Re: [ssm] SSM with IPSec
Mark Baugher <mbaugher@cisco.com> Wed, 15 January 2003 17:04 UTC
Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id MAA03331 for <ssm-archive@lists.ietf.org>; Wed, 15 Jan 2003 12:04:03 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0FHIWJ26693; Wed, 15 Jan 2003 12:18:32 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id h0FGjTJ24030 for <ssm@optimus.ietf.org>; Wed, 15 Jan 2003 11:45:29 -0500
Received: from sj-msg-core-3.cisco.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA02368 for <ssm@ietf.org>; Wed, 15 Jan 2003 11:30:17 -0500 (EST)
Received: from cscoamera13263.cisco.com ([10.21.83.87]) by sj-msg-core-3.cisco.com (8.12.2/8.12.2) with ESMTP id h0FGX0jT014708; Wed, 15 Jan 2003 08:33:00 -0800 (PST)
Message-Id: <5.1.1.5.2.20030115083207.05fa7210@mira-sjc5-6.cisco.com>
X-Sender: mbaugher@mira-sjc5-6.cisco.com
X-Mailer: QUALCOMM Windows Eudora Version 5.1.1
Date: Wed, 15 Jan 2003 08:33:35 -0800
To: Brian Haberman <bkhabs@nc.rr.com>
From: Mark Baugher <mbaugher@cisco.com>
Subject: Re: [ssm] SSM with IPSec
Cc: holbrook@cisco.com, ssm@ietf.org, Brian Weis <bew@cisco.com>
In-Reply-To: <3E255C25.2050408@nc.rr.com>
References: <20030115062534.076C910B869@holbrook-laptop.cisco.com> <20030115062534.076C910B869@holbrook-laptop.cisco.com>
Mime-Version: 1.0
Content-Type: text/plain; charset="us-ascii"; format="flowed"
Sender: ssm-admin@ietf.org
Errors-To: ssm-admin@ietf.org
X-BeenThere: ssm@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ssm>, <mailto:ssm-request@ietf.org?subject=unsubscribe>
List-Id: Source-Specific Multicast <ssm.ietf.org>
List-Post: <mailto:ssm@ietf.org>
List-Help: <mailto:ssm-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ssm>, <mailto:ssm-request@ietf.org?subject=subscribe>
At 08:03 AM 1/15/2003 -0500, Brian Haberman wrote: >Hugh, > I had a similar discussion with Thomas Hardjono on the >subject. I feel comfortable with adding text the the arch >doc and allowing MSEC to work through the details. I would >suggest that some of us volunteer to assist the MSEC guys >with the details of SSM if needed. I am willing to help them >out if the need arises. I mentioned this to Thomas, Brian and Ran. We would like to review our proposal with a small group who are knowledgeable about SSM and current IP multicast requirements. Mark >Brian > >Hugh Holbrook wrote: >>Hello, SSM working group. >>[ Welcome to the brand spanking new ssm@ietf.org mailing list. Please >> tell me if you notice any problems with the list. You should have >> received a mail from the mailman program running the list. The SSM >> page at ietf.org still lists the [un]subscription info for the old >> list, but it will be updated shortly. ] >>Last week, I was talking to some security folks here (Brian Weis and >>Mark Baugher) who pointed out that IPSec as specified in RFC2401 has >>some issues when securing SSM traffic. In short, the problem is that >>including the source in the SA lookup isn't really accounted for in >>IPSec, but it really should be. Details below. >>I don't think this is a really urgent problem, but I think the WG >>should be aware of the problem, so I'll spell it out. Comments >>solicited. >>Some IPSec background: >>[Apologies for the tutorial, but I know that not everyone in the wg is >> fluent in IPSec details.] >>IPSec, in RFC2401, specifies that an incoming IPSec packet is looked >>up on arrival in a local Security Association Database (SAD) to decide >>which Security Association (SA) should be applied to the packet [see >>section 4.4.3 of RFC2401.] The resulting SA determines the >>decryption/authentication key, and the anti-replay window (if one is >>used). >>RFC2401 specifies that the key for the SAD lookup is a 3-tuple of: >> - the packet's destination IP address >> - the IPSec protocol (ESP or AH) >> - the Security Parameters Index (SPI) >>The problem (for SSM) is that the source address is *not* included in >>the SAD lookup. >>The problem: >>You would to be sure that two unrelated SSM channels, if secured by >>IPSec, can be guaranteed to have unique Security Associations at all >>receivers. This should be true even if the senders accidentally >>happen to choose the same SSM destination address. There is, however, >>no entity that "owns" an SSM destination address and can reasonably >>ensure that every sender to an SSM address uses a unique SPI >>One could envision a similar problem for ASM, but I believe in the ASM >>case, the assumption of the IPSec design is that there exists a "group >>controller" that logically "owns" the group and can hand out a unique >>SPI to each source that needs one. But this doesn't apply to SSM. >>The mere existence of such an entity for an SSM address would defeat >>one of SSM's big benefits -- that external coordination with other >>senders is not needed before choosing and using an SSM address. >>In practice, I don't think this problem is very severe. It only >>arises if a receiver subscribes simultaneously to two unrelated >>IPSec'ed channels whose sources happen to have chosen the same IPDA >>and the same IPSec SPI. Given that the <IPDA,SPI> tuple contains 56 >>bits of generally randomly-picked data, it is very unlikely to occur >>in practice. However, I don't think the architecture should rely on >>coincidence to work properly. >>What to do: >>The solution that I most like is fairly easy to state: require the >>source address to be part of the SA lookup when the destination >>address is an SSM address. Mark and Brian inform me that the msec >>working group is looking at solving the problem this way. >>The required action from the SSM working group is, I think, to simply >>point out the problem in the -arch draft, more or less as I've done >>above, and note that work is currently underway to address the >>problem. I don't believe we need to or want to hold up the SSM draft >>until msec (or ipsec) solves the problem, but I'd like to hear WG >>comments on this topic. >>I'll probably be sending out some proposed modifications to the >>architecture draft shortly. >>Thanks to Mark and Brian for pointing out this problem. _______________________________________________ ssm mailing list ssm@ietf.org https://www1.ietf.org/mailman/listinfo/ssm
- [ssm] SSM with IPSec Hugh Holbrook
- Re: [ssm] SSM with IPSec Brian Haberman
- Re: [ssm] SSM with IPSec Brad Huntting
- Re: Re: [ssm] SSM with IPSec Hugh Holbrook
- Re: [ssm] SSM with IPSec Mark Baugher
- Re: Re: [ssm] SSM with IPSec Toerless Eckert
- Re: Re: Re: [ssm] SSM with IPSec Hugh Holbrook
- Re: Re: Re: [ssm] SSM with IPSec Mark Baugher
- Re: Re: Re: [ssm] SSM with IPSec Toerless Eckert
- Re: Re: Re: [ssm] SSM with IPSec Mark Baugher
- Re: Re: Re: [ssm] SSM with IPSec Toerless Eckert