draft-ietf-dhc-forcerenew-nonce-03.txt   draft-ietf-dhc-forcerenew-nonce-04.txt 
softwire D. Miles dhc D. Miles
Internet-Draft Alcatel-Lucent Internet-Draft Google
Intended status: Standards Track W. Dec Updates: 3203 (if approved) W. Dec
Expires: June 23, 2012 Cisco Systems Intended status: Standards Track Cisco Systems
J. Bristow Expires: August 17, 2012 J. Bristow
Swisscom Schweiz AG Swisscom Schweiz AG
R. Maglione R. Maglione
Telecom Italia Telecom Italia
December 21, 2011 February 14, 2012
Forcerenew Nonce Authentication Forcerenew Nonce Authentication
draft-ietf-dhc-forcerenew-nonce-03 draft-ietf-dhc-forcerenew-nonce-04
Abstract Abstract
DHCP Forcerenew allows for the reconfiguration of a single host by Dynamic Host Configuration Protocol (DHCP) FORCERENEW allows for the
forcing the DHCP client into a Renew state on a trigger from the DHCP reconfiguration of a single host by forcing the DHCP client into a
server. In Forcerenew Nonce Authentication the server sends a nonce Renew state on a trigger from the DHCP server. In Forcerenew Nonce
with the client on the initial DHCP ACK that is used for subsequent Authentication the server sends a nonce to the client on the initial
validation of a Forcerenew message. DHCP ACK that is used for subsequent validation of a FORCERENEW
message. This document updates RFC 3203.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on June 23, 2012. This Internet-Draft will expire on August 17, 2012.
Copyright Notice Copyright Notice
Copyright (c) 2011 IETF Trust and the persons identified as the Copyright (c) 2012 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
skipping to change at page 2, line 19 skipping to change at page 2, line 20
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3
3. Message authentication . . . . . . . . . . . . . . . . . . . . 3 3. Message authentication . . . . . . . . . . . . . . . . . . . . 3
3.1. Forcerenew Nonce Authentication . . . . . . . . . . . . . 3 3.1. Forcerenew Nonce Authentication . . . . . . . . . . . . . 3
3.1.1. Forcerenew Nonce Protocol Capability Option . . . . . 4 3.1.1. Forcerenew Nonce Protocol Capability Option . . . . . 4
3.1.2. Forcerenew Nonce Protocol . . . . . . . . . . . . . . 6 3.1.2. Forcerenew Nonce Protocol . . . . . . . . . . . . . . 6
3.1.3. Server considerations for Forcerenew Nonce 3.1.3. Server considerations for Forcerenew Nonce
Authentication . . . . . . . . . . . . . . . . . . . . 7
3.1.4. Client considerations for Forcerenew Nonce
Authentication . . . . . . . . . . . . . . . . . . . . 8 Authentication . . . . . . . . . . . . . . . . . . . . 8
4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 9 3.1.4. Client considerations for Forcerenew Nonce
5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 9 Authentication . . . . . . . . . . . . . . . . . . . . 9
6. Security Considerations . . . . . . . . . . . . . . . . . . . 9 4. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . . 10
6.1. Protocol vulnerabilities . . . . . . . . . . . . . . . . . 9 5. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 10 6. Security Considerations . . . . . . . . . . . . . . . . . . . 10
7.1. Normative References . . . . . . . . . . . . . . . . . . . 10 6.1. Protocol vulnerabilities . . . . . . . . . . . . . . . . . 11
7.2. Informative References . . . . . . . . . . . . . . . . . . 10 7. References . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 10 7.1. Normative References . . . . . . . . . . . . . . . . . . . 11
7.2. Informative References . . . . . . . . . . . . . . . . . . 11
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 12
1. Introduction 1. Introduction
The DHCP Reconfigure Extension defined in [RFC3203] is a useful The DHCP Reconfigure Extension defined in [RFC3203] is a useful
mechanism allowing dynamic reconfiguration of a single host triggered mechanism allowing dynamic reconfiguration of a single host triggered
by the DHCP server. Its application is currently limited by a by the DHCP server. Its application is currently limited by a
requirement that FORCERENEW message is always authenticated using requirement that FORCERENEW message is always authenticated using
procedures as described in [RFC3118]. Authentication for DHCP procedures as described in [RFC3118]. Authentication for DHCP
[RFC3118] is mandatory for Forcerenew, however as it is currently [RFC3118] is mandatory for FORCERENEW, however as it is currently
defined [RFC3118] requires distribution of constant token or shared- defined [RFC3118] requires distribution of constant token or shared-
