IETF Logo Mail Archive

Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt

Reshad Rahman <reshad@yahoo.com> Wed, 10 March 2021 03:28 UTC

Return-Path: <reshad@yahoo.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 100523A1905 for <rtg-bfd@ietfa.amsl.com>; Tue, 9 Mar 2021 19:28:15 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.218
X-Spam-Level:
X-Spam-Status: No, score=-0.218 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FREEMAIL_REPLY=1, HTML_MESSAGE=0.001, MALFORMED_FREEMAIL=0.878, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, RCVD_IN_MSPIKE_H2=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=yahoo.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id IaQl3iIQrXx9 for <rtg-bfd@ietfa.amsl.com>; Tue, 9 Mar 2021 19:28:12 -0800 (PST)
Received: from sonic314-15.consmr.mail.bf2.yahoo.com (sonic314-15.consmr.mail.bf2.yahoo.com [74.6.132.125]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8CAE83A1904 for <rtg-bfd@ietf.org>; Tue, 9 Mar 2021 19:28:12 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1615346891; bh=RUGi4qcVu+Xw6KDtK18M/Ymd2Tez7pB0AfIY7aI9Ins=; h=Date:Subject:From:To:References:In-Reply-To:From:Subject:Reply-To; b=FPWbULetXAFnoAcMpdKxUuFYbZRVmzgWtGgHKkPzE3fjKJZqX2oZ6vylfXaH5ZF3ZA736pNk01phuL5ZTR7ld9BcxIcx89hGD9idYY1zyfWd36SSgoGghS07MQXbbs5V4d6czD0dl1uRa2NXv1M925ebN+7R9bhUy9NLVGkbPIJCCairESexo0zOzW6WgkmHYdUoaSNZlaEIS+5YdildrRNcbRng0cH/Ye3vZ8dVohOvzeSi5oZ+ZiyyILkRf5pp4CXWpHfOxWe9aaqUpXHLnlAmkcQ2lAm9YZexj6QaF9SfWgfSF4DLYRDdaEHkcTI5yVEQP9xt4eYNPVrQZ2NxfA==
X-SONIC-DKIM-SIGN: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s2048; t=1615346891; bh=BMQtS7i6xoaGc4M+lBn8j3OlkMesW4OrbohA+GC5xxu=; h=X-Sonic-MF:Date:Subject:From:To:From:Subject; b=uZ0TMMGVE9aDqBBsKOaXHOIGYR1qDlRhnw3Ai6tmK/0R2YvA1ZqX0Q44cZVxhQPFEUgREQGDFUuAZz20Ci1x++GTQ5AY8ZTFUJwHrZRIJ+hepY+oSswZzhJ0TnGmNV3MQ50G0hxv8lJHVdw6RsqUFO8VFiMgnG48YgKp2yBVhTYka3YWuFK/UlEHnvrSwuRlPLA3VzI/Cs7kmoe45bNvj6rZySbLqHj0uRLYqJR9bzC4nVdpv8dLKIZtIaDFbnarjT+HXnFLDPfUosC40spNy617lDLfl8cv1RId7WZiZDsUKxfsDCQjg24zJup8WT413eUflYuGoYx5Dln4wOiCUw==
X-YMail-OSG: 1c.MWCQVM1l5.L_MVvS6NTj1VBuKkZE.Gdv3lQzNbzGB9XQFuFzW52J5QDdCUXj zBpMd4IUyVJdzarBe5QYuS1ECAf.p0c1aRFfFkJV6Kd_mdr.dZ91b8Q4xjMTpy4XwIRBN23mqxkk .7hLQh.WBqJwNk59JLRGllCqKh9Sn16h9kQ9z1O5.U0Z3CP6jBhdC3v1e1d98OxLij3JMfbeLZTi ZCPm.jCqGqRRV38q.rW3742K08Zp_OG.bcxSgvHH5yAdY_CVUTvUILdiobzeRGE8QlrsgDdzV2HY DbGVHojuNH4LBF2WYPQQgDhWkWbtf2uwsEB0MR0mq21Pnr4gip_NaQ4eeZxB8WNvx29tA3_Fb6FV R2r7r47A7pfEEHpfbsSerdxJmZUGeyofg6MZJcvEV_H8ISIVB2VlPCFTBVjJVqStt1G1Otf9MN66 umgu2rAuj5SE7YfLc12DON8CC7.xdwBgLKQ27alaxd_ZHYMxZExikn7cHHmxm1iIfDtqQBwnLRMj M_UZN31RMr27EoN2rtX84GHxoLeTfGcesiObGiguu2K2oEva_pLduAHXjJY5hPMTOkaci67Huc.N X5OFnirCmxRLKbxa_Csie6Jqrh68k_.1kFe_xk4BsR3.lJ6kavKjRAlKmNQRD.s5FanhXrtQccpC ee1Aa0rPGVpXkCZJCfZ8G8RAU.raQiXdVn5WV473pXP5vDumDRSapJ4u4AKtNMHlR3qKQsZTm8ES .LJu2E5CL6zNX_1FdANOq0m.4ERFBNY5khxEnkAVu4O5.NRdPKWSXP_736WUun_gmU1yBCOUKFZx IyusMZcCzAU3RGloPOBlXGyuy5u_HzKr.azXLbD8w4mjz9BQcmEZ291Ae9YQgUHHIrYD8hj8ugN8 