idnits 2.17.1 draft-ietf-tcpm-ao-test-vectors-02.txt: Checking boilerplate required by RFC 5378 and the IETF Trust (see https://trustee.ietf.org/license-info): ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/1id-guidelines.txt: ---------------------------------------------------------------------------- No issues found here. Checking nits according to https://www.ietf.org/id-info/checklist : ---------------------------------------------------------------------------- == There are 1 instance of lines with non-RFC6890-compliant IPv4 addresses in the document. If these are example addresses, they should be changed. == There are 1 instance of lines with private range IPv4 addresses in the document. If these are generic example addresses, they should be changed to use any of the ranges defined in RFC 6890 (or successor): 192.0.2.x, 198.51.100.x or 203.0.113.x. Miscellaneous warnings: ---------------------------------------------------------------------------- == The copyright year in the IETF Trust and authors Copyright Line does not match the current year -- The document date (October 11, 2021) is 926 days in the past. Is this intentional? Checking references for intended status: Informational ---------------------------------------------------------------------------- ** Obsolete normative reference: RFC 793 (Obsoleted by RFC 9293) -- Duplicate reference: RFC5925, mentioned in 'RFC5926', was also mentioned in 'RFC5925'. -- Duplicate reference: RFC2119, mentioned in 'RFC8174', was also mentioned in 'RFC2119'. -- No information found for draft-tsvwg-touch-sne - is the name correct? Summary: 1 error (**), 0 flaws (~~), 3 warnings (==), 4 comments (--). Run idnits with the --verbose option for more detailed information about the items above. -------------------------------------------------------------------------------- 1 TCPM J. Touch 2 Internet Draft Independent consultant 3 Intended status: Informational J. Kuusisaari 4 Expires: April 2022 Infinera 5 October 11, 2021 7 TCP-AO Test Vectors 9 draft-ietf-tcpm-ao-test-vectors-02.txt 11 Status of this Memo 13 This Internet-Draft is submitted in full conformance with the 14 provisions of BCP 78 and BCP 79. 16 Internet-Drafts are working documents of the Internet Engineering 17 Task Force (IETF), its areas, and its working groups. Note that 18 other groups may also distribute working documents as Internet- 19 Drafts. 21 Internet-Drafts are draft documents valid for a maximum of six 22 months and may be updated, replaced, or obsoleted by other documents 23 at any time. It is inappropriate to use Internet-Drafts as 24 reference material or to cite them other than as "work in progress." 26 The list of current Internet-Drafts can be accessed at 27 http://www.ietf.org/ietf/1id-abstracts.txt 29 The list of Internet-Draft Shadow Directories can be accessed at 30 http://www.ietf.org/shadow.html 32 This Internet-Draft will expire on April 12, 2021. 34 Copyright Notice 36 Copyright (c) 2021 IETF Trust and the persons identified as the 37 document authors. All rights reserved. 39 This document is subject to BCP 78 and the IETF Trust's Legal 40 Provisions Relating to IETF Documents 41 (http://trustee.ietf.org/license-info) in effect on the date of 42 publication of this document. Please review these documents 43 carefully, as they describe your rights and restrictions with 44 respect to this document. Code Components extracted from this 45 document must include Simplified BSD License text as described in 46 Section 4.e of the Trust Legal Provisions and are provided without 47 warranty as described in the Simplified BSD License. 49 Abstract 51 This document provides test vectors to validate implementations of 52 the two mandatory authentication algorithms specified for the TCP 53 Authentication Option over both IPv4 and IPv6. This includes 54 validation of the key derivation function (KDF) based on a set of 55 test connection parameters as well as validation of the message 56 authentication code (MAC). Vectors are provided for both currently 57 required pairs of KDF and MAC algorithms: one based on SHA-1 and the 58 other on AES-128. The vectors also validate both whole TCP segments 59 as well as segments whose options are excluded for middlebox 60 traversal. 