secret out-of-band to DHCP clients. The mandatory authentication was secret out-of-band to DHCP clients. The mandatory authentication was
originally motivated by a legitimate security concern whereby in some originally motivated by a legitimate security concern whereby in some
network environments a FORCERENEW message can be spoofed. However, network environments DHCP messages can be spoofed and an attacker
in some networks native security mechanisms already provide could more accurately guess the timing of DHCP renewal messages by
sufficient protection against spoofing of DHCP traffic. An example first sending a FORCERENEW message. However, in some networks native
of such network is a Broadband Forum TR-101 [TR-101i2] compliant security mechanisms already provide sufficient protection against
access network. In such environments the mandatory coupling between spoofing of DHCP traffic. An example of such network is a Broadband
FORCERENEW and DHCP Authentication [RFC3118] can be relaxed. This Forum TR-101 [TR-101i2] compliant access network. In such
document defines extensions to Authentication for DHCP(v4) Messages environments the mandatory coupling between FORCERENEW and DHCP
[RFC3118] to create a new authentication protocol for DHCPv4 Authentication [RFC3118] can be relaxed and a lighter authentication
Forcerenew [RFC3203] messages; this method does not require out-of- mechanism can be used for the FORCERENEW message. This document
band key distribution to DHCP clients. The Forcerenew Nonce is defines extensions to Authentication for DHCPv4 Messages [RFC3118] to
exchanged between server and client on initial DHCP ACK and is used create a new authentication protocol for DHCPv4 FORCERENEW [RFC3203]
for verification of any subsequent Forcerenew message. messages; this method does not require out-of-band key distribution
to DHCP clients. The Forcerenew Nonce is exchanged between server
and client on initial DHCP ACK and is used for verification of any
subsequent FORCERENEW message. This document updates [RFC3203]
2. Requirements Language 2. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this
document are to be interpreted as described in [RFC2119]. document are to be interpreted as described in [RFC2119].
3. Message authentication 3. Message authentication
The FORCERENEW message must be authenticated using either [RFC3118] The FORCERENEW message must be authenticated using either [RFC3118]
or the proposed Forcerenew Nonce Authentication protocol. or the proposed Forcerenew Nonce Authentication protocol.
3.1. Forcerenew Nonce Authentication 3.1. Forcerenew Nonce Authentication
The Forcerenew nonce authentication protocol provides protection The Forcerenew nonce authentication protocol provides protection
against misconfiguration of a client caused by a Forcerenew message against misconfiguration of a client caused by a FORCERENEW message
sent by a malicious DHCP server. In this protocol, a DHCP server sent by a malicious DHCP server. In this protocol, a DHCP server
sends a Forcerenew nonce to the client in the initial exchange of sends a Forcerenew nonce to the client in the initial exchange of
DHCP messages. The client records the Forcerenew nonce for use in DHCP messages. The client records the Forcerenew nonce for use in
authenticating subsequent Forcerenew messages from that server. The authenticating subsequent Forcerenew messages from that server. The
server then includes an HMAC computed from the Forcerenew nonce in server then includes an HMAC computed from the Forcerenew nonce in
subsequent Forcerenew messages. subsequent FORCERENEW messages.
Both the Forcerenew nonce sent from the server to the client and the Both the Forcerenew nonce sent from the server to the client and the
HMAC in subsequent Forcerenew messages are carried as the HMAC in subsequent FORCERENEW messages are carried as the
Authentication information in a DHCP Authentication option. The Authentication information in a DHCP Authentication option. The
format of the Authentication information is defined in the following format of the Authentication information is defined in the following
section. section.
The Forcerenew nonce protocol is used (initiated by the server) only The Forcerenew nonce protocol is used (initiated by the server) only
if the client and server are not using any other authentication if the client and server are not using the authentication mechanism
protocol and the client and server have negotiated to use the specified in [RFC3118] and the client and server have negotiated to
Forcerenew Nonce Authentication protocol. use the Forcerenew Nonce Authentication protocol.
