IETF Logo Mail Archive

Re: [tcpm] Test vectors for RFC5925 algorithms?

Joseph Touch <touch@strayalpha.com> Thu, 02 April 2020 15:18 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: tcpm@ietfa.amsl.com
Delivered-To: tcpm@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D62003A13E3 for <tcpm@ietfa.amsl.com>; Thu, 2 Apr 2020 08:18:49 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.319
X-Spam-Level:
X-Spam-Status: No, score=-1.319 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_NEUTRAL=0.779, URIBL_BLOCKED=0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 52oC-1nn9iNY for <tcpm@ietfa.amsl.com>; Thu, 2 Apr 2020 08:18:48 -0700 (PDT)
Received: from server217-3.web-hosting.com (server217-3.web-hosting.com [198.54.115.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id F23C73A13E1 for <tcpm@ietf.org>; Thu, 2 Apr 2020 08:18:47 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id: Content-Transfer-Encoding:Cc:Date:In-Reply-To:From:Subject:Mime-Version: Content-Type:Sender:Reply-To:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=PZtHKr6nZa5n7fQ2Jt4Ve9Ov4pZnU2xX1IoBfsMQx9g=; b=mm1vRyZTXlIz5Ko0xDDPiArLt Zv59yT19Kr4IwtvLw5KUUQuZesQkOPhCB9+nGEH1zh62MtRiZABzNvOBLw4CKlJRVaiGmvDC0rJ2g A2GpagglIfH9KjNeI3DBM774wC8LZaSXssZL/3sowDXuderZXSItn01KIxG4hE1jrFj6HRZdLyZ+1 8Mlu0bCss/VJJFkk1sBELvKEnV7iCn2pdmvOqZ8HBLoDyY/Eu7Ep4HIoJQ4ZLJq4JfbkhfKf1aodU wvjcaV9KxW3Vy71tARlpY823l/fiVEjHIEDbL6m09bJcZN4Su76XZ2FP7TWJD1by7Pi22gc5dwQT+ Vl/ZOCb2A==;
Received: from cpe-172-250-225-198.socal.res.rr.com ([172.250.225.198]:64380 helo=[192.168.1.10]) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.93) (envelope-from <touch@strayalpha.com>) id 1jK1c8-003dmQ-GW; Thu, 02 Apr 2020 11:18:45 -0400
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 11.5 \(3445.9.5\))
From: Joseph Touch <touch@strayalpha.com>
In-Reply-To: <CACS3ZpAyYahfCfibCKwZkb6u3VAk2UiXViMGbdH3t76iUyY5fw@mail.gmail.com>
Date: Thu, 02 Apr 2020 08:18:39 -0700
Cc: "Scharf, Michael" <Michael.Scharf@hs-esslingen.de>, "tcpm@ietf.org" <tcpm@ietf.org>
Content-Transfer-Encoding: quoted-printable
Message-Id: <C84FE08D-677F-430B-9DC0-530D071A9FEB@strayalpha.com>
References: <CACS3ZpCawjTF4YMg+Rm7pOkjO2NQB-BZLBvobZCg2kyRQgaNzw@mail.gmail.com> <AFABEFAB-AA58-4599-94E3-06889E38DC01@strayalpha.com> <CACS3ZpAqdeF6xivndh7EqOqwYebyziyP6AQkKVWZww6nC=Zo0Q@mail.gmail.com> <6EC6417807D9754DA64F3087E2E2E03E2DA4B5C7@rznt8114.rznt.rzdir.fht-esslingen.de> <CACS3ZpAyYahfCfibCKwZkb6u3VAk2UiXViMGbdH3t76iUyY5fw@mail.gmail.com>
To: juhamatk@gmail.com
X-Mailer: Apple Mail (2.3445.9.5)
X-OutGoing-Spam-Status: No, score=-0.2
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/tcpm/PNqDzg35ZW9wPoCfkljVvf6HQ-o>
Subject: Re: [tcpm] Test vectors for RFC5925 algorithms?
X-BeenThere: tcpm@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: TCP Maintenance and Minor Extensions Working Group <tcpm.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tcpm>, <mailto:tcpm-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tcpm/>
List-Post: <mailto:tcpm@ietf.org>
List-Help: <mailto:tcpm-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tcpm>, <mailto:tcpm-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 02 Apr 2020 15:18:50 -0000

Hi, Juhamatti,

If you can provide the test vectors, I can prepare them into an Internet Draft with you. But let’s start with the first step and make sure all the pieces are in place first.

If you want to proceed that way, please contact me directly and we can go from there.

