IETF Logo Mail Archive

[pcp] PANA misconceptions (was Re: CONSENSUS CALL on PCP security)

Alper Yegin <alper.yegin@yegin.org> Thu, 18 July 2013 08:33 UTC

Return-Path: <alper.yegin@yegin.org>
X-Original-To: pcp@ietfa.amsl.com
Delivered-To: pcp@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A390921F8C3E for <pcp@ietfa.amsl.com>; Thu, 18 Jul 2013 01:33:57 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.541
X-Spam-Level:
X-Spam-Status: No, score=-102.541 tagged_above=-999 required=5 tests=[AWL=0.058, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 72XHdq72UO1u for <pcp@ietfa.amsl.com>; Thu, 18 Jul 2013 01:33:52 -0700 (PDT)
Received: from mout.perfora.net (mout.perfora.net [74.208.4.195]) by ietfa.amsl.com (Postfix) with ESMTP id CEC2F21F9970 for <pcp@ietf.org>; Thu, 18 Jul 2013 01:33:45 -0700 (PDT)
Received: from [192.168.2.49] (88.247.135.202.static.ttnet.com.tr [88.247.135.202]) by mrelay.perfora.net (node=mrus2) with ESMTP (Nemesis) id 0MgKlC-1UkyjG0Pva-00Nfsm; Thu, 18 Jul 2013 04:33:42 -0400
Mime-Version: 1.0 (Apple Message framework v1283)
Content-Type: text/plain; charset="windows-1252"
From: Alper Yegin <alper.yegin@yegin.org>
In-Reply-To: <9374F3A019050A4C805B8DEF27285BE40115E075A9@LWLMBX01.olympus.F5Net.com>
Date: Thu, 18 Jul 2013 11:33:34 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <839332CA-66AD-48A5-AF0E-7AAD1964FE5F@yegin.org>
References: <c91bb8469abe4b079e46454e022546e6@BY2PR03MB269.namprd03.prod.outlook.com> <9374F3A019050A4C805B8DEF27285BE40115E075A9@LWLMBX01.olympus.F5Net.com>
To: Ben McCann <B.McCann@F5.com>
X-Mailer: Apple Mail (2.1283)
X-Provags-ID: V02:K0:ezuX88xZ+srR5n5+S9iaAGfjw7ZucuilSMr7DXhHG5e Nf7f/8YPche5R5NALX+yIu9ryBDxi95ySxhbH1T8gIMYq5oPVX PO9eyzWNjc7EsPzEvyqB2pjtOy2giYPfTJiY4bNQkM/nRU9oO7 xL7cJbgcvXd3mO0yH0whwgbgnX4oH31eucN19lkLxLJRWfos+8 6DubkTb500LiiQn0zCllS1VI3Nmj8dRJVAMSjPOqwO/Dr88tIi Kis7AcgtXuxn5zxho/oGlx4uVVYbdmEKquCNCBaHRYJ1aMcgc7 mJpa22nqrxY4L7EGUG+X1E6Prp7MBB/BLnOz5tj+EwyXApcpmQ zQELIGDNawTw9ut+5wbdNo9I42gl5MhJSvvpdXOb+PqGXLDopi cbHm8kb9qJX5A==
Cc: "pcp@ietf.org" <pcp@ietf.org>
Subject: [pcp] PANA misconceptions (was Re: CONSENSUS CALL on PCP security)
X-BeenThere: pcp@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: PCP wg discussion list <pcp.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/pcp>, <mailto:pcp-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/pcp>
List-Post: <mailto:pcp@ietf.org>
List-Help: <mailto:pcp-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/pcp>, <mailto:pcp-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 18 Jul 2013 08:33:57 -0000

Hello,

I'm afraid your below issues are based on misconceptions introduced by the http://www.ietf.org/proceedings/85/slides/slides-85-pcp-17.pdf slides.
We did address those misconceptions in several rounds, but it seems like some still linger.

