Re: [secdir] Secdir review of draft-ietf-drip-rid-07

Robert Moskowitz <rgm@labs.htt-consult.com> Mon, 26 July 2021 17:53 UTC

Return-Path: <rgm@labs.htt-consult.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id E99CC3A1EC4; Mon, 26 Jul 2021 10:53:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.899
X-Spam-Level:
X-Spam-Status: No, score=-1.899 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id pC8wTPkZL_iK; Mon, 26 Jul 2021 10:53:13 -0700 (PDT)
Received: from z9m9z.htt-consult.com (z9m9z.htt-consult.com [23.123.122.147]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 014A33A1EC1; Mon, 26 Jul 2021 10:53:09 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by z9m9z.htt-consult.com (Postfix) with ESMTP id 35FB6624FD; Fri, 1 Jan 2010 01:42:08 -0500 (EST)
X-Virus-Scanned: amavisd-new at htt-consult.com
Received: from z9m9z.htt-consult.com ([127.0.0.1]) by localhost (z9m9z.htt-consult.com [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 7nR64VkdgQYw; Fri, 1 Jan 2010 01:42:00 -0500 (EST)
Received: from lx140e.htt-consult.com (unknown [192.168.160.29]) (using TLSv1.2 with cipher AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by z9m9z.htt-consult.com (Postfix) with ESMTPSA id 747B3624EE; Fri, 1 Jan 2010 01:42:00 -0500 (EST)
To: =?UTF-8?Q?Magnus_Nystr=c3=b6m?= <magnusn@gmail.com>, secdir@ietf.org, draft-ietf-drip-rid@ietf.org
References: <CADajj4ZQnWkjKdWpBgsB0oyX8_Kzj6HOL-Vkm=TrByBQMEJfPw@mail.gmail.com> <CADajj4bCTF5EeF6DZkCHpP0_GTnUYQtqa0OE3qf3Z5_AmKWfyA@mail.gmail.com> <CADajj4YxgdNXkWX7dLP0nBDWXLSKFa8M_KWWCPCgfCibYtWkAw@mail.gmail.com> <CADajj4Yw13QWbSqF_hd+P_fcNA4_YvdwqF=OgJ4pdS_1vrWphA@mail.gmail.com> <CADajj4Zw+Js8neUujMbekReVdMMFcz46NDwdHsMdWXob6Upc_w@mail.gmail.com> <CADajj4aoBaSYTFFnvAjcL7mTnfoUJOWzvve=NRhgB3qe5X8uWQ@mail.gmail.com> <CADajj4ZTBoCHo2=RJhYFNMi+5L5JJwc_EqBkeyYUUfYsVk-vVw@mail.gmail.com> <CADajj4bAjmbXjQkzJPXBihWZko2msmrHG=-4D9zF4YaFAeU0XA@mail.gmail.com>
From: Robert Moskowitz <rgm@labs.htt-consult.com>
Message-ID: <74ffc92c-6847-aaa2-120f-8ca9bce845ac@labs.htt-consult.com>
Date: Mon, 26 Jul 2021 13:52:53 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.8.1
MIME-Version: 1.0
In-Reply-To: <CADajj4bAjmbXjQkzJPXBihWZko2msmrHG=-4D9zF4YaFAeU0XA@mail.gmail.com>
Content-Type: multipart/alternative; boundary="------------1AF50D628AA3130E42E4DDE6"
Content-Language: en-US
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/COFsoRygT2VzIFBN_uuSvNftOLE>
Subject: Re: [secdir] Secdir review of draft-ietf-drip-rid-07
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2021 17:53:18 -0000

Magnus,

Thank you for your comments.  I have been with minimal connectivity due 
to storm induced power outage.

I did push out ver 08.  I quick read through your comments show I fixed 
other stuff.

I will go over your comments and get with CFRG (and about some light 
crypto stuff) in the coming weeks.

Bob

On 7/24/21 1:14 AM, Magnus Nyström wrote:
> I have reviewed this document as part of the security directorate's 
> ongoing effort to review all IETF documents being processed by the 
> IESG. These comments were written primarily for the benefit of the 
> security area directors.  Document editors and WG chairs should treat 
> these comments just like any other comments.
>
> This document describes the use of "Hierarchical Host Identity Tags" 
> as self-asserting IPv6 addresses and thereby trustable identifiers for 
> use as Remote IDs.
>
> As the security of HHITs to a large degree relies on the security of 
> the cryptographic constructs and primitives described in this 
> document, I would recommend that the IRTF CFRG or a similar group with 
> cryptographic expertise reviews this memo (unless it has already been 
> done).
>
> The security of the HHITs also seem to depend to a large degree on the 
> registrars (registry operators) that will act as backstops to ensure 
> no duplicate registrations etc. It might be helpful with a clear 
> statement as to the conditions that must be met by registrars in order 
> for this scheme to be secure.
>
> As noted, the use of a 64-bit hash is weak when considering pre-image 
> attacks. I do not understand the constraints the authors have been 
> working under in this context enough to say if there was an option for 
> a longer hash, but I think this should be part of the above suggested 
> CFRG review.
>
> The text "Another mitigation of HHIT hijacking is if the HI owner (UA) 
> supplies an object containing the HHIT and signed by the HI private 
> key of the HDA such as Appendix E.1 
> <https://datatracker.ietf.org/doc/html/draft-ietf-drip-rid#appendix-E.1> 
> as shown in Section 3.5" 
> <https://datatracker.ietf.org/doc/html/draft-ietf-drip-rid#section-3.5> 
> confuses me a bit since I don't see how the subject of an attack would 
> be able to tell should the HHIT hijack attempt occur before the HI 
> owner has supplied such an object?
>
> Lastly, the statement "The authors believe that the probability of 
> such an attack is low when Registry operators are using best 
> practices" seems weak and would preferably be backed with some more 
> quantitative analysis or at least specific statements around best 
> practices and how they would reduce the probability.
>
> Editorial: The document is in need of a grammar / wording polish but I 
> expect the rfc-editors to handle this.
>
> Thanks,
> -- Magnus
>
>