Re: Resolving lingering issues with BFD authentication drafts
Reshad Rahman <reshad@yahoo.com> Sun, 25 February 2024 22:31 UTC
Return-Path: <reshad@yahoo.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 30147C14F5F4 for <rtg-bfd@ietfa.amsl.com>; Sun, 25 Feb 2024 14:31:48 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.108
X-Spam-Level:
X-Spam-Status: No, score=-2.108 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id fbaiT_bt7FYA for <rtg-bfd@ietfa.amsl.com>; Sun, 25 Feb 2024 14:31:46 -0800 (PST)
Received: from sonic301-3.consmr.mail.bf2.yahoo.com (sonic301-3.consmr.mail.bf2.yahoo.com [74.6.129.42]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id E3E4BC14F5ED for <rtg-bfd@ietf.org>; Sun, 25 Feb 2024 14:31:45 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1708900304; bh=a8DS7rNyK+992LImHpgU56Fi4NXJx1k3CaRYW2iCh64=; h=Date:From:Reply-To:To:In-Reply-To:References:Subject:From:Subject:Reply-To; b=Mfmt7DQFqR8yPG3qJ3m6P1oZj+0DGwwnlGCDjuH2R/AI/QdCP9gsRoRsqcosk2Nt7V9GjkCNz4JP31sDCF+QMmvm+Q+v237WhiIoEJp4gk97BovWZo8xZN+OSzOXVeHghDaAwuW5gxQw1kJsfi9w9Hjs99O9boiflFmqaOGtFY0LVmsdaKMjq1PkeIUGIbtO2bKd3T+8iLeJUg2ToKyFvVJpsAS5syGy4bSrbAEP1CylarQSexebj1sSJj2fQR1lFcyx0nsSydx9DzC60CSe3JHDW66UxRIsJ/g4bOuNggCimGNkOeatTZltQy5szJ4IJZisTY8CN+baMrTD1lHDzQ==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1708900304; bh=3iKk6q06ngH+JICRfg9LEmi1AbndfyVboNaxbnV/Gvj=; h=X-Sonic-MF:Date:From:To:Subject:From:Subject; b=Q641HICiz6saU91tYbj+s6jAQDOeKT1Z1BB18yiBB1bAu3u90GUbjgD/OYedz8fLEQJdWQsgv2H/fbDT+i9eWEavl6FnLLCHo3IiVAN0TZ2XGLPtYvvNtZ3ZYtKUU6r4/9gjYEBZbMg4IacO0EhHX30U9CMfYzbdA9ucGuz+mtRxyZf4sem+sV0ed4XzcPoBOH3KtieS1miJJAaAeYKKS4PFOgiiQ8jPEzW5QMa0joKSU/65PpD53cK5umcbnYe1U2OsQr8IIQC7Q0HINqDkCTDHYcVyIPBbEdywzQCedGKZybRGpS1YPExmJLyxt2KoCkjtU3M/UD3E/5tl2/p6Ow==
X-YMail-OSG: zc36rVQVM1k0BD0f54.lvW1KhLOClPV9voo4tVJfuLM6deCyinIIcir2fyRa7o0 nDq65wVu0OSTopWxbqo6VcRNoxYl4kesE4cOhC8.05PUCWgPxk1.aIqD2nMNN2RFQHPXuCO1wiOv f6uh4vmVfmWCTwD57Y2jo3RkuyaBI1K9hjtGIFsLE.a4H5MfbWON6YTjLQpmam2mbzjxorXPonYQ WJg7ZUrtkAevdPU35NVNJ2asDVuDg_SaXka2ta9XpPiGCNmHJO5ffUnpTWB6KDFe5nqIH73ab8TL YUr6sZdnN9DIV3pbetP_eZOZGOYfZORdK5iVYey6zsFwa7Sp0k6.Id2FJqUGgc6dqovuF.Frirc0 RFwb5Oi8pNsgMdF9RLdfHUSyGt2D2Sw4iqykaNpzlIMFs1CcdcGbHohzxc0lHA4cbBdW0IXDiFU4 tyVZZe7LMPZxbjdu1mwb9wue6r0PhwL4c.5uSn_0lCYnP_JR6EiDhY8J_vYBbEOab.fRgXTFpglT 4t2GZxZAtEeXgZfGQJBZU1zvg2_zHgF7NByEG6RLh3gnKIWMSE_QY4YfwQA8E6JD5t66eyCa5qk6 lGFXiIgnk6duRMPWX9qGPQDes47WTQEXFmW3UjgE15TIbU6MXPvS_3BOEsYPV1RqvdsD_p7Z_PiX K9X7y6nA8CQr0gSfMKU38odxcJq23jxF_5XwmHqAo_DfZL.4xGq_10aCGbIJ0bgCRIh1HdaMDLle SXPXmhuzpFkiA6atLxsUn5JH0jwXYiTivLVdCgkJdQIAecUj.lJLQgC3DOLx3MqBoODnwmp47sF1 