IETF Logo Mail Archive

Re: [sidr] Keys and algorithms for Updates - feasibility analysis? (was Re: RPKI and private keys)

Christopher Morrow <morrowc.lists@gmail.com> Mon, 14 May 2012 16:48 UTC

Return-Path: <christopher.morrow@gmail.com>
X-Original-To: sidr@ietfa.amsl.com
Delivered-To: sidr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 7B04021F881C for <sidr@ietfa.amsl.com>; Mon, 14 May 2012 09:48:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -103.577
X-Spam-Level:
X-Spam-Status: No, score=-103.577 tagged_above=-999 required=5 tests=[AWL=0.022, BAYES_00=-2.599, RCVD_IN_DNSWL_LOW=-1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ty9VuhmVleuA for <sidr@ietfa.amsl.com>; Mon, 14 May 2012 09:48:25 -0700 (PDT)
Received: from mail-qa0-f49.google.com (mail-qa0-f49.google.com [209.85.216.49]) by ietfa.amsl.com (Postfix) with ESMTP id AD77821F880D for <sidr@ietf.org>; Mon, 14 May 2012 09:48:25 -0700 (PDT)
Received: by qabj40 with SMTP id j40so3838652qab.15 for <sidr@ietf.org>; Mon, 14 May 2012 09:48:25 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; bh=8/zokmNshvDtAxwz0Q+HanUAy9BWFuYWzkW886bhEpU=; b=y5WSjDg+3PxiIBCyKk/4EH80Z0t3P/5Rj/LYUjlEckEbru8FsNfDc+KS13c1xcoDjr bmwfycIEd6ERe0PIyaYCV8isiJ0teYftiIke/4XTrghrdUETlbAXPv1NbwjZr7jHd8mg APFRJquOh+cnn/p+rLnGQjCsRHa5WElcMyV+EhCaV8AJKwPFWwTndEwRBmCUWfz74zYV tIqWop0JBQaS+RthKWetIWf6DXlL6kZar5w00Gcny5lUnPT9267DUnzORTs1BNMBlIDV k4mw1Qci381rwTxC/aj+3XGHb+ijacvs8f4+Y+Vj8aIhOv0asZ+KFtqwjGHPkiyME6Q3 h6BQ==
MIME-Version: 1.0
Received: by 10.60.7.200 with SMTP id l8mr1754162oea.52.1337014104969; Mon, 14 May 2012 09:48:24 -0700 (PDT)
Sender: christopher.morrow@gmail.com
Received: by 10.182.166.71 with HTTP; Mon, 14 May 2012 09:48:24 -0700 (PDT)
In-Reply-To: <CABFLmSQGTGs4j-4K791qvYTNb1ns4vQ7x9x64MeQjj4=Y9JEmw@mail.gmail.com>
References: <CAH1iCiruThFzpef5u9NVt+3AokGnuFhq-GrbqEOkkKnVhav4zQ@mail.gmail.com> <CAL9jLab2XT-4NWr8KyHKOiQMTWqE5cTavmEr4Uw+S4zhrA=YLA@mail.gmail.com> <CAH1iCiq3so54pE9XBM5Bp13xaERbmShipmCg=ckEySiDsh5ZPQ@mail.gmail.com> <D7A0423E5E193F40BE6E94126930C4930B990A66A8@MBCLUSTER.xchange.nist.gov> <CAH1iCirMKm1TbtBzWSKy=vHGLdYHvbtnXcwO1G9aG00n3DXmyw@mail.gmail.com> <D7A0423E5E193F40BE6E94126930C4930B990A6710@MBCLUSTER.xchange.nist.gov> <D7A0423E5E193F40BE6E94126930C4930B990A6716@MBCLUSTER.xchange.nist.gov> <CABFLmSTVmEUMYZmXNkbhSac0_jb0o-2nPG2_58Si0SGmF0podA@mail.gmail.com> <D7A0423E5E193F40BE6E94126930C4930B985DEF48@MBCLUSTER.xchange.nist.gov> <24B20D14B2CD29478C8D5D6E9CBB29F60F70871E@Hermes.columbia.ads.sparta.com> <CAH1iCio4_PaLFACs_cDZRV9c3iYhn93XqCrQrR5PD48bpyM3BA@mail.gmail.com> <CAL9jLab0aSJBpQTtbNLq_qLbxwhXj7Y3-_aqZVeMPoTB5C8DTA@mail.gmail.com> <CAH1iCioDW_mBWNyMy8K-jOrjdNqtnpQjdneSvWdRg0NWLNYV3w@mail.gmail.com> <CAL9jLabs4RtS-EsHP6DwtMbsQz6GJSCZrv24N118HMHYCDe_Sg@mail.gmail.com> <CAH1iCioSxfswyorBr8R+VpHCDcMqyA9QqYgog7C3wcoh17mRMw@mail.gmail.com> <CAL9jLaYEjOhLvKV88QX_GygYqUWxV03J1CnRtDAPqXF0uENa2g@mail.gmail.com> <CABFLmSQGTGs4j-4K791qvYTNb1ns4vQ7x9x64MeQjj4=Y9JEmw@mail.gmail.com>
Date: Mon, 14 May 2012 12:48:24 -0400
X-Google-Sender-Auth: r4nF5nwFHGCe0QnejVdcG5v7gIw
Message-ID: <CAL9jLaYDHQPLc6kThnjUz3_4_BXFTtqPveO-ryqZf7oFv36dSA@mail.gmail.com>
From: Christopher Morrow <morrowc.lists@gmail.com>
To: Ross.Anderson@cl.cam.ac.uk
Content-Type: text/plain; charset="ISO-8859-1"
Cc: "Murphy, Sandra" <Sandra.Murphy@sparta.com>, "Sriram, Kotikalapudi" <kotikalapudi.sriram@nist.gov>, "sidr wg list (sidr@ietf.org)" <sidr@ietf.org>
Subject: Re: [sidr] Keys and algorithms for Updates - feasibility analysis? (was Re: RPKI and private keys)
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 14 May 2012 16:48:26 -0000