3.1.1. Forcerenew Nonce Protocol Capability Option 3.1.1. Forcerenew Nonce Protocol Capability Option
A DHCP client indicates DHCP Forcerenew Nonce Protocol capability by A DHCP client indicates DHCP Forcerenew Nonce Protocol capability by
including a FORCERENEW_NONCE_CAPABLE(<TBD>) option in DHCP Discover including a FORCERENEW_NONCE_CAPABLE(<TBD>) option in DHCP Discover
and Request messages sent to the server. and Request messages sent to the server.
A DHCP server that does not support Forcerenew Nonce Protocol A DHCP server that does not support Forcerenew Nonce Protocol
authentication should ignore the FORCERENEW_NONCE_CAPABLE(<TBD>) authentication should ignore the FORCERENEW_NONCE_CAPABLE(<TBD>)
option. A DHCP server indicates DHCP Forcerenew Nonce Protocol option. A DHCP server indicates DHCP Forcerenew Nonce Protocol
skipping to change at page 4, line 42 skipping to change at page 4, line 44
of <TDB> and format as follows: of <TDB> and format as follows:
Code Len Code Len
+-----+-----+ +-----+-----+
| TBD | 0 | | TBD | 0 |
+-----+-----+ +-----+-----+
The client would indicate that it supports the functionality by The client would indicate that it supports the functionality by
inserting the FORCERENEW_NONCE_CAPABLE option in the DHCP Discover inserting the FORCERENEW_NONCE_CAPABLE option in the DHCP Discover
and Request messages. If the server supports Forcerenew nonce and Request messages. If the server supports Forcerenew nonce
authentication and is configured to require Forcerenew nonce authentication and requires Forcerenew nonce authentication, it will
authentication, it will insert the FORCERENEW_NONCE_CAPABLE option in insert the FORCERENEW_NONCE_CAPABLE option in the DHCP Offer message.
the DHCP Offer message.
Server Client Server Server Client Server
(not selected) (selected) (not selected) (selected)
v v v v v v
| | | | | |
| Begins initialization | | Begins initialization |
| | | | | |
| _____________/|\____________ | | _____________/|\____________ |
|/DHCPDISCOVER | DHCPDISCOVER \| |/DHCPDISCOVER | DHCPDISCOVER \|
skipping to change at page 6, line 42 skipping to change at page 6, line 44
| | | | | |
v v v v v v
3.1.2. Forcerenew Nonce Protocol 3.1.2. Forcerenew Nonce Protocol
The Forcerenew Nonce Protocol makes use of both the DHCP The Forcerenew Nonce Protocol makes use of both the DHCP
authentication option defined in [RFC3118] re-using the option format authentication option defined in [RFC3118] re-using the option format
and of the Reconfigure Key Authentication Protocol defined in and of the Reconfigure Key Authentication Protocol defined in
[RFC3315]. [RFC3315].
The following diagram defines the format of the DHCP authentication
option:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Code | Length | Protocol | Algorithm |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| RDM | Replay Detection (64 bits) |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Replay cont. |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Replay cont. | |
+-+-+-+-+-+-+-+-+ |
| |
| Authentication Information |
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
The following fields are set in an DHCP authentication option for the The following fields are set in an DHCP authentication option for the
Forcerenew Nonce Authentication Protocol: Forcerenew Nonce Authentication Protocol:
code 90
length field contains the length of the protocol
protocol 3 protocol 3
algorithm 1 algorithm 1
RDM 0 Replay Detection field is per the Replay Detection Method (RDM)
Replay Detection Method (RDM) 0
Authentication Information: specified below
The format of the Authentication information for the Forcerenew Nonce The format of the Authentication information for the Forcerenew Nonce
Authentication Protocol is: Authentication Protocol is:
0 1 2 3 0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Type | Value (128 bits) | | Type | Value (128 bits) |
+-+-+-+-+-+-+-+-+ | +-+-+-+-+-+-+-+-+ |
. . . .
. . . .
