IETF Logo Mail Archive

Re: draft-ietf-bfd-optimizing-authentication-13 nits

Alan DeKok <aland@deployingradius.com> Sun, 21 January 2024 00:45 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 97DF5C14F5F7; Sat, 20 Jan 2024 16:45:46 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.909
X-Spam-Level:
X-Spam-Status: No, score=-1.909 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id O9wefwLohM2v; Sat, 20 Jan 2024 16:45:44 -0800 (PST)
Received: from mail.networkradius.com (mail.networkradius.com [62.210.147.122]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0A464C14F5EA; Sat, 20 Jan 2024 16:45:37 -0800 (PST)
Received: from smtpclient.apple (135-23-95-173.cpe.pppoe.ca [135.23.95.173]) by mail.networkradius.com (Postfix) with ESMTPSA id 6EDE15C9; Sun, 21 Jan 2024 00:45:33 +0000 (UTC)
Authentication-Results: NetworkRADIUS; dmarc=none (p=none dis=none) header.from=deployingradius.com
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.120.41.1.1\))
Subject: Re: draft-ietf-bfd-optimizing-authentication-13 nits
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <9CDB2C7B-BAB6-476C-9F12-BFA7EAD6DD60@gmail.com>
Date: Sat, 20 Jan 2024 19:45:31 -0500
Cc: Jeffrey Haas <jhaas@pfrc.org>, "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>, draft-ietf-bfd-optimizing-authentication@ietf.org, Ashesh Mishra <mishra.ashesh@gmail.com>
Content-Transfer-Encoding: quoted-printable
Message-Id: <B49A64C7-731F-4729-9D99-AC6C133983C8@deployingradius.com>
References: <4F3695C8-3736-4E55-B5BB-84671FDC367E@pfrc.org> <A8D0BCD4-15FA-4061-A7F0-6D888158F5A3@gmail.com> <D3DB82BE-730A-4D7C-88B8-3B309C5AC3B9@pfrc.org> <9CDB2C7B-BAB6-476C-9F12-BFA7EAD6DD60@gmail.com>
To: Mahesh Jethanandani <mjethanandani@gmail.com>
X-Mailer: Apple Mail (2.3696.120.41.1.1)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/d1CN75ahL3r_ABWNUFKJPV8Rl2Q>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 21 Jan 2024 00:45:46 -0000

On Jan 19, 2024, at 7:14 PM, Mahesh Jethanandani <mjethanandani@gmail.com> wrote:
> In my mind, and my co-authors can correct me if my understanding is incorrect, I do not see "optimized auth" as a choice between "NULL-auth" and "secure-sequence" numbers. When the A-bit is set, the choice is between doing authentication as described in RFC 5880 (bfd.AuthType=[1..5]), or doing "optimized auth". If "optimized auth" is chosen, bfd.AuthType can toggle from one of the non-zero values to NULL-auth (whatever non-zero value is assigned to it) and back.
> 
> At the same time, if 'secure-seq-num' is configured as ’true’, the sequence number is generated as defined by I-D.ietf-bfd-secure-sequence-numbers, and inserted into the packet. The only question I ask is, if “optimized auth” is enabled, and when there is a state transition, the packet is “fully” authenticated by selecting bfd.AuthType as one of the non-zero values (but not NULL-auth). Do we need to generate a secure sequence number at that time? Or is it easier/simpler to let it continue generating the secure sequence number, and not deal with “lost” packets as the session transitions from bfd.AuthType with a non-zero value and NULL-auth.

  We should probably stop calling it "secure sequence numbers".  I think that name doesn't help.

  Instead, the draft migrated towards just being another Auth Type, but one where the BFD packets are not authenticated.  Instead, the sender is verified to follow a PRNG sequence.  The PRNG is seeded using the secret key and various per-session information.

  So the Auth Types are "full packet authentication" via SHA, MD5, etc or "verified sender".

  If the packet isn't authenticated but the sender is verified, then we still can decide that the sender is up.  And it matters a lot less what the rest of the packet contents are.
 
>> Interesting edge choice question: Alan's recent changes permits even "simple password" to be a valid mode, but it's probably not something we want to operationally support.  In particular, because it does NOT include sequence numbers and thus provides zero protection vs. reply during the non-optimized path.
> 
> Agree. Where do we call this out? In this or in the secure-sequence-number draft?

  i would lean towards forbidding "simple password", unless it uses a different password than is used for the stronger authentication methods.  Otherwise it leads to the password being exposed.

  I would also ask if the ISAAC PRNG is reasonably secure, do we really need to occasionally swap to another Auth Type?

  i.e. what is the reason for switching from ISAAC to SHA1, and then back again?  What are we trying to prove?

  Alan DeKok.

v2.23.0 | Report a Bug | By Email