Joe

> On Apr 2, 2020, at 12:27 AM, juhamatk@gmail.com wrote:
> 
> Hello Michael,
> 
>> Have you checked other router vendors? For instance, the public Cisco IOS XE documentation lists TCP-AO support. And I have also heard that another main router vendor may implement TCP-AO (well, I am not familiar with Juniper).
> 
> I am aware that Cisco has an implementation. It is quite new, and
> unfortunately I do have experience of it. If someone has, then that
> may well be a very good candidate for test vectors.
> 
>> BTW, if there is some gap in the RFC series, the usual IETF process is just starting a new Internet-Draft, instead of waiting for somebody else to write something. It is not complex to write an Internet Draft. And TCPM is usually quite open to new work.
> 
> I am not that familiar with the draft process. I agree that if test
> vectors do not already exist, that may be the best path to go forward.
> Here below is a draft outline that perhaps provides the information
> needed to ensure compatible implementations. If there is some
> consensus that proceeding with this would be useful, perhaps we can
> use it as a starting point. We need to fill the verified test vectors
> there eventually.
> 
> Test Vectors for Cryptographic Algorithms of the TCP Authentication
> Option (TCP-AO)
> -
> Introduction
> Key Derivation Functions Test Vectors
> * KDF_HMAC_SHA1
>   - A test TCP/IP frame: syn snd key output
>   - A test TCP/IP frame: syn rcv key output
>   - A test TCP/IP frame: other snd key output
>   - A test TCP/IP frame: other rcv key output
> * KDF_AES_128_CMAC
>   - A test TCP/IP frame: syn snd key output
>   - A test TCP/IP frame: syn rcv key output
>   - A test TCP/IP frame: other snd key output
>   - A test TCP/IP frame: other rcv key output
> MAC Algorithms Test Vectors
> * HMAC-SHA-1-96
>   - A test key with test TCP/IP frame: MAC output, MAC output without options
> * AES-128-CMAC-96
>   - A test key with test TCP/IP frame: MAC output, MAC output without options
> Security Considerations
> Acknowledgements
> References
> 
>> Michael
> 
> Thanks,
> --
> Juhamatti
> 
>>> -----Original Message-----
>>> From: tcpm <tcpm-bounces@ietf.org> On Behalf Of juhamatk@gmail.com
>>> Sent: Wednesday, April 1, 2020 9:30 AM
>>> To: Joseph Touch <touch@strayalpha.com>
>>> Cc: tcpm@ietf.org
>>> Subject: Re: [tcpm] Test vectors for RFC5925 algorithms?
>>> 
>>> Hello Joe,
>>> 
>>>> At best, those might be an addendum to RFC 5926. RFC 5925 deliberately
>>> does not specify any algorithms.
>>> 
>>> Thanks for your reply. Addendum to RFC 5926 sounds really good to me.
>>> 
>>>> However, TCP MD5 was widely deployed without any such test vectors in the
>>> RFC series (or elsewhere I could find, FWIW).
>>> 
>>> True. Still, RFC 2385 is only 4 pages long and implementation is very
>>> simple. It had wide deployment from the beginning, I believe, so it
>>> was easy to make implementations match.
>>> 
>>> I am currently working on a proprietary implementation of RFC
>>> 5925/5926. Even though the RFCs are ten years old, they have only a
>>> few existing implementations. Test equipment vendors (IXIA, Spirent)
>>> do not support it. Juniper does not use it, they seem to use their own
>>> proprietary version. One fuzzing vendor seems to have HMAC-SHA1
>>> implemented, but it is unclear is it according to the RFCs.
>>> Guaranteeing interop looks quite difficult at the moment.
>>> 
>>> So if test vectors already exist somewhere (maybe unpublished), or
>>> someone is willing to create them for the addendum draft referenced
>>> above, I am certainly willing to verify them against my implementation
>>> and report back.
>>> 
>>>> Joe
>>> 
>>> Thanks,
>>> --
>>> Juhamatti
>>> 
>>>> 
>>>>> On Mar 31, 2020, at 3:44 AM, juhamatk@gmail.com wrote:
>>>>> 
>>>>> Hello,
>>>>> 
>>>>> I have been searching for test vectors for RFC5925/5926 algorithms for
>>>>> TCP AO and to my surprise it seems that such do not exist. Am I
>>>>> correct here?
>>>>> 
>>>>> Even though test vectors for HMAC SHA1 (RFC2202) and AES CMAC
>>>>> (RFC4493) are available, it would be useful to have example test
>>>>> vectors for frames using TCP AO - otherwise implementations end up
>>>>> easily not to match. As RFC5925 is 47 pages, there is a room for error
>>>>> and only one mismatch is needed for MACs not to match.
>>>>> 
>>>>> I think publishing a new RFC for them would be good, but probably
>>>>> takes some time. Even unofficial, but verified, test vectors on some
>>>>> specified example frames (with and without TCP options), e.g. on this
>>>>> mailing list or otherwise, would be a very good start to get TCP AO
>>>>> more widely implemented. If such already are available somewhere,
>>>>> please do let me know.
>>>>> 
>>>>> Thanks,
>>>>> --
>>>>> Juhamatti
>>>>> 
>>>>> _______________________________________________
>>>>> tcpm mailing list
>>>>> tcpm@ietf.org
>>>>> https://www.ietf.org/mailman/listinfo/tcpm
>>>> 
>>> 
>>> _______________________________________________
>>> tcpm mailing list
>>> tcpm@ietf.org
>>> https://www.ietf.org/mailman/listinfo/tcpm

v2.23.0 | Report a Bug | By Email