>> and the KDF could mix this with the PSK to derive the traffic
> >>> key per session. Benefits of this approach:
> >>>
> >>> o Key rollover becomes very easy as it's a local decision now
> >>> requiring now co-ordination with our peers. Each side can
> >>> generate a new nonce and all others recompute the traffic key
> >>> based on the new nonce value. Attackers cant inject packets
> >>> with spurious nonces as this packet will be protected using
> >>> the traffic key based on the nonce that others have sent.
> >>>
> >>> o Avoids inter-session replay attacks without involving non
> >>> volatile memory as each router will use a different nonce
> >>> upon booting up.
> >>>
> >>> In OSPF the nonce could be carried in the HELLO packets.
> >>> There could be bit carried in the HELLOs which would indicate
> >>> that the Hello is currently using the long lived key (or the
> >>> PSK). The receiver upon receiving this would authenticate the
> >>> packet using the PSK and would use the KDF to derive the
> >>> traffic key. The KDF would mix the nonce with the PSK in some
> >>> deterministic fashion. The receiver uses the derived traffic
> >>> key for signing all subsequent OSPF packets and would
> >>> indicate this by setting some bit (which says using traffic
> >>> key). It will also include its own nonce. The original sender
> >>> now uses the nonce that it receives and starts using the
> >>> traffic key derived from this nonce for all subsequent
> >>> packets. For a key rollover, the senders just have to choose
> >>> a new nonce value. This can be done as frequently as desired
> >>> and requires no manual intervention.
> >>>
> >>> Does this sound as going in the right direction?
> >>>
> >>> Cheers, Manav
> >>>
> >>> --
> >>> Manav Bhatia,
> >>> Service Router Product Group (SRPG)
> >>> Alcatel-Lucent, India
> >>> _______________________________________________
> >>> karp mailing list
> >>> karp@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/karp
> >>>
> >> _______________________________________________
> >> OSPF mailing list
> >> OSPF@ietf.org
> >> https://www.ietf.org/mailman/listinfo/ospf

v2.23.0 | Report a Bug | By Email