[TICTOC] TicToc coupled with label hop : some clarifications
Balaji venkat Venkataswami <balajivenkat299@gmail.com> Wed, 13 March 2013 03:19 UTC
Return-Path: <balajivenkat299@gmail.com>
X-Original-To: tictoc@ietfa.amsl.com
Delivered-To: tictoc@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CB31011E80F0 for <tictoc@ietfa.amsl.com>; Tue, 12 Mar 2013 20:19:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.348
X-Spam-Level:
X-Spam-Status: No, score=-3.348 tagged_above=-999 required=5 tests=[AWL=0.250, BAYES_00=-2.599, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-1]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QBBlZUjo0Xxc for <tictoc@ietfa.amsl.com>; Tue, 12 Mar 2013 20:19:39 -0700 (PDT)
Received: from mail-qe0-f49.google.com (mail-qe0-f49.google.com [209.85.128.49]) by ietfa.amsl.com (Postfix) with ESMTP id 52E5311E80E1 for <tictoc@ietf.org>; Tue, 12 Mar 2013 20:19:39 -0700 (PDT)
Received: by mail-qe0-f49.google.com with SMTP id 1so348143qec.36 for <tictoc@ietf.org>; Tue, 12 Mar 2013 20:19:38 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to:cc :content-type; bh=o8dnGYK3Z350yHl4gYLSQY22LKfbiryOXo7n34pi4jk=; b=DoFbDf7FZ7ekP9JuVjLql44sfuAMyyhFN/3/lvobp81evcTN/dAIYSV8p5gaocrTtE Fuvlh+c39EmW88W/ySoI9lHFSJvIXM1C76Gqae9KWlRU7nZNnj6oY33qBqGpYIAiRmSW eKi9yhG8zsGR9gBNljUEXmOFtND2A+RlAyxYREhjGM/6WY80x1DmRaGMTFAIdPC/ayfb 80kDUpp8226hGBuqmt04D+UK4l/MN+uYoRuLN3oNAEjRs8H5FjQZ1Pl4AgAQBIhUkNLe bA6xfIgvJO/0ZdoIa0DouSBLjb8qEuo/qTV6/hiSYZ1167RYtczRSrQBO6nAXC1+5tV8 ojKw==
MIME-Version: 1.0
X-Received: by 10.49.86.35 with SMTP id m3mr29735766qez.13.1363144778724; Tue, 12 Mar 2013 20:19:38 -0700 (PDT)
Received: by 10.49.81.197 with HTTP; Tue, 12 Mar 2013 20:19:38 -0700 (PDT)
Date: Tue, 12 Mar 2013 23:19:38 -0400
Message-ID: <CAHF4apOtEA1UbA=eyANMtT9HxzSoLFrZT=otEgWpC_PqjJ5H9g@mail.gmail.com>
From: Balaji venkat Venkataswami <balajivenkat299@gmail.com>
To: tictoc@ietf.org
Content-Type: multipart/alternative; boundary="047d7bdc7f8a50420604d7c5e075"
Subject: [TICTOC] TicToc coupled with label hop : some clarifications
X-BeenThere: tictoc@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Timing over IP Connection and Transfer of Clock BOF <tictoc.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tictoc>, <mailto:tictoc-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/tictoc>
List-Post: <mailto:tictoc@ietf.org>
List-Help: <mailto:tictoc-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tictoc>, <mailto:tictoc-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 03:19:41 -0000
Dear all, Tal, Tal had a good question on whether the hash-digest computed was an integrity check value. Instead of the hash digest he had suggested alternate methods for the same. I guess I forgot what I wrote up in the draft. Just to make it clear the innermost label which is the hash digest computed on the first 128 or 64 byte portion of the payload which is binary anded with an arbitrary bit pattern known to both PEs in the topology , serves as an added binary pattern which has to be guessed by the intruder intending to spoof the packet into the VPN's PE onto the CE. Thus the effective label space that has to be guessed by the intruder is the label for that time slice and the binary pattern computed on the payload (result of the hash-digest ANDed with the arbitrary bit pattern). This makes it essentially a 40 bit label space. The hash-digest was not intended to be a ICV. It could serve as an ICV as well though come to think of it. Since the binary pattern exchanged through the control plane is not known to the intruder, and the hash algorithm used is not known to the intruder (unless of course both of them are compromised in the control plane exchange which is of course secure) the resulting innermost label extends the label space to 40 bits (including the label for that time slice) that has to be guessed. Regarding the comment from the folks on jabber who called in, as to whether there might be a flood of replay packets with the + or - 1 time slice being in place, the previous label used would be known but the one after the current time slice would be hard to guess owing to the random number generation function being used to determine which the next label should be. It should be possible to jam for that time slice with the same packet with the 2 labels (previous and current) for that time slice being repeated again and again. This has to be solved. The draft does not cover how this is solved and we as authors need to work on it. I am not sure how it could be solved if at all unless some sort of sequence number is used to distinguish between consecutive packets. But this would be an overhead for a forwarding ASIC to hold sequence numbers for every FEC that is subject to this scheme. We would like your comments on the drafts and if any one has a clue as to how this jamming replay attack prevention is to be done we would be happy to integrate this to the draft. If the time slice is fairly small in milli or microseconds we could get over this problem to an extent but a repetitive algorithm that the intruder could employ would be to constantly replay packets when sets of previous and current labels can be used to send the same packet over and over again. This would gain entry to the CE. We understand that this is a problem and needs addressing. We are working on it. In the meantime we would welcome your feedback on this draft and any other areas where this scheme might apply. thanks and regards, balaji venkat and shankar raman
- [TICTOC] TicToc coupled with label hop : some cla… Balaji venkat Venkataswami