From hipsec-bounces@lists.ietf.org Tue Jul 04 07:39:25 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FxjFR-00038X-Tc; Tue, 04 Jul 2006 07:39:21 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FusPT-0004y7-4Q for hipsec@ietf.org; Mon, 26 Jun 2006 10:49:55 -0400 Received: from mh1.eu.ntt.net ([212.119.0.10]) by ietf-mx.ietf.org with smtp (Exim 4.43) id 1FusPR-0007VH-GJ for hipsec@ietf.org; Mon, 26 Jun 2006 10:49:55 -0400 Received: (qmail 4981 invoked by uid 2101); 26 Jun 2006 15:49:52 +0100 Received: from julien.laganier@laposte.net by mh1 by uid 0 with qmail-scanner-1.22st (clamdscan: 0.85.1. spamassassin: 3.0.4. perlscan: 1.22st. Clear:RC:1(212.119.9.178):. Processed in 0.040944 secs); 26 Jun 2006 14:49:52 -0000 Received: from unknown (HELO ?192.168.1.117?) (212.119.9.178) by mx1.eu.ntt.net with SMTP; 26 Jun 2006 15:49:52 +0100 From: Julien Laganier To: hipsec@ietf.org, Internet Area Date: Mon, 26 Jun 2006 16:49:59 +0200 User-Agent: KMail/1.8.2 MIME-Version: 1.0 Content-Type: Multipart/Mixed; boundary="Boundary-00=_YQ/nE6q+XviG3KC" Message-Id: <200606261650.00361.julien.laganier@laposte.net> X-Spam-Score: 0.0 (/) X-Scan-Signature: 2a76bcd37b1c8a21336eb0a1ea6bbf48 X-Mailman-Approved-At: Tue, 04 Jul 2006 07:39:20 -0400 Cc: Subject: [Hipsec] Fwd: I-D ACTION:draft-laganier-ipv6-khi-02.txt X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org --Boundary-00=_YQ/nE6q+XviG3KC Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Content-Disposition: inline FYI, --julien --Boundary-00=_YQ/nE6q+XviG3KC Content-Type: message/rfc822; name="forwarded message" Content-Transfer-Encoding: 7bit Content-Description: Internet-Drafts@ietf.org: I-D ACTION:draft-laganier-ipv6-khi-02.txt Content-Disposition: inline Return-Path: Original-Recipient: rfc822;julien.IETF@laposte.net Received: from smtp.laposte.net (10.150.9.38) by mx.laposte.net (7.2.060.1) id 449AA1340006F28F; Fri, 23 Jun 2006 00:52:52 +0200 Received: from megatron.ietf.org (156.154.16.145) by smtp.laposte.net (7.3.105.2) id 0000000001724AF6; Fri, 23 Jun 2006 00:55:38 +0200 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FtY02-00044u-AW; Thu, 22 Jun 2006 18:50:10 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FtXzu-0003xT-DH for i-d-announce@ietf.org; Thu, 22 Jun 2006 18:50:02 -0400 Received: from oak.neustar.com ([209.173.53.70]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FtXzu-0003FU-0t for i-d-announce@ietf.org; Thu, 22 Jun 2006 18:50:02 -0400 Received: from stiedprstage1.ietf.org (stiedprstage1.va.neustar.com [10.31.47.10]) by oak.neustar.com (8.12.8/8.12.8) with ESMTP id k5MMo1WR003648 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 22 Jun 2006 22:50:01 GMT Received: from ietf by stiedprstage1.ietf.org with local (Exim 4.43) id 1FtXzt-0007sQ-Nr for i-d-announce@ietf.org; Thu, 22 Jun 2006 18:50:01 -0400 Content-Type: Multipart/Mixed; Boundary="NextPart" Mime-Version: 1.0 To: i-d-announce@ietf.org Cc: From: Internet-Drafts@ietf.org Message-Id: Date: Thu, 22 Jun 2006 18:50:01 -0400 X-Spam-Score: 0.3 (/) X-Scan-Signature: 8de5f93cb2b4e3bee75302e9eacc33db Subject: I-D ACTION:draft-laganier-ipv6-khi-02.txt X-BeenThere: i-d-announce@ietf.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: internet-drafts@ietf.org List-Id: i-d-announce.ietf.