62 Table of Contents 64 1. Introduction...................................................3 65 2. Conventions used in this document..............................4 66 3. Input Test Vectors.............................................4 67 3.1. TCP Connection Parameters.................................4 68 3.1.1. TCP-AO parameters....................................4 69 3.1.2. Active (client) side parameters......................4 70 3.1.3. Passive (server) side parameters.....................5 71 3.1.4. Other IP fields and options..........................5 72 3.1.5. Other TCP fields and options.........................5 73 4. IPv4 SHA-1 Output Test Vectors.................................5 74 4.1. SHA-1 MAC (default - covers TCP options)..................6 75 4.1.1. Send (client) SYN (covers options)...................6 76 4.1.2. Receive (server) SYN-ACK (covers options)............6 77 4.1.3. Send (client) non-SYN (covers options)...............7 78 4.1.4. Receive (server) non-SYN (covers options)............7 79 4.2. SHA-1 MAC (omits TCP options).............................8 80 4.2.1. Send (client) SYN (omits options)....................8 81 4.2.2. Receive (server) SYN-ACK (omits options).............8 82 4.2.3. Send (client) non-SYN (omits options)................9 83 4.2.4. Receive (server) non-SYN (omits options).............9 84 5. IPv4 AES-128 Output Test Vectors..............................10 85 5.1. AES MAC (default - covers TCP options)...................10 86 5.1.1. Send (client) SYN (covers options)..................10 87 5.1.2. Receive (server) SYN-ACK (covers options)...........11 88 5.1.3. Send (client) non-SYN (covers options)..............11 89 5.1.4. Receive (server) non-SYN (covers options)...........12 90 5.2. AES MAC (omits TCP options)..............................12 91 5.2.1. Send (client) SYN (omits options)...................12 92 5.2.2. Receive (server) SYN-ACK (omits options)............13 93 5.2.3. Send (client) non-SYN (omits options)...............13 94 5.2.4. Receive (server) non-SYN (omits options)............14 95 6. IPv6 SHA-1 Output Test Vectors................................14 96 6.1. SHA-1 MAC (default - covers TCP options).................15 97 6.1.1. Send (client) SYN (covers options)..................15 98 6.1.2. Receive (server) SYN-ACK (covers options)...........15 99 6.1.3. Send (client) non-SYN (covers options)..............16 100 6.1.4. Receive (server) non-SYN (covers options)...........16 101 6.2. SHA-1 MAC (omits TCP options)............................17 102 6.2.1. Send (client) SYN (omits options)...................17 103 6.2.2. Receive (server) SYN-ACK (omits options)............18 104 6.2.3. Send (client) non-SYN (omits options)...............18 105 6.2.4. Receive (server) non-SYN (omits options)............19 106 7. IPv6 AES-128 Output Test Vectors..............................19 107 7.1. AES MAC (default - covers TCP options)...................19 108 7.1.1. Send (client) SYN (covers options)..................19 109 7.1.2. Receive (server) SYN-ACK (covers options)...........20 110 7.1.3. Send (client) non-SYN (covers options)..............20 111 7.1.4. Receive (server) non-SYN (covers options)...........21 112 7.2. AES MAC (omits TCP options)..............................22 113 7.2.1. Send (client) SYN (omits options)...................22 114 7.2.2. Receive (server) SYN-ACK (omits options)............22 115 7.2.3. Send (client) non-SYN (omits options)...............23 116 7.2.4. Receive (server) non-SYN (omits options)............23 117 8. Observed Implementation Errors................................24 118 8.1. Algorithm issues.........................................24 119 8.2. Algorithm parameters.....................................24 120 8.3. String handling issues...................................24 121 8.4. Header coverage issues...................................25 122 9. Security Considerations.......................................25 123 10. IANA Considerations..........................................25 124 11. References...................................................25 125 11.1. Normative References....................................25 126 11.2. Informative References..................................26 127 12. Acknowledgments..............................................26 129 1. Introduction 131 This document provides test vectors to validate the correct 132 implementation of the TCP Authentication Option (TCP-AO) [RFC5925] 133 and its mandatory cryptographic algorithms defined in [RFC5926]. It 134 includes the specification of all endpoint parameters to generate 135 the variety of TCP segments covered by different keys and MAC 136 coverage, i.e., both the default case and the variant where TCP 137 options are ignored for middlebox traversal. It also includes both 138 default key derivation functions (KDFs) and MAC generation 139 algorithms [RFC5926] and lists common pitfalls of implementing the 140 algorithms correctly. 