PANA does not force clients to always have a session, or always stay awake or connected.

If a client wants to get authenticated and generate a 5 minute key, and afterwards sleep, detach, etc., it can very well do that using PANA.
We can support that by simply setting the lifetime of the PANA SA to that short fix value, or letting the PANA SA timeout and expire. 
So, you can run PANA and have a 5 min SA, then have no PANA activity for 23:55hrs, and then come back and do another PANA authentication and have another 5min SA. No problems.

Therefore, there are no issues with mobile, and no issues with server side resources.

After all, PANA is adopted by Zigbee Alliance. I don't think the deployment cases considered here are any more constrained than theirs…

> EAP-in-PCP provides a clean slate that's unencumbered by the design decisions and assumptions of an existing protocol (PANA). 


Was there any other concern leading to your above statement?

Alper









On Jul 17, 2013, at 10:20 PM, Ben McCann wrote:

> 1) Could you *live with* EAP-in-PCP? If not, state reason you would object.
> 
>    YES
> 
> 2) Could you *live with* PANA? If not, state reason you would object.
> 
>    Yes, but we really rather not use PANA. See below...
> 
> 3) If you said yes to both 1 and 2, but have a strong preference between the two, which approach do you prefer and why?
> 
> We strongly prefer EAP-in-PCP for several reasons:
> 
> * PANA, as we understand it, is not mobile-friendly. It requires the PCP client to *always* have an authenticated session active and that is wasteful on mobile clients when the authentication rekey interval is much shorter than the mapping lifetime. Margaret Wasserman captured this in slides 13 and 14 of her presentation http://www.ietf.org/proceedings/85/slides/slides-85-pcp-17.pdf. We believe the *client* should decide when to authenticate (because it needs to create or refresh a mapping) because that lets the client optimize its use of the network and reduce its power consumption. 
> 
> We understand that a PCP server may need to send a message to the client when no authenticated session is active. If no authenticated session is active then we prefer the server send an UN-authenticated "call home" message directing the client to authenticate and then the server can send its messages over the authenticated channel. We recognize an attacker can induce the client to connect to the server by forging an unauthenticated "call home" message. But, having done that, the client can ignore subsequent forged call home messages because it will already have an authenticated session. Worse case, an attacker can't make EAP-in-PCP consume any more client resources than PANA does because PANA requires the client to always have an authenticated session available.
> 
> * PANA requires more server side resources. The authentication protocol should efficiently support 100,000's of clients on a large PCP server. Why should the server continuously maintain authenticated sessions with *every* client? Clients using 24 hour mapping lifetimes can be served by short authentication key lifetime like, for example, 5 minutes. Let the client connect, authenticate, program the mappings, and then let the authenticated session expire. Rinse and repeat in 24 hours,. Client-driven authentication via EAP-in-PCP requires less resources on the server because the server can discard the authenticated session state once the key lifetime expires.
> 
> There was some discussion that PANA is preferable to EAP-in-PCP because it supports "liveness testing". We don't believe liveness testing is useful when the server resources consumed, per client, are PCP mappings. Checking the liveness of 100,000 clients is much more resource intensive on the server than just keeping the client's mappings around until they expire naturally at the end of their lifetime. In short, we believe EAP-in-PCP will scale better on the server than PANA.
> 
> * We believe the decision to use EAP-in-PCP vs. PANA is a choice between designing and implementing an EAP-in-PCP transport that is tailored for PCP versus adapting an existing protocol (PANA) to fit the needs of PCP.  We don't think implementing an EAP-in-PCP transport is difficult so we prefer it over PANA. EAP-in-PCP provides a clean slate that's unencumbered by the design decisions and assumptions of an existing protocol (PANA). 
> 
> -Ben McCann
> 
> 
> 
> _______________________________________________
> pcp mailing list
> pcp@ietf.org
> https://www.ietf.org/mailman/listinfo/pcp

v2.23.0 | Report a Bug | By Email