Re: [Pana] Doubt regarding Stateless response to PCI msg

<yoshihiro.ohba@toshiba.co.jp> Sat, 20 August 2016 15:13 UTC

Return-Path: <yoshihiro.ohba@toshiba.co.jp>
X-Original-To: pana@ietfa.amsl.com
Delivered-To: pana@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id EA68512D811 for <pana@ietfa.amsl.com>; Sat, 20 Aug 2016 08:13:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.889
X-Spam-Level:
X-Spam-Status: No, score=-1.889 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001, T_FILL_THIS_FORM_SHORT=0.01, UNPARSEABLE_RELAY=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id o9HXgX2ibhD9 for <pana@ietfa.amsl.com>; Sat, 20 Aug 2016 08:13:08 -0700 (PDT)
Received: from mo.tsb.2iij.net (mo1500.tsb.2iij.net [210.149.48.172]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A616C12D177 for <Pana@ietf.org>; Sat, 20 Aug 2016 08:13:04 -0700 (PDT)
Received: by mo.tsb.2iij.net (tsb-mo1500) id u7KFCwf2032119; Sun, 21 Aug 2016 00:12:59 +0900
Received: from unknown [172.27.153.187] (EHLO tsb-mr1501.hop.2iij.net) by mas1506.tsb.2iij.net(mxl_mta-7.2.4-7) with ESMTP id a7378b75.0.11166.00-691.20482.mas1506.tsb.2iij.net (envelope-from <yoshihiro.ohba@toshiba.co.jp>); Sun, 21 Aug 2016 00:12:59 +0900 (JST)
X-MXL-Hash: 57b8737b2ea64ec2-7bfab754d59ebdda0c601dce21420d314781b00d
Received: from imx12.toshiba.co.jp (imx12.toshiba.co.jp [61.202.160.132]) by relay.tsb.2iij.net (tsb-mr1501) with ESMTP id u7KFCvp0008676; Sun, 21 Aug 2016 00:12:58 +0900
Received: from tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp ([133.199.232.103]) by imx12.toshiba.co.jp with ESMTP id u7KFCvC6011191 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 21 Aug 2016 00:12:57 +0900 (JST)
Received: from tsbmgw-mgw01 (localhost [127.0.0.1]) by tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id u7KFCv9q003889; Sun, 21 Aug 2016 00:12:57 +0900
Received: from localhost ([127.0.0.1]) by tsbmgw-mgw01 (JAMES SMTP Server 2.3.1) with SMTP ID 407; Sun, 21 Aug 2016 00:12:57 +0900 (JST)
Received: from arc11.toshiba.co.jp ([133.199.90.127]) by tsbmgw-mgw01.tsbmgw-mgw01.toshiba.co.jp (8.13.8/8.14.5) with ESMTP id u7KFCv0m003886; Sun, 21 Aug 2016 00:12:57 +0900
Received: (from root@localhost) by arc11.toshiba.co.jp id u7KFCv1v005817; Sun, 21 Aug 2016 00:12:57 +0900 (JST)
Received: from ovp11.toshiba.co.jp [133.199.90.148] by arc11.toshiba.co.jp with ESMTP id AAA05816; Sun, 21 Aug 2016 00:12:57 +0900
Received: from mx12.toshiba.co.jp (mx12.toshiba.co.jp [133.199.90.142]) by ovp11.toshiba.co.jp with ESMTP id u7KFCvI9000672; Sun, 21 Aug 2016 00:12:57 +0900 (JST)
Received: from tgxml230.toshiba.local by toshiba.co.jp id u7KFCv9V021442; Sun, 21 Aug 2016 00:12:57 +0900 (JST)
Received: from TGXML279.toshiba.local (133.199.71.134) by tgxml230.toshiba.local (133.199.62.21) with Microsoft SMTP Server (TLS) id 14.3.266.1; Sun, 21 Aug 2016 00:12:56 +0900
Received: from TGXML278.toshiba.local (133.199.71.133) by TGXML279.toshiba.local (133.199.71.134) with Microsoft SMTP Server (TLS) id 15.0.1178.4; Sun, 21 Aug 2016 00:12:56 +0900
Received: from TGXML278.toshiba.local ([192.168.94.145]) by TGXML278.toshiba.local ([192.168.94.145]) with mapi id 15.00.1178.000; Sun, 21 Aug 2016 00:12:56 +0900
From: yoshihiro.ohba@toshiba.co.jp
To: raja.ashok@huawei.com, basavaraj.patil@nokia.com, alper.yegin@yegin.org, jari.arkko@piuha.net, Pana@ietf.org
Thread-Topic: Doubt regarding Stateless response to PCI msg
Thread-Index: AdH63BvYrgtQo/A7QCqvc1R26cM98AAFzfjg
Date: Sat, 20 Aug 2016 15:12:55 +0000
Message-ID: <f885412d6eff408ca06085528108b568@TGXML278.toshiba.local>
References: <FDFEA8C9B9B6BD4685DCC959079C81F5E18DE5AE@blreml502-mbx>
In-Reply-To: <FDFEA8C9B9B6BD4685DCC959079C81F5E18DE5AE@blreml502-mbx>
Accept-Language: ja-JP, en-US
Content-Language: ja-JP
X-MS-Has-Attach: yes
x-ms-exchange-transport-fromentityheader: Hosted
x-originating-ip: [133.120.173.120]
msscp.transfermailtomossagent: 103
Content-Type: multipart/related; boundary="_004_f885412d6eff408ca06085528108b568TGXML278toshibalocal_"; type="multipart/alternative"
MIME-Version: 1.0
X-MAIL-FROM: <yoshihiro.ohba@toshiba.co.jp>
X-SOURCE-IP: [172.27.153.187]
X-Spam: exempt
Archived-At: <https://mailarchive.ietf.org/arch/msg/pana/oXrotkrHC5eHDOR0bWTQx4MER-0>
Subject: Re: [Pana] Doubt regarding Stateless response to PCI msg
X-BeenThere: pana@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Protocol for carrying Authentication for Network Access <pana.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pana>, <mailto:pana-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/pana/>
List-Post: <mailto:pana@ietf.org>
List-Help: <mailto:pana-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pana>, <mailto:pana-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 20 Aug 2016 15:13:11 -0000