142 The experimental extension to support NAT traversal is not included 143 in the provided test vectors [RFC6978]. 145 This document provides test vectors multiple implementations that 146 have been validated against each other for interoperability. 148 2. Conventions used in this document 150 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", 151 "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and 152 "OPTIONAL" in this document are to be interpreted as described in 153 BCP 14 [RFC2119] [RFC8174] when, and only when, they appear in all 154 capitals, as shown here. 156 3. Input Test Vectors 158 3.1. TCP Connection Parameters 160 The following parameters are used throughout this suite of test 161 vectors. The terms 'active' and 'passive' are used as defined for 162 TCP [RFC793]. 164 3.1.1. TCP-AO parameters 166 The following values are used for all exchanges. This suite does not 167 test key switchover. The KeyIDs are as indicated for TCP-AO 168 [RFC5925]. The Master Key is used to derive the traffic keys 169 [RFC5926]. 171 Active (client) side KeyID: 61 decimal (0x3d hexadecimal) 173 Passive (server) side KeyID: 84 decimal (0x54 hexadecimal) 175 Master_key: "testvector" (length = 10 bytes) 177 3.1.2. Active (client) side parameters 179 The following endpoint parameters are used on the active side of the 180 TCP connection, i.e., the side that initiates the TCP SYN. 182 For IPv4: 10.11.12.13 (dotted decimal) 184 For IPv6: fd00::1 (IPv6 hexadecmal) 185 TCP port: (varies) 187 3.1.3. Passive (server) side parameters 189 The following endpoint parameters are used for the passive side of 190 the TCP connection, i.e., the side that responds with a TCP SYN-ACK. 192 For IPv4: 172.27.28.29 (dotted decimal) 194 For IPv6: fd00::2 (IPv6 hexadecimal 196 TCP port = 179 decimal (BGP) 198 3.1.4. Other IP fields and options 200 No IP options are used in these test vectors. 202 All IPv4 packets use the following other parameters [RFC791]: DSCP = 203 111000 binary (CS7) as is typical for BGP, ECN = 00 binary, set DF, 204 and clear MF. 206 IPv4 uses a TTL of 255 decimal; IPv6 uses a hop limit of 64 decimal. 208 All IPv6 packets use the following other parameters [RFC8200]: 209 traffic class = 0xe0 hexidecimal (DSCP = 111000 binary CS7, as is 210 typical for BGP, with ECN = 00 binary) and no EHs. 212 3.1.5. Other TCP fields and options 214 The SYN and SYN-ACK segments include MSS [RFC793], NOP, WindowScale 215 [RFC7323], SACK Permitted [RFC2018], TimeStamp [RFC7323], and TCP-AO 216 [RFC5925], in that order. 218 All other example segments include NOP, NOP, TimeStamp, and TCP-AO, 219 in that order. 221 All segment URG pointers are zero [RFC793]. All segments with data 222 set the PSH flag [RFC793]. 224 4. IPv4 SHA-1 Output Test Vectors 226 SHA-1 is computed as specified for TCP-AO [RFC5926]. 228 In the following sections, all values are indicated as 2-digit 229 hexadecimal values with spacing per line representing the contents 230 of 16 consecutive bytes, as is typical for data dumps. The IP/TCP 231 data indicates the entire IP packet, including the TCP segment and 232 its options (whether covered by TCP-AO or not, as indicated), 233 including TCP-AO. 235 4.1. SHA-1 MAC (default - covers TCP options) 237 4.1.1. Send (client) SYN (covers options) 239 Send_SYN_traffic_key: 241 6d 63 ef 1b 02 fe 15 09 d4 b1 40 27 07 fd 7b 04 242 16 ab b7 4f 244 IPv4/TCP: 246 45 e0 00 4c dd 0f 40 00 ff 06 bf 6b 0a 0b 0c 0d 247 ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5a 00 00 00 00 248 e0 02 ff ff ca c4 00 00 02 04 05 b4 01 03 03 08 249 04 02 08 0a 00 15 5a b7 00 00 00 00 1d 10 3d 54 250 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 252 MAC: 254 2e e4 37 c6 f8 ed e6 d7 c4 d6 02 e7 256 4.1.2. Receive (server) SYN-ACK (covers options) 258 Receive_SYN_traffic_key: 260 d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 261 79 7f ea 96 263 IPv4/TCP: 265 45 e0 00 4c 65 06 40 00 ff 06 37 75 ac 1b 1c 1d 266 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 61 fb fb ab 5b 267 e0 12 ff ff 37 76 00 00 02 04 05 b4 01 03 03 08 268 04 02 08 0a 84 a5 0b eb 00 15 5a b7 1d 10 54 3d 269 ee ab 0f e2 4c 30 10 81 51 16 b3 be 271 MAC: 273 ee ab 0f e2 4c 30 10 81 51 16 b3 be 275 4.1.3. Send (client) non-SYN (covers options) 277 Send_other_traffic_key: 279 d2 e5 9c 65 ff c7 b1 a3 93 47 65 64 63 b7 0e dc 280 24 a1 3d 71 282 IPv4/TCP: 284 45 e0 00 87 36 a1 40 00 ff 06 65 9f 0a 0b 0c 0d 285 ac 1b 1c 1d e9 d7 00 b3 fb fb ab 5b 11 c1 42 62 286 c0 18 01 04 a1 62 00 00 01 01 08 0a 00 15 5a c1 287 84 a5 0b eb 1d 10 3d 54 70 64 cf 99 8c c6 c3 15 288 c2 c2 e2 bf ff ff ff ff ff ff ff ff ff ff ff ff 289 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 