Re: [Secdispatch] Controller-IKE

Benjamin Kaduk <kaduk@mit.edu> Mon, 22 July 2019 18:19 UTC

Return-Path: <kaduk@mit.edu>
X-Original-To: secdispatch@ietfa.amsl.com
Delivered-To: secdispatch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 707CE1200CC for <secdispatch@ietfa.amsl.com>; Mon, 22 Jul 2019 11:19:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -4.2
X-Spam-Level:
X-Spam-Status: No, score=-4.2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_MED=-2.3, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 5FRIBKRmyjFd for <secdispatch@ietfa.amsl.com>; Mon, 22 Jul 2019 11:19:06 -0700 (PDT)
Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id B4F41120089 for <secdispatch@ietf.org>; Mon, 22 Jul 2019 11:19:06 -0700 (PDT)
Received: from kduck.mit.edu ([24.16.140.251]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x6MIJ0U9000940 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 22 Jul 2019 14:19:02 -0400
Date: Mon, 22 Jul 2019 13:18:59 -0500
From: Benjamin Kaduk <kaduk@mit.edu>
To: Eric Rescorla <ekr@rtfm.com>
Cc: "David Carrel (carrel)" <carrel@cisco.com>, "secdispatch@ietf.org" <secdispatch@ietf.org>
Message-ID: <20190722181859.GD99187@kduck.mit.edu>
References: <CDF90625-34F6-40C3-8AE4-AACD50D70C2E@cisco.com> <CABcZeBOC6FPDe-PrfB4QKJoNVoOVYN_JuzteZE9GyrX0O_s2mg@mail.gmail.com> <698A5E01-5924-4D6C-9BD9-A8E87712086B@cisco.com> <CABcZeBMTeRuFQShONVAXOkaw6o=-0Jy4Pnrw8dHwwsFD+oBvfQ@mail.gmail.com> <23A860FA-61F4-4CD4-93DE-2FCE06984B9D@cisco.com> <CABcZeBNNZ8dWrksR+T+mXLzfGV9RemjoMHO0Q+s+TJV8p5ud8g@mail.gmail.com> <CABcZeBO1uwLWbqin+Mk9ZXM1+x=1ypkuaPfPPK9Tr18aKxu5yg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CABcZeBO1uwLWbqin+Mk9ZXM1+x=1ypkuaPfPPK9Tr18aKxu5yg@mail.gmail.com>
User-Agent: Mutt/1.10.1 (2018-07-13)
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdispatch/yK7s1yavfkqCiFxpnDEetjF-uLU>
Subject: Re: [Secdispatch] Controller-IKE
X-BeenThere: secdispatch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Dispatch <secdispatch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdispatch/>
List-Post: <mailto:secdispatch@ietf.org>
List-Help: <mailto:secdispatch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdispatch>, <mailto:secdispatch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 22 Jul 2019 18:19:09 -0000

On Mon, Jul 22, 2019 at 11:13:24AM -0700, Eric Rescorla wrote:
> David,
> 
> At the mic today, you said that C-IKE was 2N complexity rather than N^2
> complexity in terms of messages. Here's what confuses me.
> 
> Just for simplicity, imagine that we do this in two phases: everyone
> registers their key with the controller and then the controller
> disseminates them. At this point, the controller has N keys and it needs to
> send them to N endpoints. If you are able to broadcast to all the nodes at
> once, then the controller will send N keys, so the total overhead is 2N (N
> uploads + N downloads). However, if the controller has point to point
> links, then the controller has to send ~N^2 keys (N-1 keys down N links).
> So those might be bundled into a single message, but you still have to send
> N^2 keys. Or am I missing something?

I'm p robably missing something too, but there's a couple potential
differences from what you describe -- the flow down from the controller to
the endpoints can be a P2MP flow, and also if the controller knows the
overlay network, it knows that it only has to send each endpoint (a specific)
10 keys for that endpoint to talk to the other endpoints it needs to.  That
is, each endpoint may not need (or be able to!) store the keys for all N
endpoints.

-Ben