Ashok,

As far as I remember during the discussion in the past, the minimum state does not have to be maintained per-session basis.  For example, a PAA implementation can use a random seed that is valid during a short period of time and is shared among multiple PaCs sending PCIs during that peiod.  From the random seed, initial sequence number and session id can be calculated by hashing the seed with PaC-specific information obtained from IP header such as PaC’s IP address, etc.  This way, maintaining per-session state can be avoided during stateless handshake without use of a Cookie AVP.

Regards,
Yoshihiro Ohba


From: Pana [mailto:pana-bounces@ietf.org] On Behalf Of Raja ashok
Sent: Saturday, August 20, 2016 8:12 PM
To: basavaraj.patil@nokia.com; alper.yegin@yegin.org; jari.arkko@piuha.net; Pana@ietf.org
Subject: [Pana] Doubt regarding Stateless response to PCI msg

Hi All,

I am having a small doubt in PANA handshake of RFC 5191. Can you please clarify me.

PAA can respond to PCI msg in a stateless manner, by sending Cookie (as new AVP) in 1st PAR msg (similar to DTLS). This Cookie AVP was there in initial draft of RFC 5191, but in final RFC it is not there.  When I searched the mail list I got the below reason for removing Cookie AVP. But Still the suggested mechanism requires a state to be maintained with minimal information(Cookie, Initial seq, session ID). But this is still vulnerable to a DoS attack by flooding PCI msg.

So My doubt is, Is there any security loophole, if a Vendor specific Cookie AVP is used instead of minimal state maintenance. Please clarify my doubt.

$ Info from Old mail chain:
$  #2 Stateless handshake
$     * Simplification of the stateless handshake - Removal of L-bit ?
$        - Need to keep a minimum state to be maintained (cookie, initial seq)
$        - Adding PSR retransmission to this state is not a big issue
$     * Solution:
$        - Remove distinction between stateless and stateful
$        - Remove cookie avp
$        - Remove L-flag
$        - PSR re-transmission may be turned off if PAA wants to be stateless

Regards,
Ashok
________________________________
Raja Ashok V K
华为技术有限公司 Huawei Technologies Co., Ltd.
[Company_logo]

Phone:
Fax:
Mobile:
Email:
地址:深圳市龙岗区坂田华为基地 邮编:518129
Huawei Technologies Co., Ltd.
Bangalore, India.
http://www.huawei.com
________________________________
本邮件及其附件含有华为公司的保密信息,仅限于发送给上面地址中列出的个人或群组。禁
止任何其他人以任何形式使用(包括但不限于全部或部分地泄露、复制、或散发)本邮件中
的信息。如果您错收了本邮件,请您立即电话或邮件通知发件人并删除本邮件!
This e-mail and its attachments contain confidential information from HUAWEI, which
is intended only for the person or entity whose address is listed above. Any use of the
information contained herein in any way (including, but not limited to, total or partial
disclosure, reproduction, or dissemination) by persons other than the intended
recipient(s) is prohibited. If you receive this e-mail in error, please notify the sender by
phone or email immediately and delete it!