YfGZrsPXHtz8renHJ9VOzklFCDUy_YnWf9CUcijjhNvuS1RA46FydWIgHWVdOO3uqLquYwDW5g.w rCYpGQ5k5ZK_MeRW0EDKlZK1Cw4MzH2l5NMywXumNIBl44MODYZUX11J7fdF9LiJgrP.8dEKD08l fdRcQA.HYfi_j7Z8_cHSqQPdg.M3vOjY3kCF_Q7tBIrRDZoZB6JjiiwgS0kVUBflRpsPwH939KvL ZgdQaG2h9UOWvKJL6vE1QoCMpZizr8yjEwTg5mH20fknG6jkiqXUHWxJdDT_UmXZ.Vk5RH2NfFRz f4QEN4v9HiQK3ioGvCMOEe7LlMFWUOKAbF.nxfhuWQxQYwULKTCy_bfOGN7mrAmxkPWJ0hYLCQic geNk50mB13evEmQ8kWRUuawNJCbihJqPEpb9Eh2wJVjHlxN5iQr448klmwrdE0.8Jlt0q0_jHKpF qeZSUagXMkriMySXdDoARvdfYAhqi7TS8SvIEZhFpC1ZRYQ1qwqNd2BhpqxK8PNJ0PQQhNxCefiM oL.7bokOzTUV8l1fBWI1gNvznqGvTRQtSOfDI_oigXDQVhrgNDYHlfcujQMtX3NbHrM5AEHz9mjM 4T.ZvqkG2HjykGyHCB2neF3vBji6K.U08tCA1yQ6z6TsPTm6DFu8mJv5RPC22dWRy8YsQVLhfMAx Qkq85EnIdqK85qxDr0gv1ESRnsVGlSoRi_m7YVTBuXAr4QKyLSlnIm3a.q0Q3hokyzwJVkCOf8Vl DgMTlxKjx.vrQjGk5FaLOkAlsQFpO8qm6u66W_S.dV3.RUtZvrtgUSm0Z04w_H67Rq.pMqJJlV5S 9LSWIbmlI3XKf.MCiUznNbMM_vtRve8K0TCBI49NWA3tSTmb7fNo0BxqlRLS80lpDPDyjv5kOWkf bEHRAnbKLE62LyLaE5g6GGcDMyy5HhrsFEVfClKHVXzAHrlwjOnZfV.hNl619u1vJcCvBSUhCoIF nQBVEPFNBUdNzRPnRHFJ1EMNCUdiPVyS4ru2fKF4QG7pczWm875lVCYMsxKrJeA29WDGSnaJZddW T4yLEsMdieUzLuN1ftFMZrsYIkEcNvbzy2QQGLaw4N4X8FWWrWr93S7AKp40xWkFduqZBv8jX3Oc c0fhftOPNc2MqJ4_MOCqg2hN6YlXNHI0tVSYNWprc2pYBAVUMgK8ykEWxDgrsz0hGtZ_K4TX8fJo wuLZM6duSC70oZfPJhumfhFXlmRsPM1PmCVWYLwecEpALqgTgZB_UnJmKgiY5sGCu08dc1r_Z7mf 81jjsf8OnV8kmSK1YulV459he90cVKi5cSBhPKGvvz0sbqU.t1xqbyaGIKW1YT1rdIkcfjW12wOw G07A_Kr5i6J2IekRknJqk95CB4HovXkJEbXyJjnfISz3W1CMQwgcLV5HSJ7.AgPWDyasgtbYd5qX BKJkktWMjsmMPdmt3LZjQqpfdbe6THdJ.etYSkks77f_Uggrr3O0DwhK3zoiWcxyC4P3CC8O.oW5 zldgMKOmnk_BPHbG.uSirJ0k89iKKt3RWirfhm5j.fsNdyObnR24D91VehyRPi0G76KaGMgac5r9 nXm94ZHzs.riQ5NDjErc249J50oTX5Xg.QkdIUuX3CkgcDypXb5AEeuOq8.aWX29jhzLykvSloxz qFJHWDCXqnBb8dc_nusZ_
X-Sonic-MF: <reshad@yahoo.com>
Received: from sonic.gate.mail.ne1.yahoo.com by sonic314.consmr.mail.bf2.yahoo.com with HTTP; Wed, 10 Mar 2021 03:28:11 +0000
Received: by kubenode553.mail-prod1.omega.gq1.yahoo.com (VZM Hermes SMTP Server) with ESMTPA ID 6a4cc52176abb954d25d39669870f585; Wed, 10 Mar 2021 03:28:07 +0000 (UTC)
User-Agent: Microsoft-MacOutlook/16.44.20121301
Date: Tue, 09 Mar 2021 22:28:03 -0500
Subject: Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt
From: Reshad Rahman <reshad@yahoo.com>
To: Sonal Agarwal <sagarwal12@gmail.com>, rtg-bfd@ietf.org
Message-ID: <D057A636-3E75-4E44-BCCB-04280DF93B26@yahoo.com>
Thread-Topic: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt
References: <161523096352.2145.10949026299560929284@ietfa.amsl.com> <CAMMHi8gvfyQFwa6jnr7v-1u1GV-16QKdFBCtJ_R7oyXZeh3D7A@mail.gmail.com>
In-Reply-To: <CAMMHi8gvfyQFwa6jnr7v-1u1GV-16QKdFBCtJ_R7oyXZeh3D7A@mail.gmail.com>
Mime-version: 1.0
Content-type: multipart/mixed; boundary="B_3698173687_2065995074"
X-Mailer: WebService/1.1.17872 mail.backend.jedi.jws.acl:role.jedi.acl.token.atz.jws.hermes.yahoo Apache-HttpAsyncClient/4.1.4 (Java/11.0.9.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/TB2S9K_sef2etbmkmqh0HSJTlec>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 10 Mar 2021 03:28:15 -0000