SRQgXt2YvI_7MnTWA2IAoYgD3yFKQyGejVZdhSQwPGaL.zSLVqYH9rHcTyEBqOukwMbRbnGjFxTc 4hPMQBgFHVuSUydjpMx6hot47gckJNr9x4swINyhe0Vo7zKOOUlxUsYn9kd.YNyecfBWXKmS49qD wVrQl8pZXDvMxqJSflewTjscvxnWTWCMdyzoHXM7maXbQ9FSUbBAK4GBDA8__idqAiiRwCxXmww6 GD7ntNWOhbVlbHqJma4EICZqYorrW5cVjSizcB7glRbi1aDOydh5mGsvE0M3RR5zLtM7rjNws98q 6kz9RNyM1Ljum.EV8oValZHoxWNwHgcOS6snYFSua.iaUhI.8oAoJr5IQgdOobe8C9qnaHxrBNG1 P5mMIQI4E9phG7MjFy36iXZ7BSNcgSYY06Ue2k.DhxrLxb0uljIFcPGbI381HAUrF8jUVVwnFWZu cz.z6RxpIndld9.qe6EZ2ygdzCw9Ul.KDoIQKpCPVcrT73GrfEFDpu8BvhxQ9HEiqeKhwQQRC1oQ mqt5qGqhqCJAKzlE3LKrwdx1QiVKvC_xhhUkrpiVbPyZI2LY38ObnKNA6BhLaa5mw8VJP5gS7Ybm XLyY.iTDWak65kI_AOZlh2VpCPw5iPyiAo4MRxegSQ_4HB06XX.BCEWvAxvsKTTof3cFTu1NRBiu e8WBHJlRftg67ANiF_5bRrdQ8_5vigb_wUDxALL5_uqm9U8TXZQgJ29.kFG9S2A3Gbd2M8Phng0E 4ziW1chMuM.74ldpbFTkw_OSKak1rvAv3uUHnQZB8UYtbfmYdxm9c6uyOLQksWGCiHpCKB899qI4 jGi9rkx2mYTQWf9UoLHkeCMlo92LSzF52KyIaddHIcv0sbSW_TGW9yxwfjWuMcPEQnTRaX9H9uoF qi_MHCGAIMvNxOKDpBWn70hh4gkK6r0wmFEBpNvA3enaZG3Q_9nNpB5hghGqsqLgWndUzCq89cS6 f5RSzre9vIyabkyXpTYSwlrV7BLcwCHRORIlALoN7sPXQT2UiKfM7R9JY1B0f45Yo05qGHpEVoEg 3jcHqNWoLLlTbG.FhFQ9b_JI1w7GJSIeLSzusSD9zkHMJPuMSwT2lDVdQzua5h4P.QQUk0R4c.S1 byVVO2_l3U8.Ty9BK3v0bxOb5tcweotNyvJHkMtJAkoGEONlXAbS5ibNA4uBhMVm2FTPBgMHT3eH dvHEGOFhA.Iz0K2pO2Ml7YT57oDzdofQtUOzxX.XEzLSfz_Rf8uz_4C86LU_RVDk8ro3QXqfIlBx jn6J3X0BMNAqbJt8D5Xw2USvr398Xltx8YdjAW7IuvmHZN4ra7AvHOQahAEmCm790l5aFSCwoalL w8d2QdxMPRqqZJKLKApKUG1dIfcVVpmXpLaSBADVP7q37cKE6rH8cb36zRwos3TldnJxqvkflyXz u9VDiTjHrpRuUaqfciaIQhrc3RohZrrndR1Wbr_UTT49uxC.Vm89GvsPD.WjWDYieg2WcMb7Vh7Q 0mlwKcwdSumDNLCXx6fO2ojyCg0WdLCREzkYkBXWYYukMJeJzzN.1bTnDNYBoYzo-
X-Sonic-MF: <reshad@yahoo.com>
X-Sonic-ID: a8cbe5b7-99ac-481f-9a94-17b6635ad6b0
Received: from sonic.gate.mail.ne1.yahoo.com by sonic301.consmr.mail.bf2.yahoo.com with HTTP; Sun, 25 Feb 2024 22:31:44 +0000
Date: Sun, 25 Feb 2024 22:31:43 +0000
From: Reshad Rahman <reshad@yahoo.com>
Reply-To: Reshad Rahman <reshad@yahoo.com>
To: "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>, Jeffrey Haas <jhaas@pfrc.org>
Message-ID: <1596993238.316567.1708900303895@mail.yahoo.com>
In-Reply-To: <20240223213246.GA15208@pfrc.org>
References: <20240223213246.GA15208@pfrc.org>
Subject: Re: Resolving lingering issues with BFD authentication drafts
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="----=_Part_316566_747198252.1708900303893"
X-Mailer: WebService/1.1.22103 YMailNorrin
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/BNO7-At0-gwvRerRSyFwKknooAE>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 25 Feb 2024 22:31:48 -0000
Jeff, overall this looks to be a good way forward, it addresses the main concern I had expressed.