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: i-d-announce-bounces@ietf.org X-UID: 74709 X-Length: 6173 --NextPart Content-Type: A New Internet-Draft is available from the on-line Internet-Drafts directories. Title : An IPv6 Prefix for Overlay Routable Cryptographic Hash Identifiers (ORCHID) Author(s) : P. Nikander, et al. Filename : draft-laganier-ipv6-khi-02.txt Pages : 13 Date : 2006-6-22 This document introduces Overlay Routable Cryptographic Hash Identifiers (ORCHID) as a new, experimental class of IPv6-address- like identifiers. These identifiers are intended to be used as end- point identifiers at applications and APIs and not as identifiers for network location at the IP layer, i.e., locators. They are designed to appear as application layer entities and at the existing IPv6 APIs, but they should not appear in actual IPv6 headers. To make them more like vanilla IPv6 addresses, they are expected to be routable at an overlay level. Consequently, while they are considered as non-routable addresses from the IPv6 layer point of view, all existing IPv6 applications are expected to be able to use them in a manner compatible with current IPv6 addresses. This document requests IANA to allocate a temporary prefix out of the IPv6 addressing space for Overlay Routable Cryptographic Hash Identifiers. A URL for this Internet-Draft is: http://www.ietf.org/internet-drafts/draft-laganier-ipv6-khi-02.txt To remove yourself from the I-D Announcement list, send a message to i-d-announce-request@ietf.org with the word unsubscribe in the body of the message. You can also visit https://www1.ietf.org/mailman/listinfo/I-D-announce to change your subscription settings. Internet-Drafts are also available by anonymous FTP. Login with the username "anonymous" and a password of your e-mail address. After logging in, type "cd internet-drafts" and then "get draft-laganier-ipv6-khi-02.txt". A list of Internet-Drafts directories can be found in http://www.ietf.org/shadow.html or ftp://ftp.ietf.org/ietf/1shadow-sites.txt Internet-Drafts can also be obtained by e-mail. Send a message to: mailserv@ietf.org. In the body type: "FILE /internet-drafts/draft-laganier-ipv6-khi-02.txt". NOTE: The mail server at ietf.org can return the document in MIME-encoded form by using the "mpack" utility. To use this feature, insert the command "ENCODING mime" before the "FILE" command. To decode the response(s), you will need "munpack" or a MIME-compliant mail reader. Different MIME-compliant mail readers exhibit different behavior, especially when dealing with "multipart" MIME messages (i.e. documents which have been split up into multiple messages), so check your local documentation on how to manipulate these messages. Below is the data which will enable a MIME compliant mail reader implementation to automatically retrieve the ASCII version of the Internet-Draft. --NextPart Content-Type: Multipart/Alternative; Boundary="OtherAccess" --OtherAccess Content-Type: Message/External-body; access-type="mail-server"; server="mailserv@ietf.org" Content-Type: text/plain Content-ID: <2006-6-22152009.I-D@ietf.org> ENCODING mime FILE /internet-drafts/draft-laganier-ipv6-khi-02.txt --OtherAccess Content-Type: Message/External-body; name="draft-laganier-ipv6-khi-02.txt"; site="ftp.ietf.org"; access-type="anon-ftp"; directory="internet-drafts" Content-Type: text/plain Content-ID: <2006-6-22152009.I-D@ietf.org> --OtherAccess-- --NextPart Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ I-D-Announce mailing list I-D-Announce@ietf.org https://www1.ietf.org/mailman/listinfo/i-d-announce --NextPart-- --Boundary-00=_YQ/nE6q+XviG3KC Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit Content-Disposition: inline _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec --Boundary-00=_YQ/nE6q+XviG3KC-- From hipsec-bounces@lists.ietf.org Wed Jul 12 10:17:43 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G0fX3-0005Hv-LL; Wed, 12 Jul 2006 10:17:41 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G0fX1-0005Hp-VY for hipsec@ietf.org; Wed, 12 Jul 2006 10:17:39 -0400 Received: from mailgw4.ericsson.se ([193.180.251.62]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G0fWz-0007M8-HK for hipsec@ietf.org; Wed, 12 Jul 2006 10:17:39 -0400 Received: from esealmw128.eemea.ericsson.se (unknown [153.88.254.121]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id EB8AE6E0005; Wed, 12 Jul 2006 16:17:36 +0200 (CEST) Received: from esealmw126.eemea.ericsson.se ([153.88.254.170]) by esealmw128.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Wed, 12 Jul 2006 16:17:36 +0200 Received: from mail.lmf.ericsson.se ([131.160.11.50]) by esealmw126.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Wed, 12 Jul 2006 16:17:35 +0200 Received: from [131.160.126.67] (rvi2-126-67.lmf.ericsson.se [131.160.126.67]) by mail.lmf.ericsson.se (Postfix) with ESMTP id 12AC62685; Wed, 12 Jul 2006 17:17:30 +0300 (EEST) Message-ID: <44B50479.2040509@ericsson.com> Date: Wed, 12 Jul 2006 17:17:29 +0300 From: Gonzalo Camarillo User-Agent: Thunderbird 1.5.0.4 (Windows/20060516) MIME-Version: 1.0 To: HIP Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 12 Jul 2006 14:17:35.0969 (UTC) FILETIME=[EC5F0510:01C6A5BD] X-Brightmail-Tracker: AAAAAA== X-Spam-Score: 0.0 (/) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de Cc: Subject: [Hipsec] Draft minutes of the meeting X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Folks, you can fetch the draft minutes of Monday's meeting from: http://hip.piuha.net/meetings/ietf66/notes/minutes-hip-ietf66.txt Your comments are welcome. Cheers, Gonzalo _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Wed Jul 12 16:22:32 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G0lE7-0000PB-B1; Wed, 12 Jul 2006 16:22:31 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G0lE5-0000Ox-Tf for hipsec@ietf.org; Wed, 12 Jul 2006 16:22:29 -0400 Received: from slb-smtpout-01.boeing.com ([130.76.64.48] helo=slb-smtpout-01.ns.cs.boeing.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G0lE3-00045K-LB for hipsec@ietf.org; Wed, 12 Jul 2006 16:22:29 -0400 Received: from blv-av-01.boeing.com (blv-av-01.boeing.com [192.42.227.216]) by slb-smtpout-01.ns.cs.boeing.com (8.13.6/8.13.6/TEST_SMTPIN) with ESMTP id k6CKMBOY013298 for ; Wed, 12 Jul 2006 13:22:11 -0700 (PDT) Received: from XCH-NWBH-11.nw.nos.boeing.com (localhost [127.0.0.1]) by blv-av-01.boeing.com (8.11.3/8.11.3/MBS-AV-LDAP-01) with ESMTP id k6CKMQw25467 for ; Wed, 12 Jul 2006 13:22:26 -0700 (PDT) Received: from XCH-NW-6V1.nw.nos.boeing.com ([130.247.55.55]) by XCH-NWBH-11.nw.nos.boeing.com with Microsoft SMTPSVC(6.0.3790.1830); Wed, 12 Jul 2006 13:22:21 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Date: Wed, 12 Jul 2006 13:21:54 -0700 Message-ID: <0DF156EE7414494187B087A3C279BDB4033F236B@XCH-NW-6V1.nw.nos.boeing.com> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: temporary HIT prefix: 2001007 Thread-Index: Acal8NE0IQFzi9hCQnGY/+bEQWPJdw== From: "Ahrenholz, Jeffrey M" To: X-OriginalArrivalTime: 12 Jul 2006 20:22:21.0691 (UTC) FILETIME=[E1472CB0:01C6A5F0] X-Spam-Score: 1.1 (+) X-Scan-Signature: 7bac9cb154eb5790ae3b2913587a40de Cc: Subject: [Hipsec] temporary HIT prefix: 2001007 X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org With the new base-04 