Hi Sonal,

 

Thanks for the update. But I believe not all comments from ~2 weeks ago (see attached) have been addressed. E.g. use of “symmetric algorithm” and “shared secret key” (as opposed to using variations of the same term).  Also, section 4 headline is still “Impact of using a hash”, but the text has been changed (hash -> cyphertext) here.

 

Regards,

Reshad.

 

From: Rtg-bfd <rtg-bfd-bounces@ietf.org> on behalf of Sonal Agarwal <sagarwal12@gmail.com>
Date: Monday, March 8, 2021 at 2:40 PM
To: <rtg-bfd@ietf.org>
Subject: Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt

 

Hi all,

 

Version 8 of the draft addresses all Shepherd comments.

 

Regards,

Sonal.

 

 

On Mon, Mar 8, 2021 at 11:16 AM <internet-drafts@ietf.org> wrote:


A New Internet-Draft is available from the on-line Internet-Drafts directories.
This draft is a work item of the Bidirectional Forwarding Detection WG of the IETF.

        Title           : Secure BFD Sequence Numbers
        Authors         : Mahesh Jethanandani
                          Sonal Agarwal
                          Ashesh Mishra
                          Ankur Saxena
                          Alan DeKok
        Filename        : draft-ietf-bfd-secure-sequence-numbers-08.txt
        Pages           : 6
        Date            : 2021-03-08

Abstract:
   This document describes a security enhancement for the sequence
   number used in BFD control packets.  This document updates RFC 5880.


The IETF datatracker status page for this draft is:
https://datatracker.ietf.org/doc/draft-ietf-bfd-secure-sequence-numbers/

There are also htmlized versions available at:
https://tools.ietf.org/html/draft-ietf-bfd-secure-sequence-numbers-08
https://datatracker.ietf.org/doc/html/draft-ietf-bfd-secure-sequence-numbers-08

A diff from the previous version is available at:
https://www.ietf.org/rfcdiff?url2=draft-ietf-bfd-secure-sequence-numbers-08


Please note that it may take a couple of minutes from the time of submission
until the htmlized version and diff are available at tools.ietf.org.

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/
--- Begin Message --- 
Hi Mahesh,

 

Thanks for the response. 

 

Would it be possible to have an updated document when the gates reopen?  Please see inline.