. +-+-+-+-+-+-+-+-+ . +-+-+-+-+-+-+-+-+
| | | |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
Type Type of data in Value field carried in this option: Type Type of data in Value field carried in this option:
1 Reconfigure Key value (used in ACK message) 1 Forcerenew nonce Value (used in ACK message)
2 HMAC-MD5 digest of the message (FORCERENEW message) 2 HMAC-MD5 digest of the message (FORCERENEW message)
Value Data as defined by field Value Data as defined by field
3.1.3. Server considerations for Forcerenew Nonce Authentication 3.1.3. Server considerations for Forcerenew Nonce Authentication
The use of Forcerenew Nonce Protocol is dependent on the client The use of Forcerenew Nonce Protocol is dependent on the client
indicating its capability through the FORCERENEW_NONCE_CAPABLE(<TBD>) indicating its capability through the FORCERENEW_NONCE_CAPABLE(<TBD>)
DHCP option in any DHCP Discover or Request messages. The DHCP DHCP option in any DHCP Discover or Request messages. The DHCP
Discovery or Request message from the client MUST contain the Discovery or Request message from the client MUST contain the
FORCERENEW_NONCE_CAPABLE(<TBD>) option if the Forcerenew Nonce FORCERENEW_NONCE_CAPABLE(<TBD>) option if the Forcerenew Nonce
Protocol is to be used by the server. The absence of the Protocol is to be used by the server. The absence of the
FORCERENEW_NONCE_CAPABLE(<TBD>) option indicates to the server that FORCERENEW_NONCE_CAPABLE(<TBD>) option indicates to the server that
the Forcerenew Nonce Authentication protocol is not supported and the Forcerenew Nonce Authentication protocol is not supported and
thus the server MUST NOT include a Forcerenew Nonce Protocol thus the server MUST NOT include a Forcerenew Nonce Protocol
Authentication option in the DHCP Ack. Authentication option in the DHCP Ack.
The server indicates its support of the Forcerenew Nonce Protocol The server indicates its support of the Forcerenew Nonce Protocol
authentication by including the DHCP FORCERENEW_NONCE_CAPABLE(<TBDP>) authentication by including the DHCP FORCERENEW_NONCE_CAPABLE(<TBD>)
option in the DHCP Offer message. The server SHOULD NOT include this option in the DHCP Offer message. The server SHOULD NOT include this
option unless the client has indicated its capability in a DHCP option unless the client has indicated its capability in a DHCP
Discovery message . The presence of the Discovery message . The presence of the
FORCERENEW_NONCE_CAPABLE(<TDB>) option in the DHCP offer may be used FORCERENEW_NONCE_CAPABLE(<TDB>) option in the DHCP offer may be used
by clients to prefer Forcerenew nonce Protocol authentication-capable by clients to prefer Forcerenew nonce Protocol authentication-capable
DHCP servers over those servers which do not support such capability. DHCP servers over those servers which do not support such capability.
If a capable server receives a DISCOVER or REQUEST (any type) that
indicates the client is capable, and the server has no previous nonce
recorded, it MUST generate a nonce and include it in the ACK.
The server selects a Forcerenew nonce for a client only during The server selects a Forcerenew nonce for a client only during
Request/Ack message exchange. The server records the Forcerenew Request/Ack message exchange. The server records the Forcerenew
nonce and transmits that nonce to the client in an Authentication nonce and transmits that nonce to the client in an Authentication
option in the DHCP Ack message. option in the DHCP Ack message.
The server SHOULD NOT include the nonce in an ACK when responding to
a renew unless a nonce was generated. This minimizes the number of
times the nonce is sent over the wire.
If the server to which the DHCP Request message was sent at time T1
has not responded, the client enters the REBINDING state and attempts
to contact any server. The new Server receiving the DHCP message
MUST generate a new nonce.
The Forcerenew nonce is 128 bits long, and MUST be a The Forcerenew nonce is 128 bits long, and MUST be a
cryptographically strong random or pseudo-random number that cannot cryptographically strong random or pseudo-random number that cannot
easily be predicted. The nonce is imbedded as a 128-bit value of the easily be predicted. The nonce is embedded as a 128-bit value of the
Authentication information where type is set to 1 (Forcerenew nonce Authentication information where type is set to 1 (Forcerenew nonce
Value). Value).
