IETF Logo Mail Archive

[saag] Fate of BFD extended authentication mechanisms

Jeffrey Haas <jhaas@pfrc.org> Tue, 24 May 2016 19:18 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: saag@ietfa.amsl.com
Delivered-To: saag@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 636AF12D9DE for <saag@ietfa.amsl.com>; Tue, 24 May 2016 12:18:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.328
X-Spam-Level:
X-Spam-Status: No, score=-3.328 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RP_MATCHES_RCVD=-1.426, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CHYXJP7PvWAS for <saag@ietfa.amsl.com>; Tue, 24 May 2016 12:18:49 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id F010D12D9EF for <saag@ietf.org>; Tue, 24 May 2016 12:18:37 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 3D9681E335; Tue, 24 May 2016 15:24:00 -0400 (EDT)
Date: Tue, 24 May 2016 15:24:00 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: saag@ietf.org
Message-ID: <20160524192400.GA9721@pfrc.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <http://mailarchive.ietf.org/arch/msg/saag/y5CUiX1GyibSiqp5IR67-3OaB1I>
Subject: [saag] Fate of BFD extended authentication mechanisms
X-BeenThere: saag@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Security Area Advisory Group <saag.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/saag>, <mailto:saag-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/saag/>
List-Post: <mailto:saag@ietf.org>
List-Help: <mailto:saag-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/saag>, <mailto:saag-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 May 2016 19:18:58 -0000

Security-folk,

Partially as a response to work concluded in the KARP Working Group, there
was previously some effort to enhance the cryptographic authentication
mechanisms present in BFD.  The core BFD protocol is described in RFC 5880,
including its authentication mechanisms.

The two main documents covering this work are below:

https://tools.ietf.org/html/draft-ietf-bfd-generic-crypto-auth-06
https://tools.ietf.org/html/draft-ietf-bfd-hmac-sha-05

To somewhat tritely summarize the work in these two documents, the generic
doc provides for:
- Increase the number space of authentication sequence number to 64 bits
  from 32.
- Provide a larger numbering space for key identifiers, from 8 bits to 16
  bits.
- Re-using this structure for all future types rather than making it a
  property of the individual authentication section for a given mechanism.

The hmac-sha doc describe SHA-2 variants of ciphers.

In general, these are understood to be the Right Things to do for BFD.
However, lack of interest in the industry from either vendors or customers,
and lack of drive from within the working group have contributed to these
documents going stale.

There is also the secondary issue that as a result of the speed at which BFD
operates and the fact it is often operating under extremely constrained
compute resources, even existing ciphers are not well deployed in spite of
the known weaknesses in the strength of those ciphers.  There is a separate
effort beginning in BFD that may mitigate these issues, but I have requested
the authors of that draft to contact the security area separately to discuss
their proposal:

https://datatracker.ietf.org/doc/draft-ietf-bfd-optimizing-authentication/

Now to my question:

It's generally understood that implementations of security mechanisms often
lag their specifications.  It's also generally understood that you want
those specifications to exist because when you need them, it's possibly
already too late.

Given this, I'm looking at options to help drive the BFD generic crypto and
hmac-sha document to publication.

As mentioned, the interest in the BFD WG is low.

My question is what is the perceived status of security related documents
that are on the Experimental track?  

For these documents to progress on the standards track, they'd have to have
some likelihood of being deployed.  That point is, as above, unclear.

-- Jeff

v2.23.0 | Report a Bug | By Email