BFD WG, please take a look at the procedures outlined below and provide feedback.
Comments/questions inline.
On Friday, February 23, 2024, 04:32:55 PM EST, Jeffrey Haas <jhaas@pfrc.org> wrote:
Here's an attempt to provide a path to resolve the lingering issues in the
authentication drafts.
Core lingering issues:
- The NULL auth method is attackable, but still potentially useful for the
stability procedures.
- The optimization procedures currently can have BFD go Up with the initial
stronger authentication, then go down once the optimized mode kicks in.
<RR> That's the scenario where only 1 end supports optimized procedures?
Right now, the text doesn't place any bounds on how long it might be until
the optimized procedures are initiated once the session moves to Up.
The issue here is less about bouncing the BFD session, but the impact on
BFD clients.
Possible ways to address these:
For BFD optimization:
- We remove no-authentication and NULL-authentication as methods for the
optimized session. This leaves us solely with one defined method that
both provides good enough security. It also leaves us room to add other
authentications in the future that have similar properties.
- Optimized authentication should kick in ASAP when we are in the Up state.
I believe this means that we send out at least Detect Mult packets in the
strong mechanism and then switch to the optimized mechanism. This bounds
the amount of time when we're not running in optimized mode.
<RR> Why does optimized procedures need to kick in asap? Is this in case there's an issue with the optimized procedures?
- BFD clients that are expecting optimized authentication SHOULD NOT convey<RR> BFD sessions (not clients)?
to their clients that the session is in the Up state until we've
successfully switched over to the optimized mechanism. While this seems
contrary to BFD behavior, it's no different than any of the existing
"holddown" procedures clients like BGP can implement to ensure that BFD is
stable for long enough before using the session.
<RR> Is this in case there's an issue with the optimized procedures?If yes, do we also need some text for the case where optimized procedures fail? e.g., at a certain point we have to stick to strong auth but do we retry eventually (that could cause the session to go down if we do)?
This is also not the length of time such features want. BGP BFD holddown
is in the multiples of seconds time frame. I believe we want something
that is within two Detection Intervals once the session is Up.
+ It should be noted we already require sending out this number of Up
packets in the strong mode for entraining ISAAC. However, I'm not sure if
our procedures are clear on that point. To be audited.
- How does a client tell that "we are expecting optimized authentication"?
We define parallel authentication code points for the procedure. Today,
our strong meticulous features are currently meticulous md5 and sha1; code
points 5 and 3, respectively.
We allocate two new code points, "ISAAC-optimized meticulous sha-1" and
"ISAAC-optimized meticulous md5". When these code points are used, the
expectation is the strong cipher is used to get the session to the Up
state, and the session expects to transition to ISAAC afterwards. Thus,
we no longer have the opportunity for an implementation that doesn't
support optimization to have the session half transition to up using the
strong mode and fail once the switch attempts to a mode it doesn't
understand.<RR> I like it!
- We might want to consider having the shared secret used for both strong
and optimized mode. While we've had discussion that we might not want to
do this, having a common shared secret means that misconfiguration stops
being the operational consideration that drives the most likely reasons
for failure of the transition to optimized authentication.
+ This can be a SHOULD for the above reasons.
+ If the operator does not want to use the same shared secret, that's
still fine. It just means they're accepting the potential additional
fragility.
- The NULL auth mechanism is moved out of the optimized draft into the
stability draft.
For BFD stability:
- The NULL auth method is pulled into this document.
- The NULL auth's procedures are slightly updated such that the sequence
number SHOULD NOT be used for authentication. Effectively, it transitions
to a counter. This avoids the ability to use it for attacking the
protocol as noted in prior discussion.
- The NULL auth security properties are no worse at that point than no
authentication.
- Existing meticulous methods can be used as well - no change.
- ISAAC can be used when optimized mode is in use. No change.
+ ISAAC mode cannot be used alone. Its procedures for entraining the
sequence numbers currently mean it can't be the only authentication.
Lingering cleanup:
- The IANA considerations and the YANG definitions need to be readjusted
based on where we move things.
Thoughts?<RR> When transitioning from strong auth to optimized procedures, could we send both types of packets when attempting the transition? The aim being to avoid the BFD session from going down. I haven't thought this through so this may well not hold water.
Regards,Reshad.
-- Jeff
-
- Resolving lingering issues with BFD authenticatio… Jeffrey Haas
- Re: Resolving lingering issues with BFD authentic… Reshad Rahman
- Re: Resolving lingering issues with BFD authentic… Jeffrey Haas
- Re: Resolving lingering issues with BFD authentic… Reshad Rahman
- Re: Resolving lingering issues with BFD authentic… Jeffrey Haas