To provide authentication for a Forcerenew message, the server To provide authentication for a Forcerenew message, the server
selects a replay detection value according to the RDM selected by the selects a replay detection value according to the RDM selected by the
server, and computes an HMAC-MD5 of the Forcerenew message using the server, and computes an HMAC-MD5 of the Forcerenew message, based on
Forcerenew nonce for the client. The server computes the HMAC-MD5 the procedure specified in section 21.5 of [RFC3315], using the
over the entire DHCP Forcerenew message, including the Authentication Forcerenew nonce for the client. The server computes the HMAC-MD5,
based on the procedure specified in section 21.5 of [RFC3315], over
the entire DHCP Forcerenew message, including the Authentication
option; the HMAC-MD5 field in the Authentication option is set to option; the HMAC-MD5 field in the Authentication option is set to
zero for the HMAC-MD5 computation. The server includes the HMAC-MD5 zero for the HMAC-MD5 computation. The server includes the HMAC-MD5
in the authentication information field in an Authentication option in the authentication information field in an Authentication option
included in the Forcerenew message sent to the client with type set included in the Forcerenew message sent to the client with type set
to 2 (HMAC-MD5 digest). to 2 (HMAC-MD5 digest).
3.1.4. Client considerations for Forcerenew Nonce Authentication 3.1.4. Client considerations for Forcerenew Nonce Authentication
The client MUST indicate Forcerenew nonce Capability by including the A client that supports this mechanism MUST indicate Forcerenew nonce
FORCERENEW_NONCE_CAPABLE(<TBD>) DHCP option (Section 2.1.1) in all Capability by including the FORCERENEW_NONCE_CAPABLE(<TBD>) DHCP
DHCP Discover and Request messages. DHCP servers that support option defined in Section 3.1.1 in all DHCP Discover and Request
Forcerenew nonce Protocol authentication MUST include the DHCP messages. DHCP servers that support Forcerenew nonce Protocol
Forcerenew Nonce protocol authentication option in DHCP Offers with authentication MUST include the FORCERENEW_NONCE_CAPABLE(<TBD>) DHCP
type set to zero(0), allowing the client to use this capability in option in all DHCP Offers, allowing the client to use this capability
selecting DHCP servers should multiple Offers arrive. in selecting DHCP servers should multiple Offers arrive.
A DHCP server has indicates its support through the inclusion of the
FORCERENEW_NONCE_CAPABLE(<TBD>) option in the DHCP Offer. The client
MUST validate the DHCP Ack message contains a Forcerenew Nonce in a
DHCP authentication option. If the server has indicated capability
for Forcerenew Nonce Protocol authentication in the DHCP Offer and a
subsequent Ack omits a valid DHCP authentication option for the
Forcerenew Nonce Protocol, the client MUST send a DHCP Decline
message and return to the DHCP Init state.
The client will receive a Forcerenew Nonce from the server in the The client MUST validate the DHCP Ack message contains a Forcerenew
initial DHCP Ack message from the server. The client records the Nonce in a DHCP authentication option. If the server has indicated
Forcerenew Nonce for use in authenticating subsequent Forcerenew capability for Forcerenew Nonce Protocol authentication in the DHCP
messages. OFFER and the subsequent ACK received by the client while in the
selecting state omits a valid DHCP authentication option for the
Forcerenew Nonce Protocol, the client MUST discard the message and
return to the INIT stat
The client MUST record the Forcerenew Nonce from any valid ACK it
receives, if the ACK contains one.
To authenticate a Forcerenew message, the client computes an HMAC-MD5 To authenticate a Forcerenew message, the client computes an HMAC-
over the DHCP Forcerenew message, using the Forcerenew Nonce received MD5, based on the procedure specified in section 21.5 of [RFC3315],
over the DHCP FORCERENEW message, using the Forcerenew Nonce received
from the server. If this computed HMAC-MD5 matches the value in the from the server. If this computed HMAC-MD5 matches the value in the
Authentication option, the client accepts the Forcerenew message. Authentication option, the client accepts the FORCERENEW message.