290 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 291 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 292 06 00 64 00 01 01 00 294 MAC: 296 70 64 cf 99 8c c6 c3 15 c2 c2 e2 bf 298 4.1.4. Receive (server) non-SYN (covers options) 300 Receive_other_traffic_key: 302 d9 e2 17 e4 83 4a 80 ca 2f 3f d8 de 2e 41 b8 e6 303 79 7f ea 96 305 IPv4/TCP: 307 45 e0 00 87 1f a9 40 00 ff 06 7c 97 ac 1b 1c 1d 308 0a 0b 0c 0d 00 b3 e9 d7 11 c1 42 62 fb fb ab 9e 309 c0 18 01 00 40 0c 00 00 01 01 08 0a 84 a5 0b f5 310 00 15 5a c1 1d 10 54 3d a6 3f 0e cb bb 2e 63 5c 311 95 4d ea c7 ff ff ff ff ff ff ff ff ff ff ff ff 312 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 313 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 314 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 315 06 00 64 00 01 01 00 317 MAC: 319 a6 3f 0e cb bb 2e 63 5c 95 4d ea c7 321 4.2. SHA-1 MAC (omits TCP options) 323 4.2.1. Send (client) SYN (omits options) 325 Send_SYN_traffic_key: 327 30 ea a1 56 0c f0 be 57 da b5 c0 45 22 9f b1 0a 328 42 3c d7 ea 330 IPv4/TCP: 332 45 e0 00 4c 53 99 40 00 ff 06 48 e2 0a 0b 0c 0d 333 ac 1b 1c 1d ff 12 00 b3 cb 0e fb ee 00 00 00 00 334 e0 02 ff ff 54 1f 00 00 02 04 05 b4 01 03 03 08 335 04 02 08 0a 00 02 4c ce 00 00 00 00 1d 10 3d 54 336 80 af 3c fe b8 53 68 93 7b 8f 9e c2 338 MAC: 340 80 af 3c fe b8 53 68 93 7b 8f 9e c2 342 4.2.2. Receive (server) SYN-ACK (omits options) 344 Receive_SYN_traffic_key: 346 b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41a 347 01 a8 30 7f 349 IPv4/TCP: 351 45 e0 00 4c 32 84 40 00 ff 06 69 f7 ac 1b 1c 1d 352 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e1 cb 0e fb ef 353 e0 12 ff ff 38 8e 00 00 02 04 05 b4 01 03 03 08 354 04 02 08 0a 57 67 72 f3 00 02 4c ce 1d 10 54 3d 355 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 357 MAC: 359 09 30 6f 9a ce a6 3a 8c 68 cb 9a 70 361 4.2.3. Send (client) non-SYN (omits options) 363 Send_other_traffic_key: 365 f3 db 17 93 d7 91 0e cd 80 6c 34 f1 55 ea 1f 00 366 34 59 53 e3 368 IPv4/TCP: 370 45 e0 00 87 a8 f5 40 00 ff 06 f3 4a 0a 0b 0c 0d 371 ac 1b 1c 1d ff 12 00 b3 cb 0e fb ef ac d5 b5 e2 372 c0 18 01 04 6c 45 00 00 01 01 08 0a 00 02 4c ce 373 57 67 72 f3 1d 10 3d 54 71 06 08 cc 69 6c 03 a2 374 71 c9 3a a5 ff ff ff ff ff ff ff ff ff ff ff ff 375 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 376 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 377 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 378 06 00 64 00 01 01 00 380 MAC: 382 71 06 08 cc 69 6c 03 a2 71 c9 3a a5 384 4.2.4. Receive (server) non-SYN (omits options) 386 Receive_other_traffic_key: 388 b5 b2 89 6b b3 66 4e 81 76 b0 ed c6 e7 99 52 41 389 01 a8 30 7f 391 IPv4/TCP: 393 45 e0 00 87 54 37 40 00 ff 06 48 09 ac 1b 1c 1d 394 0a 0b 0c 0d 00 b3 ff 12 ac d5 b5 e2 cb 0e fc 32 395 c0 18 01 00 46 b6 00 00 01 01 08 0a 57 67 72 f3 396 00 02 4c ce 1d 10 54 3d 97 76 6e 48 ac 26 2d e9 397 ae 61 b4 f9 ff ff ff ff ff ff ff ff ff ff ff ff 398 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 399 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 400 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 401 06 00 64 00 01 01 00 403 MAC: 405 97 76 6e 48 ac 26 2d e9 ae 61 b4 f9 407 5. IPv4 AES-128 Output Test Vectors 409 AES-128 is computed as required by TCP-AO [RFC5926] 411 In the following sections, all values are indicated as 2-digit 412 hexadecimal values with spacing per line representing the contents 413 of 16 consecutive bytes, as is typical for data dumps. The IP/TCP 414 data indicates the entire IP packet, including the TCP segment and 415 its options (whether covered by TCP-AO or not, as indicated), 416 including TCP-AO. 418 5.1. AES MAC (default - covers TCP options) 420 5.1.1. Send (client) SYN (covers options) 422 Send_SYN_traffic_key: 424 f5 b8 b3 d5 f3 4f db b6 eb 8d 4a b9 66 0e 60 e3 426 IP/TCP: 428 45 e0 00 4c 7b 9f 40 00 ff 06 20 dc 0a 0b 0c 0d 429 ac 1b 1c 1d c4 fa 00 b3 78 7a 1d df 00 00 00 00 430 e0 02 ff ff 5a 0f 00 00 02 04 05 b4 01 03 03 08 431 04 02 08 0a 00 01 7e d0 00 00 00 00 1d 10 3d 54 432 e4 77 e9 9c 80 40 76 54 98 e5 50 91 434 MAC: 436 e4 77 e9 9c 80 40 76 54 98 e5 50 91 438 5.1.2. Receive (server) SYN-ACK (covers options) 440 Receive_SYN_traffic_key: 442 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 444 IPv4/TCP: 446 45 e0 00 4c 4b ad 40 00 ff 06 50 ce ac 1b 1c 1d 447 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d e9 78 7a 1d e0 448 e0 12 ff ff f3 f2 00 00 02 04 05 b4 01 03 03 08 449 04 02 08 0a 93 f4 e9 e8 00 01 7e d0 1d 10 54 3d 450 d6 ad a7 bc 4c dd 53 6d 17 69 db 5f 452 MAC: 454 d6 ad a7 bc 4c dd 53 6d 17 69 db 5f 456 5.1.3. Send (client) non-SYN (covers options) 458 Send_other_traffic_key: 460 8c 8a e0 e8 37 1e c5 cb b9 7e a7 9d 90 41 83 91 462 IPv4/TCP: 464 45 e0 00 87 fb 4f 40 00 ff 06 a0 f0 0a 0b 0c 0d 465 ac 1b 1c 1d c4 fa 00 b3 78 7a 1d e0 fa dd 6d ea 466 c0 18 01 04 95 05 00 00 01 01 08 0a 00 01 7e d0 467 93 f4 e9 e8 1d 10 3d 54 77 41 27 42 fa 4d c4 33 468 ef f0 97 3e ff ff ff ff ff ff ff ff ff ff ff ff 469 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 470 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 471 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 472 06 00 64 00 01 01 00 474 MAC: 476 77 41 27 42 fa 4d c4 33 ef f0 97 3e 478 5.1.4. Receive (server) non-SYN (covers options) 480 Receive_other_traffic_key: 482 4b c7 57 1a 48 6f 32 64 bb d8 88 47 40 66 b4 b1 484 IPv4/TCP: 486 45 e0 00 87 b9 14 40 00 ff 06 e3 2b ac 1b 1c 1d 487 0a 0b 0c 0d 00 b3 c4 fa fa dd 6d ea 78 7a 1e 23 488 c0 18 01 00 e7 db 00 00 01 01 08 0a 93 f4 e9 e8 489 00 01 7e d0 1d 10 54 3d f6 d9 65 a7 83 82 a7 48 490 45 f7 2d ac ff ff ff ff ff ff ff ff ff ff ff ff 491 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 492 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 493 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 494 06 00 64 00 01 01 00 496 MAC: 498 f6 d9 65 a7 83 82 a7 48 45 f7 2d ac 500 5.2. AES MAC (omits TCP options) 502 5.2.1. Send (client) SYN (omits options) 504 Send_SYN_traffic_key: 506 2c db ae 13 92 c4 94 49 fa 92 c4 50 97 35 d5 0e 508 IPv4/TCP: 510 45 e0 00 4c f2 2e 40 00 ff 06 aa 4c 0a 0b 0c 0d 511 ac 1b 1c 1d da 1c 00 b3 38 9b ed 71 00 00 00 00 512 e0 02 ff ff 70 bf 00 00 02 04 05 b4 01 03 03 08 513 04 02 08 0a 00 01 85 e1 00 00 00 00 1d 10 3d 54 514 c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 516 MAC: 518 c4 4e 60 cb 31 f7 c0 b1 de 3d 27 49 520 5.2.2. Receive (server) SYN-ACK (omits options) 522 Receive_SYN_traffic_key: 524 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a 526 IPv4/TCP: 528 45 e0 00 4c 6c c0 40 00 ff 06 2f bb ac 1b 1c 1d 529 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 6f 38 9b ed 72 530 e0 12 ff ff e4 45 00 00 02 04 05 b4 01 03 03 08 531 04 02 08 0a ce 45 98 38 00 01 85 e1 1d 10 54 3d 532 3a 6a bb 20 7e 49 b1 be 71 36 db 90 534 MAC: 536 3a 6a bb 20 7e 49 b1 be 71 36 db 90 538 5.2.3. Send (client) non-SYN (omits options) 540 Send_other_traffic_key: 542 03 5b c4 00 a3 41 ff e5 95 f5 9f 58 00 50 06 ca 544 IPv4/TCP: 546 45 e0 00 87 ee 91 40 00 ff 06 ad ae 0a 0b 0c 0d 547 ac 1b 1c 1d da 1c 00 b3 38 9b ed 72 d3 84 4a 70 548 c0 18 01 04 88 51 00 00 01 01 08 0a 00 01 85 e1 549 ce 45 98 38 1d 10 3d 54 75 85 e9 e9 d5 c3 ec 85 550 7b 96 f8 37 ff ff ff ff ff ff ff ff ff ff ff ff 551 ff ff ff ff 00 43 01 04 da bf 00 b4 0a 0b 0c 0d 552 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 553 00 02 02 42 00 02 06 41 04 00 00 da bf 02 08 40 554 06 00 64 00 01 01 00 556 MAC: 558 75 85 e9 e9 d5 c3 ec 85 7b 96 f8 37 560 5.2.4. Receive (server) non-SYN (omits options) 562 Receive_other_traffic_key: 564 3c e6 7a 55 18 69 50 6b 63 47 b6 33 c5 0a 62 4a 566 IPv4/TCP: 568 45 e0 00 87 6a 21 40 00 ff 06 32 1f ac 1b 1c 1d 569 0a 0b 0c 0d 00 b3 da 1c d3 84 4a 70 38 9b ed 72 570 c0 18 01 00 04 49 00 00 01 01 08 0a ce 45 98 38 571 00 01 85 e1 1d 10 54 3d 5c 04 0f d9 23 33 04 76 572 5c 09 82 f4 ff ff ff ff ff ff ff ff ff ff ff ff 573 ff ff ff ff 00 43 01 04 da c0 00 b4 ac 1b 1c 1d 574 26 02 06 01 04 00 01 00 01 02 02 80 00 02 02 02 575 00 02 02 42 00 02 06 41 04 00 00 da c0 02 08 40 576 06 00 64 00 01 01 00 578 MAC: 580 5c 04 0f d9 23 33 04 76 5c 09 82 f4 582 6. IPv6 SHA-1 Output Test Vectors 584 SHA-1 is computed as specified for TCP-AO [RFC5926]. 586 6.1. SHA-1 MAC (default - covers TCP options) 588 6.1.1. Send (client) SYN (covers options) 590 Send_SYN_traffic_key: 592 62 5e c0 9d 57 58 36 ed c9 b6 42 84 18 bb f0 69 593 89 a3 61 bb 595 IPv6/TCP: 597 6e 08 91 dc 00 38 06 40 fd 00 00 00 00 00 00 00 598 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 599 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 3f 600 00 00 00 00 e0 02 ff ff 47 21 00 00 02 04 05 a0 601 01 03 03 08 04 02 08 0a 00 41 d0 87 00 00 00 00 602 1d 10 3d 54 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f 604 MAC: 606 90 33 ec 3d 73 34 b6 4c 5e dd 03 9f 608 6.1.2. Receive (server) SYN-ACK (covers options) 610 Receive_SYN_traffic_key: 612 e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 613 71 eb cb 4a 615 IPv6/TCP: 617 6e 01 00 9e 00 38 06 40 fd 00 00 00 00 00 00 00 618 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 619 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4b 620 17 6a 83 40 e0 12 ff ff bf ec 00 00 02 04 05 a0 621 01 03 03 08 04 02 08 0a bd 33 