and khi-02 drafts, the HIT is defined as a 28-bit = prefix concatenated with 100 bits from the hash output. This 28-bit = prefix is TBD assigned by IANA, but in the meantime we need something to = use for interop testing (and in general, to generate meaningful HITs.) = After discussing with Julien, we decided to use the following prefix: 0x2001007 Which is 28 bits in length and falls within the 2001:0000::/23 = allocation. The "7" is a randomly selected value. -Jeff _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Sat Jul 15 13:56:00 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1oMs-0002ye-0g; Sat, 15 Jul 2006 13:55:54 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1oMq-0002yE-Kk for hipsec@lists.ietf.org; Sat, 15 Jul 2006 13:55:52 -0400 Received: from creon.otaverkko.fi ([212.68.0.5]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G1o7x-00067b-UX for hipsec@lists.ietf.org; Sat, 15 Jul 2006 13:40:32 -0400 Received: from localhost (localhost [127.0.0.1]) by creon.otaverkko.fi (Postfix) with ESMTP id 53B0C21AF5B for ; Sat, 15 Jul 2006 20:40:28 +0300 (EEST) Received: from creon.otaverkko.fi ([127.0.0.1]) by localhost (creon.otaverkko.fi [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 24750-08; Sat, 15 Jul 2006 20:40:21 +0300 (EEST) Received: from argo.otaverkko.fi (argo.otaverkko.fi [212.68.0.2]) by creon.otaverkko.fi (Postfix) with ESMTP id BBA5E21AF2D for ; Sat, 15 Jul 2006 20:40:21 +0300 (EEST) Received: from [192.168.2.100] (p54A1096C.dip0.t-ipconnect.de [84.161.9.108]) by argo.otaverkko.fi (Postfix) with ESMTP id 552EF25ED06 for ; Sat, 15 Jul 2006 20:40:21 +0300 (EEST) From: Tobias Heer To: hipsec@lists.ietf.org Content-Type: text/plain Organization: HIIT - Helsinki Institute for Information Technology Date: Sat, 15 Jul 2006 19:40:16 +0200 Message-Id: <1152985217.19529.26.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at otaverkko.fi X-Spam-Score: 0.0 (/) X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69 Subject: [Hipsec] I2 and HMAC X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Hello, I've been reading the hip base draft today and I found something that makes no sense to me. The base draft says that the I2 packet is protected by HMAC and HIP_SIGNATURE. The HIP_SIGNATURE makes perfect sense but I wonder what the HMAC is good for in the I2. The DH shared secret for the HMAC has not been generated at the responders side when it receives the I2 packet. Therefore it can't be used to protect the DH operations. The HIP_SIGNATURE has to be checked anyway which should provide enough security on its own. The only thing that came to my mind was that the HMAC could protect the HIP signature verification but that would require that the DH key has to be calculated before the RSA signature is verified. As the DH operations are more expensive than the RSA verifications (provided both algorithms use similar key lengths) this doesn't make much sense. I came to the conclusion that: a) The RSA signature has to be checked in every case to prove the hosts identity. Checking the HMAC later on makes no sense as the RSA signature provides enough security. b) checking the HMAC before checking the RSA signature requires DH calculation and the only result you get is that the part which was signed by the HMAC is consistent. You can't verify the origin of the data as the host identity wasn't involved in the signature creation. That's why I wonder: what is the HMAC signature in I2 good for? Thanks for answers. Tobi PS: the version of the base draft