IETF Logo Mail Archive

Re: [Drip] 64bit comments on draft-moskowitz-drip-uas-rid-06.txt

"Card, Stu" <stu.card@axenterprize.com> Thu, 17 September 2020 17:38 UTC

Return-Path: <stu.card@axenterprize.com>
X-Original-To: tm-rid@ietfa.amsl.com
Delivered-To: tm-rid@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C354B3A0EC6 for <tm-rid@ietfa.amsl.com>; Thu, 17 Sep 2020 10:38:27 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.098
X-Spam-Level:
X-Spam-Status: No, score=-2.098 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=axenterprize.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Ul8XDafmTuwu for <tm-rid@ietfa.amsl.com>; Thu, 17 Sep 2020 10:38:25 -0700 (PDT)
Received: from mail-ej1-x629.google.com (mail-ej1-x629.google.com [IPv6:2a00:1450:4864:20::629]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 063683A0ECA for <tm-rid@ietf.org>; Thu, 17 Sep 2020 10:38:24 -0700 (PDT)
Received: by mail-ej1-x629.google.com with SMTP id j11so4508645ejk.0 for <tm-rid@ietf.org>; Thu, 17 Sep 2020 10:38:24 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=axenterprize.com; s=google; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=ivMUFuNVto13Kehiuh0ew3TV5yZqgD8IVPs4lFstuGs=; b=ekEcqofTIt+mnvC4AQjGD+he1+0QJ1OOLDCK57cYBLVnBzfcYODpuRYG8u/ibRhoku pj+Rn7PlO26BmJrqaZglKHtbcRzRF3opNgfeihw5e5ElZd5DwvQI5uK456JfUEpNsAYZ 0hT4Eab6boikFYP9vxd2v+UEZvJaXoqVqEJ1o=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=ivMUFuNVto13Kehiuh0ew3TV5yZqgD8IVPs4lFstuGs=; b=QIyuhz5NFgPrWX+V0jwjdyg19BRTmvUNEovSlNsN7Zl8Q4VIz+ULV+TjNh1gRC0YVr sDYj7B6/+13VG/fAHpCODwTX90R4Jv6c5Igpq8YZ74/WyMagrL1RViXyct5OehGae1n2 8sZMBm6tCsHwhJSSs+t+6dcKA+gmMwFi6ZEmEEPINYjHh4cWcTZKsCNHkgEFwUF83AEW ebfj/XcE67lPEQHlfFHPEKi/RDaOJI/5IRnzOMM89altBLm5c94ktdmUm45z6NsqayUd jtWO0Ec1sVySjR1mpX2W+XmFun115R12kWNgfsDhWd7aR7RPl2dcRF5FvtuCVOAaXZuA g2fw==
X-Gm-Message-State: AOAM530agbf0nf10eZEqH+N+PPXuA0GCX/haj2mTkIeF6EQAyM0IlPm+ TgjRzlrRwCspvKpiLge7OHAgdukZqoNR90M0UMa3IA==
X-Google-Smtp-Source: ABdhPJwLIPv1DFSk5fyrhw6k7LByBlA5MZXAoFJOhsiDHb+7fb68zH8O5wvA2w51tayE4Q+T8cwyqJydngfc4GEn7Fo=
X-Received: by 2002:a17:906:b47:: with SMTP id v7mr30803247ejg.310.1600364303040; Thu, 17 Sep 2020 10:38:23 -0700 (PDT)
MIME-Version: 1.0
References: <a43152a8-e2ca-4f66-3bf4-0fc502187b4a@gmail.com> <f275925c-c561-22df-3044-65719fa947fc@labs.htt-consult.com> <e88a5e4b-2c45-1b14-9ad0-1a4fa3b7d7e6@axenterprize.com> <609d2928-031a-ff7b-5660-200dca3cb7db@labs.htt-consult.com> <CAKM0pYMMRVcz=cTGe5X8ocJZCW9nHdS3G0vGpPK6UBrntepmqQ@mail.gmail.com> <646b92f7-79b1-57f5-e1b4-3ed8ffc800c6@gmail.com> <f510ed99-2066-f064-e56a-4ffe87fb62c9@labs.htt-consult.com> <bd9cc889-628f-6861-d8ae-0d5cd0dad369@gmail.com> <5f08a872-6f6a-5205-a95e-b5fbd05af89a@labs.htt-consult.com> <27004104-0d81-d210-c302-3c81443f0063@gmail.com> <0d419104-1f0d-7310-c367-94c07a2dbb6c@labs.htt-consult.com>
In-Reply-To: <0d419104-1f0d-7310-c367-94c07a2dbb6c@labs.htt-consult.com>
From: "Card, Stu" <stu.card@axenterprize.com>
Date: Thu, 17 Sep 2020 13:38:08 -0400
Message-ID: <CAKM0pYNj03Kp8isMEnzfvvn2eNWMHOFYeg7Dc7PvgRbKq+q9Xg@mail.gmail.com>
To: Robert Moskowitz <rgm@labs.htt-consult.com>
Cc: Alexandre Petrescu <alexandre.petrescu@gmail.com>, tm-rid@ietf.org
Content-Type: multipart/alternative; boundary="000000000000cb5c4005af85d9f1"
Archived-At: <https://mailarchive.ietf.org/arch/msg/tm-rid/k9dkzwZec8O4AMkWUAX49cZWMvA>
Subject: Re: [Drip] 64bit comments on draft-moskowitz-drip-uas-rid-06.txt
X-BeenThere: tm-rid@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Drone Remote Identification Protocol <tm-rid.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tm-rid/>
List-Post: <mailto:tm-rid@ietf.org>
List-Help: <mailto:tm-rid-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tm-rid>, <mailto:tm-rid-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 17 Sep 2020 17:38:28 -0000