On Mon, May 14, 2012 at 11:18 AM, Ross.Anderson@cl.cam.ac.uk
<rossjanderson@googlemail.com> wrote:
> Hardware cryptoprocessors raise the issue of export licenses. They are
> also expensive. There will have to be software alternatives.

the vendors who've been involved so far didn't mention
export-problems, but that's a fair thing to keep in mind. The cost is
also interesting, but on the other side of a 200k USD device, is the
coprocessor (if needed at all, and if ONLY used for this function) a
show stopper at 100 USD/item? (at 1000? what is an average cost
Sriram?)

> If we want widespread adoption, there must be an option to "just turn
> it on" without having to shell out a load of extra money and fill a
> lot of forms.

sure.

> Security usability means more than just a zero-marginal-cost software
> implementation. It means easy setup of keys and certificates, and
> probably the option of running in "advisory more" where verification
> failures raise error messages but do not cause routes to fail. That

I think in no case will the validation just drop a route, or the plan
so far has simply been adding an ability to mark an update with some
key (community, localpref, etc) and use that in determining what to do
with the route. If you can match on validity state you COULD simply
DROP the route, but I don't think that'll be the end state for a very,
very long time.

> will enable ASes to try, watch, and gain the confidence to turn it on.
>
> Who's looking at security usability?

smb? would you like to help? :)
^^^ - probably others as well, but he's been a voice so far, as has mr turner.

-chris

> Ross
>
>
> On 14/05/2012, Christopher Morrow <morrowc.lists@gmail.com> wrote:
>> On Mon, May 14, 2012 at 10:27 AM, Brian Dickson
>> <brian.peter.dickson@gmail.com> wrote:
>>> We can't do the crypto without HW on some of the routers involved in
>>> deployment of bgpsec.
>>>
>>> I've heard just about everyone say that, quite possibly including
>>> yourself.
>>
>> I don't think I've said that recently, one of the items brought out
>> during discussions of this was that often the hardware accelerators
>> for this are optimised for 'use one key a lot', not for 'swap in a new
>> key for every operation' (the key swap is very costly).
>>
>> Sriram has some numbers for different co-processors which are
>> interesting, but I don't think that means we need on-board crypto
>> accelerators.
>>
>>> One of the reasons for questioning the choice of crypto, is exploring the
>>> feasibility of solutions which do not require on-router HW for doing
>>> signing.
>>
>> sure, but you also invented a whole other (seemingly complex) system
>> to keep track of data (nonces and such) across multiple
>> trust/administrative domains. it seems unwieldy, to me at least.
>>
>> One of the larger stumbling blocks though is ram for RIB storage. (or
>> that seems to be one of the larger problems to address)
>>
>> -chris
>>
>>>
>>> Brian
>>>
>>>
>>> On Fri, May 11, 2012 at 9:23 PM, Christopher Morrow
>>> <morrowc.lists@gmail.com> wrote:
>>>>
>>>> On Fri, May 11, 2012 at 5:27 PM, Brian Dickson
>>>> <brian.peter.dickson@gmail.com> wrote:
>>>> > The argument that "we can't do the crypto without HW"
>>>>
>>>> i didn't see anyone say that though.
>>>
>>>
>> _______________________________________________
>> sidr mailing list
>> sidr@ietf.org
>> https://www.ietf.org/mailman/listinfo/sidr
>>

v2.29.0 | Report a Bug | By Email | System Status