4. Acknowledgements 4. Acknowledgements
Comments are solicited and should be addressed to the DHC WG mailing Comments are solicited and should be addressed to the DHC WG mailing
list (dhcwg@ietf.org) and/or the authors. This contribution is based list (dhcwg@ietf.org) and/or the authors. This contribution is based
on work by Vitali Vinokour. Major sections of this draft use on work by Vitali Vinokour. Major sections of this draft use
modified text from [RFC3315]. The authors wish to thank Ted Lemon modified text from [RFC3315]. The authors wish to thank Ted Lemon,
and Bernie Volz for their support. Matthew Ryan and Bernie Volz for their support.
5. IANA Considerations 5. IANA Considerations
This document requests IANA to assign the following new DHCPv4 option This document requests IANA to assign the following new DHCPv4 option
code from the registry "BOOTP Vendor Extensions and DHCP Options" code from the registry "BOOTP Vendor Extensions and DHCP Options"
maintained at http://www.iana.org/assignments/bootp-dhcp-parameters: maintained at http://www.iana.org/assignments/bootp-dhcp-parameters:
an option code of TBD1 for FORCERENEW_NONCE_CAPABALE Tag: TBD
Name: FORCERENEW_NONCE_CAPABALE
Data lenght: 1
Description: Forcerenew Nonce Capable
Reference: this document
6. Security Considerations 6. Security Considerations
As in some network environments FORCERENEW can be used to snoop and As in some network environments FORCERENEW can be used to snoop and
spoof traffic, the FORCERENEW message MUST be authenticated using the spoof traffic, the FORCERENEW message MUST be authenticated using the
procedures as described in [RFC3118] or this proposal. In this procedures as described in [RFC3118] or this proposal.
proposal any party able intercept the nonce exchange could
impersonate a server and thus offers no protection from man-in-the- The mechanism in [RFC3315] for DHCPv6, which this document mirrors
middle attacks. FORCERENEW messages failing the authentication for DHCPv4, uses a nonce to prevent an off-link attacker from
should be silently discarded by the client. successfully triggering a renewal on a client by sending
DHCPFORCERENEW; since the attacker is off-link, it doesn't have the
nonce, and can't force a renewal.
An on-link attacker can always simply watch the DHCP renewal message
go out and respond to it, so this mechanism is useless for preventing
on-link attacks, and hence the security of the nonce in the case of
on-link attacks isn't relevant. Any party able to intercept the
nonce exchange could impersonate a server and thus offers no
protection from man-in-the- middle attacks. FORCERENEW messages
failing the authentication should be silently discarded by the
client.
6.1. Protocol vulnerabilities 6.1. Protocol vulnerabilities
The mechanism described in this document is vulnerable to a denial of The mechanism described in this document is vulnerable to a denial of
service attack through flooding a client with bogus FORCERENEW service attack through flooding a client with bogus FORCERENEW
messages. The calculations involved in authenticating the bogus messages. The calculations involved in authenticating the bogus
FORECERENEW messages may overwhelm the device on which the client is FORECERENEW messages may overwhelm the device on which the client is
running. running.
The mechanism described provides protection against the use of a The mechanism described provides protection against the use of a
skipping to change at page 10, line 28 skipping to change at page 12, line 8
7.2. Informative References 7.2. Informative References
[TR-101i2] [TR-101i2]
Anschutz, T., "Migration to Ethernet-Based Broadband Anschutz, T., "Migration to Ethernet-Based Broadband
Aggregation Broadband Forum TR-101 Issue 2", July 2011. Aggregation Broadband Forum TR-101 Issue 2", July 2011.
Authors' Addresses Authors' Addresses
David Miles David Miles
Alcatel-Lucent Google
L3 / 215 Spring St
Melbourne, Victoria 3000,
Australia
Phone: +61 3 9664 3308 Phone:
Fax: Fax:
Email: david.miles@alcatel-lucent.com Email:
URI: URI:
Wojciech Dec Wojciech Dec
Cisco Systems Cisco Systems
Haarlerbergpark Haarlerbergweg 13-19 Haarlerbergpark Haarlerbergweg 13-19
Amsterdam, NOORD-HOLLAND 1101 CH Amsterdam, NOORD-HOLLAND 1101 CH
Netherlands Netherlands
Phone: Phone:
Fax: Fax:
 End of changes. 35 change blocks. 
90 lines changed or deleted 150 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/