Bob's points are sound, but I don't think meant to dispute Alexandre's
major point, with which I agree:

Maybe we want to add some significance to the bits, but keep it as low as
 possible.

On Thu, Sep 17, 2020, 10:28 AM Robert Moskowitz <rgm@labs.htt-consult.com>
wrote:

>
>
> On 9/17/20 9:24 AM, Alexandre Petrescu wrote:
>
>
>
> Le 16/09/2020 à 14:41, Robert Moskowitz a écrit :
>
>
>
> On 9/16/20 8:24 AM, Alexandre Petrescu wrote:
>
>
>
> Le 16/09/2020 à 14:18, Robert Moskowitz a écrit :
>
>
>
> On 9/16/20 4:42 AM, Alexandre Petrescu wrote:
>
>
>
> Le 15/09/2020 à 18:21, Card, Stu a écrit :
>
> Musings...
>
> I actually worry about driving the probability of hash
> collision too low:
>
>
> We can drive the probability of hash collisions up by reducing
> the prefix size, and implicitly increasing the IID size, from
> 64 to 65 for example.
>
>
> The hash size will most likely be on nibble boundaries.  So 64 or
> 68 or 72.
>
>
> It is indeed easier to fit the bit boundaries on the underlying computing
> architecture.  It is easier for programmmers.
>
> But there are so many such architectures, and so many IP addressing
>  architecture constraints in deployment (e.g. if ISP gives me a /57
>  because they so wish I think I have much interest in not wasting
> any intermediary bit just to accommodate an RFC assumption).
>
> Ideally, one would make these IID and prefix lengths just
> parameters that would work anywhere between 0 and 127.
>
>
> In the next rev of drip-uas-rid, I plan on making the ORCHID
> algorithm completely parameterized.  Then let a specific deployment
> model provide what is used.
>
> However, the decoding rules have to be 'obvious' from the HHIT. Right
>  now it is based on Prefix value.  And if prefix sizes are all over
> the map, how will an implementation determine the decoding rule?
>
>
> That is a problem indeed.  But it might be a problem because the bits in
> the address are overloaded with significance, rather than letting them
> be used for routing and addressing exclusively.  There is an RFC that
> tells that the Significance of IPv6 Interface Identifiers - there is no
> siginificance, they are opaque.
>
>
> Read
>
> https://datatracker.ietf.org/doc/draft-ietf-hip-rfc4423-bis/
>
> For the why for HITs.  They are NOT for routing.
>
> There are stack reasons behind using IPv6 address space for HITs.  HHIT
> expands on this.
>
> Maybe we want to add some significance to the bits, but keep it as low
> as possible.
>
> Also, there is this ULA space.  Maybe we want to work in the ULA space
> and crowd these bits in there exclusively.
>
> For example, a HHID IP address would be an address of the form
> fd00:a:b:c:d:publickey.  'a' and 'b' would say that this is a HHIT.  All
> the rest of the bits would be encoded the way the author wishes, but it
> would all be within this ULA 'walled garden'.
>
> Maybe there are other ways (other than ULA) to deal with the encoding
> problem you mention above.  Maybe reserve a few bits to encode the way
> to decode.
>
> But it would be good to not impose again new 64limits in the address
> space.
>
>
> Not new.  Goes back to RFC 4423 and 5201.
>
>
>
>
> Alex
>
>
> So there are limitations on the ORCHID construction due to ORCHID
> deconstruction...
>
> For example a HHIT receiver MUST be able to decode it to get the
> RRA/HDA values for retrieval purposes.  And 'obviously' the OGA...
