IETF Logo Mail Archive

Re: [saag] New Version Notification for draft-cui-dhc-dhcpv6-encryption-02.txt

Alan DeKok <aland@deployingradius.com> Sun, 02 August 2015 08:17 UTC

Return-Path: <aland@deployingradius.com>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BE4381A1EF1 for <saag@ietfa.amsl.com>; Sun, 2 Aug 2015 01:17:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DSMNyHM2saW4 for <saag@ietfa.amsl.com>; Sun, 2 Aug 2015 01:17:30 -0700 (PDT)
Received: from power.freeradius.org (power.freeradius.org [195.154.231.44]) by ietfa.amsl.com (Postfix) with ESMTP id 92C4C1A1EEA for <saag@ietf.org>; Sun, 2 Aug 2015 01:17:30 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by power.freeradius.org (Postfix) with ESMTP id 3766A2240720; Sun, 2 Aug 2015 10:17:29 +0200 (CEST)
X-Virus-Scanned: Debian amavisd-new at power.freeradius.org
Received: from power.freeradius.org ([127.0.0.1]) by localhost (power.freeradius.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KnXm77W6IFxx; Sun, 2 Aug 2015 10:17:28 +0200 (CEST)
Received: from [10.192.1.135] (LPoitiers-656-1-89-54.w193-251.abo.wanadoo.fr [193.251.88.54]) by power.freeradius.org (Postfix) with ESMTPSA id 815D022401C5; Sun, 2 Aug 2015 10:17:28 +0200 (CEST)
Content-Type: text/plain; charset="iso-8859-1"
Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\))
From: Alan DeKok <aland@deployingradius.com>
In-Reply-To: <BLU181-W40A804FB089C688A209AC593880@phx.gbl>
Date: Sun, 02 Aug 2015 10:17:27 +0200
Content-Transfer-Encoding: quoted-printable
Message-Id: <85F31297-B08F-4A86-B9A0-8004FB78DD01@deployingradius.com>
References: <313da830.6be8.14ed8564467.Coremail.lilishan48@126.com>, <m2mvyfh1re.wl%randy@psg.com> <55B8A692.8080409@cs.tcd.ie>, <m2a8ufgpjn.wl%randy@psg.com> <55B8D49A.1010402@cs.tcd.ie>, <m2y4hyg2za.wl%randy@psg.com>, <DM2PR0301MB0655D564B5F697E14F5CF371A88B0@DM2PR0301MB0655.namprd03.prod.outlook.com>, <4E607681-7B1F-4128-9F24-D98FE23AA958@deployingradius.com> <BLU181-W40A804FB089C688A209AC593880@phx.gbl>
To: Aboba Bernard <bernard_aboba@hotmail.com>
X-Mailer: Apple Mail (2.1878.6)
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/RD6iP14134ScFJEHJFjT9wo96lE>
Cc: Security Area Advisory Group <saag@ietf.org>
Subject: Re: [saag] New Version Notification for draft-cui-dhc-dhcpv6-encryption-02.txt
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 02 Aug 2015 08:17:32 -0000

On Aug 2, 2015, at 3:27 AM, Bernard Aboba <bernard_aboba@hotmail.com> wrote:
> [BA] Authenticating a DHCP packet with a unicast key derived between the station and the AP would not prove authorization to act as a DHCP server, so IMHO it would not add any value beyond what is already provided by 802.11 security.

  That's true.  All it would do was signal that the DHCP packet came from the AP.  Which we already know.

>  Similarly, authenticating a multicast DHCP packet with a key derived from the 802.11 group key would also not demonstrate authorization to act as a DHCP server so that also adds no value. 

  Sure, but that's not what I meant.

  I was thinking of the MSK / EMSK, which are derived from the EAP session, and typically the TLS session.  The EAPOL Key is in turn derived from that.

  It should be possible to derive a DHCP session key from the MSK.  The authentication server can send the DHCP session key to the DHCP server, which can then use it to sign DHCP packets.  The supplicant can do the same thing, and validate the incoming DHCP packet.  The key would be unique to each session.  It would also be possible to use the MSK to derive a unique MAC address for the device, which would signal to the DHCP server that the device had previously been authenticated via 802.1X.  And that identity derivation would solve most of the issues around privacy of identifiers.

  This is imperfect, of course.  It presumes that 802.1X is used, which isn't always the case.  Other methods will be needed in other circumstances.

  Alan DeKok.

v2.23.0 | Report a Bug | By Email