was draft-ietf-hip-base-06 http://www.ietf.org/internet-drafts/draft-ietf-hip-base-06.txt _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Sat Jul 15 16:33:38 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1qpR-0004CD-79; Sat, 15 Jul 2006 16:33:33 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G1qpP-00046E-Tr for hipsec@lists.ietf.org; Sat, 15 Jul 2006 16:33:31 -0400 Received: from creon.otaverkko.fi ([212.68.0.5]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G1qpN-0004Mk-JL for hipsec@lists.ietf.org; Sat, 15 Jul 2006 16:33:31 -0400 Received: from localhost (localhost [127.0.0.1]) by creon.otaverkko.fi (Postfix) with ESMTP id E165221AF52 for ; Sat, 15 Jul 2006 23:33:27 +0300 (EEST) Received: from creon.otaverkko.fi ([127.0.0.1]) by localhost (creon.otaverkko.fi [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 27062-06; Sat, 15 Jul 2006 23:33:21 +0300 (EEST) Received: from argo.otaverkko.fi (argo.otaverkko.fi [212.68.0.2]) by creon.otaverkko.fi (Postfix) with ESMTP id 2787621AF2D for ; Sat, 15 Jul 2006 23:33:21 +0300 (EEST) Received: from [192.168.2.100] (p54A1096C.dip0.t-ipconnect.de [84.161.9.108]) by argo.otaverkko.fi (Postfix) with ESMTP id BAC3825ED06 for ; Sat, 15 Jul 2006 23:33:20 +0300 (EEST) From: Tobias Heer To: hipsec@lists.ietf.org Content-Type: text/plain Organization: HIIT - Helsinki Institute for Information Technology Date: Sat, 15 Jul 2006 22:33:16 +0200 Message-Id: <1152995596.19529.36.camel@localhost> Mime-Version: 1.0 X-Mailer: Evolution 2.6.1 Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at otaverkko.fi X-Spam-Score: 0.0 (/) X-Scan-Signature: 7655788c23eb79e336f5f8ba8bce7906 Subject: [Hipsec] rethought I2 and HMAC X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org Hi everyone! I was thinking about the HMAC in the I2 packet again. The reason why it could be there to protect the RSA operation in case that the senders HI was encrypted. In that case the DH shared secret would have to be created anyway. Checking the HMAC would prove that the initiator has actually computed the DH shared key (otherwise it can't sign the packet with the HMAC). This would mitigate DoS attacks with faked initiator DH public values and encrypted HIs. In such a case, the DH computation would be done but the fake DH key would be realized by the failure of the HMAC verification. The responder can throw the packet away and save the time for the RSA verification. Seems a bit constructed to me but it makes sense somehow. Was this the reason that the HMAC is there? Thanks for answers and clues. Tobi _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Mon Jul 17 09:47:56 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2TRy-0006Px-Mp; Mon, 17 Jul 2006 09:47:54 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2TRy-0006Ps-Cj for hipsec@lists.ietf.org; Mon, 17 Jul 2006 09:47:54 -0400 Received: from stl-smtpout-01.boeing.com ([130.76.96.56] helo=stl-smtpout-01.ns.cs.boeing.com) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G2TRx-0000DL-54 for hipsec@lists.ietf.org; Mon, 17 Jul 2006 09:47:54 -0400 Received: from blv-av-01.boeing.com (blv-av-01.boeing.com [192.42.227.216]) by stl-smtpout-01.ns.cs.boeing.com (8.13.6/8.13.6/TEST_SMTPIN) with ESMTP id k6HDlihp008937; Mon, 17 Jul 2006 08:47:50 -0500 (CDT) Received: from XCH-NWBH-11.nw.nos.boeing.com (localhost [127.0.0.1]) by blv-av-01.boeing.com (8.11.3/8.11.3/MBS-AV-LDAP-01) with ESMTP id k6HDliw25269; Mon, 17 Jul 2006 06:47:44 -0700 (PDT) Received: from XCH-NW-5V1.nw.nos.boeing.com ([130.247.55.44]) by XCH-NWBH-11.nw.nos.boeing.com with Microsoft SMTPSVC(6.0.3790.1830); Mon, 17 Jul 2006 06:47:41 -0700 X-MimeOLE: Produced By Microsoft Exchange V6.5 Content-class: urn:content-classes:message MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Subject: RE: [Hipsec] rethought I2 and HMAC Date: Mon, 17 Jul 2006 06:47:40 -0700 Message-ID: <77F357662F8BFA4CA7074B0410171B6D01A2F49C@XCH-NW-5V1.nw.nos.boeing.com> In-Reply-To: <1152995596.19529.36.camel@localhost> X-MS-Has-Attach: X-MS-TNEF-Correlator: Thread-Topic: [Hipsec] rethought I2 and HMAC Thread-Index: AcaoTfpehYXoU+lkQ7e3M3DkW+TfkABWO35Q From: "Henderson, Thomas R" To: "Tobias Heer" , X-OriginalArrivalTime: 17 Jul 2006 13:47:41.0205 (UTC) FILETIME=[92AC8450:01C6A9A7] X-Spam-Score: 0.0 (/) X-Scan-Signature: 39bd8f8cbb76cae18b7e23f7cf6b2b9f Cc: X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org =20 > -----Original Message----- > From: Tobias Heer [mailto:heer@hiit.fi]=20 > Sent: Saturday, July 15, 2006 1:33 PM > To: hipsec@lists.ietf.org > Subject: [Hipsec] rethought I2 and HMAC >=20 > Hi everyone! >=20 > I was thinking about the HMAC in the I2 packet again. >=20 > The reason why it could be there to protect the RSA operation in case > that the senders HI was encrypted. In that case the DH shared secret > would have to be created anyway. Checking the HMAC would=20 > prove that the > initiator has actually computed the DH shared key (otherwise it can't > sign the packet with the HMAC). This would mitigate DoS attacks with > faked initiator DH public values and encrypted HIs. In such a=20 > case, the > DH computation would be done but the fake DH key would be realized by > the failure of the HMAC verification. The responder can throw=20 > the packet > away and save the time for the RSA verification. >=20 > Seems a bit constructed to me but it makes sense somehow. Was this the > reason that the HMAC is there? I believe that the HMAC was added based on a email suggestion by Yogesh Swami in a Sept 2004 posting to the Hipsec list. This message is no longer at Trusecure archive (have we lost the public posting of this WG archive?), but can be found in Google cache by Googling "HIP I2 HMAC". There is no rationale given in that message but I believe that it was for the reason you cite. Tom >=20 _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Mon Jul 17 10:02:39 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2TgE-0008IP-Fo; Mon, 17 Jul 2006 10:02:38 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2TgC-0008IK-Ju for hipsec@lists.ietf.org; Mon, 17 Jul 2006 10:02:36 -0400 Received: from mx.laposte.net ([81.255.54.11]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G2TgB-0000aa-AB for hipsec@lists.ietf.org; Mon, 17 Jul 2006 10:02:36 -0400 Received: from [192.168.1.103] (212.119.9.178) by mx.laposte.net (7.2.060.1) (authenticated as julien.laganier) id 449AA130014EB204; Mon, 17 Jul 2006 16:02:33 +0200 From: Julien Laganier To: "Tobias Heer" Subject: Re: [Hipsec] rethought I2 and HMAC Date: Mon, 17 Jul 2006 16:02:25 +0200 User-Agent: KMail/1.8.2 References: <77F357662F8BFA4CA7074B0410171B6D01A2F49C@XCH-NW-5V1.nw.nos.boeing.com> In-Reply-To: <77F357662F8BFA4CA7074B0410171B6D01A2F49C@XCH-NW-5V1.nw.nos.boeing.com> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200607171602.25556.julien.IETF@laposte.net> X-Spam-Score: 0.0 (/) X-Scan-Signature: 39bd8f8cbb76cae18b7e23f7cf6b2b9f Cc: hipsec@lists.ietf.org X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org On Monday 17 July 2006 