>
> Bob
>
>
> Alex
>
>
>
> Alex
>
> having dealt with too many software development managers, I am
>
> certain that some of them will dismiss very low probability collisions as
> not worth costly programmer time to address.
> :-(
>
> I am more interested in expanding the HIT Suite / OGA ID to
> provide greater crypto agility, to deal with future actual or
> feared compromise (inc. by quantum methods) of current
> cryptosystems.
>
> We could also consider a 3 level or flexible hierarchy,
> although this would be more challenging WRT parsing structure
> w/variable length fields.
>
> On Tue, Sep 15, 2020, 9:59 AM Robert Moskowitz <rgm@labs.htt-consult.com
> <mailto:rgm@labs.htt-consult.com> <rgm@labs.htt-consult.com>>
> wrote:
>
>
>
> On 9/13/20 7:39 PM, Stuart W. Card wrote:
>
> Although I know how variable encodings create work for programmers, which
> means more opportunities for error, I
> would love to be able to expand some of these fields if
> IANA were to give us a shorter prefix => larger space.
>
>
> I did some sketches and then some calculations.
>
> Prefix size    Hash size    .01% coll.    1% coll.
>
> 28            64            63M        663M 24           68
> 250M       2.5B 20           72            1B          10B
>
> And remember, this is for a single HDA.
>
> A /28 is OK, but that would mean expect collisions for some HDAs and reuse
> over time.
>
> With a /20, it will be the exceptional HDA that needs to deal
> with collisions unless HHITs are never removed.  FedEx and
> UPS could easily re-ID each of their UAs everyday for years.
> even for each delivery.
>
> I don't think I will have time to rework the draft before
> the Interim.  I have too much to do for ICAO as well.  Plus
> the Holidays start this weekend.  But I will look at how to
> rework the draft for differing prefix and hash sizes.
>
> On 9/9/2020 9:20 AM, Robert Moskowitz wrote:
>
> Alex,
>
> Interesting recommendation.  I am going to 'park' this comment and see
> what others say.  For now I will leave
> things as is. Variable encoding has to be decoded.  How
> do I designate that in the HHIT? Needs lots of thought.
>
> Bob
>
> On 9/9/20 9:14 AM, Alexandre Petrescu wrote:
>
> I would like to suggest that the draft uses a variable-length stance when
> needing to talk about
> limits within addresses.
>
> E.g. instead of hardcoding a 64bit limit in an ORCHID
> hash, rather make it variable: be it 65, or 35bit
> hash.
>
> 'Pre-image' - yes, attacks.  I must say that I do not
> know what it means.  Maybe one knows that better.
>
> A HHIT is built from the following fields:
>
> *  28 bit IANA prefix
>
> *  4 bit HIT Suite ID
>
> *  32 bit Hierarchy ID (HID)
>
> *  64 bit ORCHID hash
>
> Consider that SLAAC might put a 65 plen in an RA, at
> which point the Drone might need to form an IID of
> length different than 64, which might need to contain
> an ORCHID.  That ORCHID is probably not of length 64.
>
> This is what I think I am suggesting.
>
> I am aware that if one wants to do this non-64 ORCHID
> then it might probably need to modify many other
> Identity and ORCHID RFCs, and that other parts of this
> I-D might also contain 64bit limits (that I think of as
> artificial).  Still, I think I am suggesting it that way...
>
> Alex
>
>
>
>
>
>
>
> --
> Robert Moskowitz
>

v2.23.0 | Report a Bug | By Email