[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication
tony,
your suggested form of key rollover (all receivers can
authenticate against the new transmit-key) is certainly
a working model, however it is not the most convenient model
from a network operator perspective.
lets assume we start to configure the network with new
authentication keys.
There is a time window (until all routers have the new
authentication key) where the routers holding the new key are
using that key and other routers have not yet got the new key
and hence nothing to verify against.
so what you require is some form of coordination i.e.
to have all nodes hold off using the new transmit key
up until the network is fully transitioned
(i have seen implementations who achieve that with
time/date based transmit key-selection) -> this requires
some form of coordination (timestamp / key lifetime etc.)
back to the original idea - multiple instances of TLV #10 don't require
time-based transmit key selection, since the PDU contains
everybody's key of taste, which would IMO be more migration friendly.
BTW the "protocol extension" that i have in mind to make this work
is rather straightforward: clear all instances of TLV #10 to zero
before computing the digest of a single TLV #10 and doing of course
the same on reception.
/hannes
Tony Li wrote:
Hannes,
I'm of the opinion that key rollover and algorithm rollover do not
require actual additional protocol specification and that transmitting
multiple TLVs is not necessary. For any form of rollover to work, a
receiver must be prepared to accept multiple different combinations of
password and algorithm. It does not seem like a substantial effort for
the receiver to try all of the possibilities that it is configured for.
Given this, one way to do smooth rollover is to go around and configure
all nodes with the new password and/or algorithm. Once that's completed
and in production, then nodes can be set to transmit the new password
and/or algorithm.
While 802.11's WEP is hardly a good example of this for security
purposes, most implementations provide a fine example of how the UI for
this would work: one key is used for transmit, while a list of keys is
accepted.
Regards,
Tony
P.s. Yes, I'm well aware that implementations do not currently support
this behavior and will have to change. Including Juniper's. Sorry.
;-)
-----Original Message-----
From: Hannes Gredler [mailto:hannes at juniper.net]
Sent: Wednesday, April 19, 2006 1:02 PM
To: tony.li at tony.li
Cc: 'Sofia Ray'; isis-wg at ietf.org
Subject: Re: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication
furthermore, it would be also time to think about authentication-type
migration support. i.e. discuss about authentication-type
[simple->md5->sha]
and key rollover schemes and nail down the necessary behaviour
(multiple instances of TLV #10).
the prevailing method for both authentication-type and key rollover
(= disabling authentication check during the transition window)
is not really smooth.
/hannes
Tony Li wrote:
Sofia,
While I know of no substantive risks to the use of MD5
today as used in
3567, history suggests that someday, there will be. Thus,
having other
algorithms available is only prudent and I strongly support
that goal.
Regards,
Tony
-----Original Message-----
From: Sofia Ray [mailto:sofia.ray at lycos.com]
Sent: Wednesday, April 19, 2006 11:04 AM
To: isis-wg at ietf.org
Subject: Re: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication
Manav,
Whats wrong with the authentication scheme detailed in 3567?
Yours,
Sofia
----- Original Message ----
From: Manav Bhatia <manav_bhatia06 at yahoo.co.uk>
To: isis-wg at ietf.org
Sent: Wednesday, 19 April, 2006 8:30:00 AM
Subject: [Isis-wg] IS-IS HMAC SHA Cryptographic Authentication
Hi,
We have written a draft on extending ISIS to use HMAC-SHA
authentication. Would appreciate if we can get some feedback
from the WG. The mechanism proposed in the draft is backward
compatible and would work with the existing ISIS implementations.
Cheers,
Manav
----- Forwarded Message ----
From: Internet-Drafts at ietf.org
To: i-d-announce at ietf.org
Sent: Wednesday, April 19, 2006 4:20:01 AM
Subject: I-D ACTION:draft-bhatia-manral-isis-hmac-sha-00.txt
A New Internet-Draft is available from the on-line
Internet-Drafts directories.
Title : IS-IS HMAC SHA Cryptographic Authentication
Author(s) : M. Bhatia, V. Manral
Filename : draft-bhatia-manral-isis-hmac-sha-00.txt
Pages : 8
Date : 2006-4-18
This document proposes an extension to IS-IS [ISO] [RFC1195]
to allow the use of HMAC SHA authentication algorithm in
addition to the already documented authentication schemes
described in the base specification and RFC 3567.
A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-bhatia-manral-isis-h
mac-sha-00.txt
--
_______________________________________________
Search for businesses by name, location, or phone number.
-Lycos Yellow Pages
http://r.lycos.com/r/yp_emailfooter/http://yellowpages.lycos.c
om/default.asp?SRC=lycos10
_______________________________________________
Isis-wg mailing list
Isis-wg at ietf.org
https://www1.ietf.org/mailman/listinfo/isis-wg
_______________________________________________
Isis-wg mailing list
Isis-wg at ietf.org
https://www1.ietf.org/mailman/listinfo/isis-wg
_______________________________________________
Isis-wg mailing list
Isis-wg at ietf.org
https://www1.ietf.org/mailman/listinfo/isis-wg