12 9b 00 41 d0 87 622 1d 10 54 3d f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 624 MAC: 626 f1 cb a3 46 c3 52 61 63 f7 1f 1f 55 628 6.1.3. Send (client) non-SYN (covers options) 630 Send_other_traffic_key: 632 1e d8 29 75 f4 ea 44 4c 61 58 0c 5b d9 0d bd 61 633 bb c9 1b 7e 635 IPv6/TCP: 637 6e 08 91 dc 00 73 06 40 fd 00 00 00 00 00 00 00 638 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 639 00 00 00 00 00 00 00 02 f7 e4 00 b3 17 6a 83 40 640 3f 51 99 4c c0 18 01 00 32 9c 00 00 01 01 08 0a 641 00 41 d0 91 bd 33 12 9b 1d 10 3d 54 bf 08 05 fe 642 b4 ac 7b 16 3d 6f cd f2 ff ff ff ff ff ff ff ff 643 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 644 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 645 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 646 e8 02 08 40 06 00 64 00 01 01 00 648 MAC: 650 bf 08 05 fe b4 ac 7b 16 3d 6f cd f2 652 6.1.4. Receive (server) non-SYN (covers options) 654 Receive_other_traffic_key: 656 e4 a3 7a da 2a 0a fc a8 71 14 34 91 3f e1 38 c7 657 71 eb cb 4a 659 IPv6/TCP: 661 6e 01 00 9e 00 73 06 40 fd 00 00 00 00 00 00 00 662 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 663 00 00 00 00 00 00 00 01 00 b3 f7 e4 3f 51 99 4c 664 17 6a 83 83 c0 18 01 00 ee 6e 00 00 01 01 08 0a 665 bd 33 12 a5 00 41 d0 91 1d 10 54 3d 6c 48 12 5c 666 11 33 5b ab 9a 07 a7 97 ff ff ff ff ff ff ff ff 667 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 668 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 669 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 670 e8 02 08 40 06 00 64 00 01 01 00 672 MAC: 674 6c 48 12 5c 11 33 5b ab 9a 07 a7 97 676 6.2. SHA-1 MAC (omits TCP options) 678 6.2.1. Send (client) SYN (omits options) 680 Send_SYN_traffic_key: 682 31 a3 fa f6 9e ff ae 52 93 1b 7f 84 54 67 31 5c 683 27 0a 4e dc 685 IPv6/TCP: 687 6e 07 8f cd 00 38 06 40 fd 00 00 00 00 00 00 00 688 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 689 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 69 690 00 00 00 00 e0 02 ff ff a4 1a 00 00 02 04 05 a0 691 01 03 03 08 04 02 08 0a 00 9d b9 5b 00 00 00 00 692 1d 10 3d 54 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 694 MAC: 696 88 56 98 b0 53 0e d4 d5 a1 5f 83 46 698 6.2.2. Receive (server) SYN-ACK (omits options) 700 Receive_SYN_traffic_key: 702 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 703 c7 fa 91 bd 705 IPv6/TCP: 707 6e 0a 7e 1f 00 38 06 40 fd 00 00 00 00 00 00 00 708 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 709 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4d 710 02 0c 1e 6a e0 12 ff ff 77 4d 00 00 02 04 05 a0 711 01 03 03 08 04 02 08 0a 5e c9 9b 70 00 9d b9 5b 712 1d 10 54 3d 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d 714 MAC: 716 3c 54 6b ad 97 43 f1 2d f8 b8 01 0d 718 6.2.3. Send (client) non-SYN (omits options) 720 Send_other_traffic_key: 722 b3 4e ed 6a 93 96 a6 69 f1 c4 f4 f5 76 18 f3 65 723 6f 52 c7 ab 725 IPv6/TCP: 727 6e 07 8f cd 00 73 06 40 fd 00 00 00 00 00 00 00 728 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 729 00 00 00 00 00 00 00 02 c6 cd 00 b3 02 0c 1e 6a 730 eb a3 73 4e c0 18 01 00 83 e6 00 00 01 01 08 0a 731 00 9d b9 65 5e c9 9b 70 1d 10 3d 54 48 bd 09 3b 732 19 24 e0 01 19 2f 5b f0 ff ff ff ff ff ff ff ff 733 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 734 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 735 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 736 e8 02 08 40 06 00 64 00 01 01 00 738 MAC: 740 48 bd 09 3b 19 24 e0 01 19 2f 5b f0 742 6.2.4. Receive (server) non-SYN (omits options) 744 Receive_other_traffic_key: 746 40 51 08 94 7f 99 65 75 e7 bd bc 26 d4 02 16 a2 747 c7 fa 91 bd 749 IPv6/TCP: 751 6e 0a 7e 1f 00 73 06 40 fd 00 00 00 00 00 00 00 752 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 753 00 00 00 00 00 00 00 01 00 b3 c6 cd eb a3 73 4e 754 02 0c 1e ad c0 18 01 00 71 6a 00 00 01 01 08 0a 755 5e c9 9b 7a 00 9d b9 65 1d 10 54 3d 55 9a 81 94 756 45 b4 fd e9 8d 9e 13 17 ff ff ff ff ff ff ff ff 757 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 758 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 759 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 760 e8 02 08 40 06 00 64 00 01 01 00 762 MAC: 764 55 9a 81 94 45 b4 fd e9 8d 9e 13 17 766 7. IPv6 AES-128 Output Test Vectors 768 AES-128 is computed as required by TCP-AO [RFC5926]. 