 

From: Rtg-bfd <rtg-bfd-bounces@ietf.org> on behalf of Mahesh Jethanandani <mjethanandani@gmail.com>
Date: Tuesday, February 23, 2021 at 3:03 PM
To: Reshad Rahman <reshad@yahoo.com>, Jeffrey Haas <jhaas@pfrc.org>
Cc: "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>, "draft-ietf-bfd-secure-sequence-numbers@ietf.org" <draft-ietf-bfd-secure-sequence-numbers@ietf.org>
Subject: Re: Shephered writeup for draft-ietf-bfd-secure-sequence-numbers

 

Hi Reshad,

 

I never really received this e-mail, till Sonal forwarded it to me. 

<RR> You have to remove my name from the spam sender list 😊

 

Anyway, here are our responses to the comments you have provided. Please see inline with [mj].

 

Hi Sonal, authors,

 

Thanks for the document update. Main comments:

 
Hash has been replaced by symmetric algorithm, to be able to retrieve the sequence number at the receiving side, this is good. 
Section 3 mentions that the symmetric key is provisioned securely on sender and receiver, but there is no mention of provisioning of the algorithm/function. Also there is no mention of what algorithms to use, is this on purpose since what’s good today will not be recommended tomorrow? Should we at least say “do not use DES” or too obvious?
[mj] I believe this is a question for the WG, and maybe something we can bring up in the upcoming meeting, if it is not answered on the mailing list. Would the WG prefer that a (set of) algorithms MUST be defined to ensure interoperability, or is this something we should leave up to implementors/operators to agree? We are concerned what we define today might be obsoleted tomorrow.

<RR> it would be good to have an update on this document at the upcoming meeting. Having a MUST set of algorithms has the drawback you mentioned. Letting implementors/operators agree is fine but I think we still need a suggested list (as of 2021) for interop. And I believe we need some text in the document wrt provisioning the algorithm.

 
Was there any discussions/thoughts on using asymmetric encryption instead (I didn’t follow this document when it started)? It avoids the pain of having a shared secret. I’m not saying we should go with asymmetric, just wondering.
[mj] We chose symmetric because that is what 5880 talks about.

<RR> Good with me. I’ll defer to security experts.



 
For the key, the terms “symmetric key”, “shared secret key” and “shared key” are used, settle on one for clarity (I believe it should be “shared key” or “shared secret”?)
[mj] Ok. How about “shared secret key”?

<RR> Good.



 
For the algorithm, the terms “symmetric key algorithm”, “symmetric algorithm” , “symmetric encryption algorithm”, “symmetric decryption algorithm” are used. Again, pick 1 “symmetric algorithm”?).
[mj] Ok. We will pick “symmetric algorithm”.

<RR> Good.

 
The term “hash” is still used e.g. in section 4 header
[mj] That is deliberate. We use “hash” when we refer to the value that is calculated over the entire packet and appended as a value at the end of the packet. That is different from ciphertext, which is the value after applying the symmetric algorithm on the sequence number and inserted in-lieu of the sequence number before the hash is calculated.

<RR> Section 4 header still uses the term “hash” but the text in that section has been changed to “cyphertext”, I believe this is an oversight.

 
Security is not my expertise. Should we get a security review asap, as opposed to waiting for IESG review. Jeff/Martin?
[mj] It would not be a bad idea, although we do have a security expert as a co-author on the draft :-)

<RR> It would seem you’re covered then. 



 
Diagram chains are clearer now.
Sequence number validity as described at the bottom of page 3 and on P4 (at the end of section 3). RFC5880 sections 6.7.3 and 6.7.4 describe that received sequence number should be between bfd.RcvAuthSeq(+1) to bfd.RcvAuthSeq+(3*Detect Mult) inclusive. I don’t see why this has to be changed for secure sequence numbers.
[mj] We will just refer to 5880.

<RR> Good.



 
Jeff’s comment regarding “The first sequence number can be obtained…” in section 3. I believe the text is incorrect. RFC5880 sections 6.7.3 and 6.7.4 explain how the first sequence number is obtained (using bfd.AuthSeqKnown and bfd.RcvAuthSeq).
[mj] Ditto.

<RR> Good.

 

Regards,

Reshad.

 
 

Nits:

 

Section 4: s/”while encryption/decryption”/”while doing encryption/decryption”/

[mj] Ok.

What does “non linear” mean in “monotonically increasing (but non linear) sequence number”?
[mj] A monotonically increasing number is just that, an increasing number, but it does not have to be linear. See the diagram below. That is why the mention of non-linear.

 




Section 7: s/Jeff Hass/Jeff Haas/

[mj] Will fix :-). Thanks


 

Regards,

Reshad.

Mahesh Jethanandani

mjethanandani@gmail.com
--- End Message ---

v2.23.0 | Report a Bug | By Email