15:47, Henderson, Thomas R wrote: > > > Hi everyone! > > > > I was thinking about the HMAC in the I2 packet again. > > > > The reason why it could be there to protect the RSA operation in > > case that the senders HI was encrypted. In that case the DH > > shared secret would have to be created anyway. Checking the HMAC > > would prove that the > > initiator has actually computed the DH shared key (otherwise it > > can't sign the packet with the HMAC). This would mitigate DoS > > attacks with faked initiator DH public values and encrypted HIs. > > In such a case, the > > DH computation would be done but the fake DH key would be > > realized by the failure of the HMAC verification. The responder > > can throw the packet > > away and save the time for the RSA verification. > > > > Seems a bit constructed to me but it makes sense somehow. Was > > this the reason that the HMAC is there? > > I believe that the HMAC was added based on a email suggestion by > Yogesh Swami in a Sept 2004 posting to the Hipsec list. This > message is no longer at Trusecure archive (have we lost the public > posting of this WG archive?), but can be found in Google cache by > Googling "HIP I2 HMAC". There is no rationale given in that message > but I believe that it was for the reason you cite. IIRC the HMAC is there so that HIP follows the SIGMA guidelines suggested by Hugo Krawczyk. See: Hugo Krawczyk. SIGMA: the 'SIGn-and-MAc' approach to authenticated diffie-hellman and its use in the IKE protocols. In D. Boneh, editor, Advances in Cryptology -- CRYPTO 2003. --julien _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec From hipsec-bounces@lists.ietf.org Tue Jul 18 15:03:21 2006 Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2uqi-0004OJ-Ts; Tue, 18 Jul 2006 15:03:16 -0400 Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1G2uqh-0004OE-Ur for hipsec@lists.ietf.org; Tue, 18 Jul 2006 15:03:15 -0400 Received: from n2.nomadiclab.com ([193.234.219.2]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1G2uqg-0000Ur-M5 for hipsec@lists.ietf.org; Tue, 18 Jul 2006 15:03:15 -0400 Received: from n2.nomadiclab.com (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id 61C6F212C5D; Tue, 18 Jul 2006 22:03:13 +0300 (EEST) Received: from [127.0.0.1] (localhost [127.0.0.1]) by n2.nomadiclab.com (Postfix) with ESMTP id 19F52212C3D; Tue, 18 Jul 2006 22:03:13 +0300 (EEST) In-Reply-To: <1152985217.19529.26.camel@localhost> References: <1152985217.19529.26.camel@localhost> Mime-Version: 1.0 (Apple Message framework v752.2) Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed Message-Id: <2B9C5F6B-B1FB-44C8-B3C9-727E00E33B8A@nomadiclab.com> Content-Transfer-Encoding: 7bit From: Pekka Nikander Subject: Re: [Hipsec] I2 and HMAC Date: Tue, 18 Jul 2006 22:03:09 +0300 To: Tobias Heer X-Mailer: Apple Mail (2.752.2) X-Virus-Scanned: ClamAV using ClamSMTP X-Spam-Score: 0.0 (/) X-Scan-Signature: 7aefe408d50e9c7c47615841cb314bed Cc: hipsec@lists.ietf.org X-BeenThere: hipsec@lists.ietf.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "This is the official IETF Mailing List for the HIP Working Group." List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: hipsec-bounces@lists.ietf.org > That's why I wonder: what is the HMAC signature in I2 good for? IIRC, it was added to make it compliant with Hugo Krawzug's SIGMA family of protocols. But my memory may fail here. --Pekka _______________________________________________ Hipsec mailing list Hipsec@lists.ietf.org https://www1.ietf.org/mailman/listinfo/hipsec