770 7.1. AES MAC (default - covers TCP options) 772 7.1.1. Send (client) SYN (covers options) 774 Send_SYN_traffic_key: 776 fa 5a 21 08 88 2d 39 d0 c7 19 29 17 5a b1 b7 b8 778 IP/TCP: 780 6e 04 a7 06 00 38 06 40 fd 00 00 00 00 00 00 00 781 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 782 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ec 783 00 00 00 00 e0 02 ff ff de 5d 00 00 02 04 05 a0 784 01 03 03 08 04 02 08 0a 13 e4 ab 99 00 00 00 00 785 1d 10 3d 54 59 b5 88 10 74 81 ac 6d c3 92 70 40 787 MAC: 789 59 b5 88 10 74 81 ac 6d c3 92 70 40 791 7.1.2. Receive (server) SYN-ACK (covers options) 793 Receive_SYN_traffic_key: 795 cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 797 IPv6/TCP: 799 6e 06 15 20 00 38 06 40 fd 00 00 00 00 00 00 00 800 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 801 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cb 802 19 3c cc ed e0 12 ff ff ea bb 00 00 02 04 05 a0 803 01 03 03 08 04 02 08 0a 71 da ab c8 13 e4 ab 99 804 1d 10 54 3d dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 806 MAC: 808 dc 28 43 a8 4e 78 a6 bc fd c5 ed 80 810 7.1.3. Send (client) non-SYN (covers options) 812 Send_other_traffic_key: 814 61 74 c3 55 7a be d2 75 74 db a3 71 85 f0 03 00 816 IPv6/TCP: 818 6e 04 a7 06 00 73 06 40 fd 00 00 00 00 00 00 00 819 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 820 00 00 00 00 00 00 00 02 f8 5a 00 b3 19 3c cc ed 821 a6 74 4e cc c0 18 01 00 32 80 00 00 01 01 08 0a 822 13 e4 ab a3 71 da ab c8 1d 10 3d 54 7b 6a 45 5c 823 0d 4f 5f 01 83 5b aa b3 ff ff ff ff ff ff ff ff 824 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 825 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 826 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 827 e8 02 08 40 06 00 64 00 01 01 00 829 MAC: 831 7b 6a 45 5c 0d 4f 5f 01 83 5b aa b3 833 7.1.4. Receive (server) non-SYN (covers options) 835 Receive_other_traffic_key: 837 cf 1b 1e 22 5e 06 a6 36 16 76 4a 06 7b 46 f4 b1 839 IPv6/TCP: 841 6e 06 15 20 00 73 06 40 fd 00 00 00 00 00 00 00 842 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 843 00 00 00 00 00 00 00 01 00 b3 f8 5a a6 74 4e cc 844 19 3c cd 30 c0 18 01 00 52 f4 00 00 01 01 08 0a 845 71 da ab d3 13 e4 ab a3 1d 10 54 3d c1 06 9b 7d 846 fd 3d 69 3a 6d f3 f2 89 ff ff ff ff ff ff ff ff 847 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 848 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 849 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 850 e8 02 08 40 06 00 64 00 01 01 00 852 MAC: 854 c1 06 9b 7d fd 3d 69 3a 6d f3 f2 89 856 7.2. AES MAC (omits TCP options) 858 7.2.1. Send (client) SYN (omits options) 860 Send_SYN_traffic_key: 862 a9 4f 51 12 63 e4 09 3d 35 dd 81 8c 13 bb bf 53 864 IPv6/TCP: 866 6e 09 3d 76 00 38 06 40 fd 00 00 00 00 00 00 00 867 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 868 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4a 869 00 00 00 00 e0 02 ff ff 75 ff 00 00 02 04 05 a0 870 01 03 03 08 04 02 08 0a 14 27 5b 3b 00 00 00 00 871 1d 10 3d 54 3d 45 b4 34 2d e8 bb 15 30 84 78 98 873 MAC: 875 3d 45 b4 34 2d e8 bb 15 30 84 78 98 877 7.2.2. Receive (server) SYN-ACK (omits options) 879 Receive_SYN_traffic_key: 881 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a 883 IPv6/TCP: 885 6e 0c 60 0a 00 38 06 40 fd 00 00 00 00 00 00 00 886 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 887 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 45 888 b0 1d a7 4b e0 12 ff ff a7 0c 00 00 02 04 05 a0 889 01 03 03 08 04 02 08 0a 17 82 24 5b 14 27 5b 3b 890 1d 10 54 3d 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 892 MAC: 894 1d 01 f6 c8 7c 6f 93 ac ff a9 d4 b5 896 7.2.3. Send (client) non-SYN (omits options) 898 Send_other_traffic_key: 900 4f b2 08 6e 40 2c 67 90 79 ed 65 d4 bf 97 69 3d 902 IPv6/TCP: 904 6e 09 3d 76 00 73 06 40 fd 00 00 00 00 00 00 00 905 00 00 00 00 00 00 00 01 fd 00 00 00 00 00 00 00 906 00 00 00 00 00 00 00 02 f2 88 00 b3 b0 1d a7 4b 907 a6 24 61 46 c0 18 01 00 c3 6d 00 00 01 01 08 0a 908 14 27 5b 4f 17 82 24 5b 1d 10 3d 54 29 0c f4 14 909 cc b4 7a 33 32 76 e7 f8 ff ff ff ff ff ff ff ff 910 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 911 01 01 01 79 26 02 06 01 04 00 01 00 01 02 02 80 912 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 913 e8 02 08 40 06 00 64 00 01 01 00 915 MAC: 917 29 0c f4 14 cc b4 7a 33 32 76 e7 f8 919 7.2.4. Receive (server) non-SYN (omits options) 921 Receive_other_traffic_key: 923 92 de a5 bb c7 8b 1d 9f 5b 29 52 e9 cd 30 64 2a 925 IPv6/TCP: 927 6e 0c 60 0a 00 73 06 40 fd 00 00 00 00 00 00 00 928 00 00 00 00 00 00 00 02 fd 00 00 00 00 00 00 00 929 00 00 00 00 00 00 00 01 00 b3 f2 88 a6 24 61 46 930 b0 1d a7 8e c0 18 01 00 34 51 00 00 01 01 08 0a 931 17 82 24 65 14 27 5b 4f 1d 10 54 3d 99 51 5f fc 932 d5 40 34 99 f6 19 fd 1b ff ff ff ff ff ff ff ff 933 ff ff ff ff ff ff ff ff 00 43 01 04 fd e8 00 b4 934 01 01 01 7a 26 02 06 01 04 00 01 00 01 02 02 80 935 00 02 02 02 00 02 02 42 00 02 06 41 04 00 00 fd 936 e8 02 08 40 06 00 64 00 01 01 00 938 MAC: 940 99 51 5f fc d5 40 34 99 f6 19 fd 1b 942 8. Observed Implementation Errors 944 The following is a partial list of implementation errors that this 945 set of test vectors is intended to validate. 947 8.1. Algorithm issues 949 o Underlying implementation of HMAC SHA1 or AES128 CMAC does not 950 pass their corresponding test vectors [RFC2202] [RFC4493] 952 o The SNE algorithm does not consider corner cases (the pseudocode 953 in [RFC5925] was not intended as complete, as discussed in 954 [To21], the latter of which includes its own validation sequence) 956 8.2. Algorithm parameters 958 o KDF context length is incorrect, e.g. it does not include TCP 959 header length + payload length (it should, per 5.2 of TCP-AO 960 [RFC5925]) 962 o KDF calculation does not start from counter i = 1 (it should, per 963 Sec. 3.1.1 of the TCP-AO crypto algorithms [RFC5926]) 965 o KDF calculation does not include output length in bits, contained 966 in two bytes in network byte order (it should, per Sec. 3.1.1 of 967 the TCP-AO crypto algorithms [RFC5926]) 969 o KDF uses keys generated from current TCP segment sequence numbers 970 (KDF should use only local and remote ISNs or zero, as indicated 971 in Sec. 5.2 of TCP-AO [RFC5925]) 973 8.3. String handling issues 975 The strings indicated in TCP-AO and its algorithms are indicated as 976 a sequence of bytes of known length. In some implementations, string 977 lengths are indicated by a terminal value (e.g., zero in C). This 978 terminal value is not included as part of the string for 979 calculations. 981 o Password includes the last zero-byte (it should not) 983 o Label "TCP-AO" includes the last zero byte (it should not) 985 8.4. Header coverage issues 987 o TCP checksum and/or MAC is not zeroed properly before calculation 988 (both should be) 990 o TCP header is not included to the MAC calculation (it should be) 992 o TCP options are not included to the MAC calculation by default 993 (there is a separate parameter in the master key tuple to ignore 994 options; this document provides test vectors for both options- 995 included and options-excluded cases) 997 9. Security Considerations 999 This document is intended to assist in the validation of 1000 implementations of TCP-AO, to further enable its more widespread use 1001 as a security mechanism to authenticate not only TCP payload 1002 contents but the TCP headers and protocol. 1004 The master_key of "testvector" used here for test vector generation 1005 SHOULD NOT be used operationally. 1007 10. IANA Considerations 1009 This document contains no IANA issues. This section should be 1010 removed upon publication as an RFC. 1012 11. References 1014 11.1. Normative References 1016 [RFC791] Postel, J., "Internet Protocol," RFC 791, Sept. 1981. 1018 [RFC793] Postel, J., "Transmission Control Protocol," RFC 793, 1019 September 1981. 1021 [RFC2018] Mathis, M., J. Mahdavi, S. Floyd, A. Romanow, "TCP 1022 Selective Acknowledgment Options," RFC 2018, Oct. 1996. 1024 [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate 1025 Requirement Levels," BCP 14, RFC 2119, March 1997. 1027 [RFC5925] Touch, J., A. Mankin, R. Bonica, "The TCP Authentication 1028 Option," RFC 5925, June 2010. 1030 [RFC5926] Lebovitz, G., and E. Rescorla, "Cryptographic Algorithms 1031 for the TCP Authentication Option (TCP-AO)," RFC 5925, 1032 June 2010. 1034 [RFC6978] Touch, J., "A TCP Authentication Option Extension for NAT 1035 Traversal," RFC 6978, July 2013. 1037 [RFC7323] Borman, D., B. Braden, V. Jacobson, R. Scheffenegger, Ed., 1038 "TCP Extensions for High Performance," RFC 7323, Sept. 1039 2014. 1041 [RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 1042 2119 Key Words," RFC 2119, May 2017. 1044 [RFC8200] Deering, S., R. Hinden, "Internet Protocol Version 6 1045 (IPv6) Specification," RFC 8200, Jul. 2017. 1047 11.2. Informative References 1049 [RFC2202] Cheng, P., and R. Glenn, "Test Cases for HMAC-MD5 and 1050 HMAC-SHA-1," RFC 2202, Sept. 1997. 1052 [RFC4493] Song, JH, R. Poovendran, J. Lee, T. Iwata, "The AES-CMAC 1053 Algorithm," RFC 4493, June 2006. 1055 [To21] Touch, J., "Sequence Number Extension for Windowed 1056 Protocols," draft-tsvwg-touch-sne, Apr. 2021. 1058 12. Acknowledgments 1060 (TBD) 1062 This document was prepared using 2-Word-v2.0.template.dot. 1064 Authors' Addresses 1066 Joe Touch 1067 Manhattan Beach, CA 90266 USA 1068 Phone: +1 (310) 560-0334 1069 Email: touch@strayalpha.com 1071 Juhamatti Kuusisaari 1072 Infinera Corporation 1073 Sinimaentie 6c 1074 FI-02630 Espoo, Finland 1075 Email: jkuusisaari@infinera.com