draft-ietf-lisp-sec-24.txt   draft-ietf-lisp-sec-25.txt 
skipping to change at page 1, line 14 skipping to change at page 1, line 14
Internet-Draft Cisco Systems Internet-Draft Cisco Systems
Intended status: Standards Track V.E. Ermagan Intended status: Standards Track V.E. Ermagan
Expires: 11 June 2022 Google Expires: 11 June 2022 Google
A.C. Cabellos A.C. Cabellos
Universitat Politecnica de Catalunya Universitat Politecnica de Catalunya
D.S. Saucez D.S. Saucez
Inria Inria
8 December 2021 8 December 2021
LISP-Security (LISP-SEC) LISP-Security (LISP-SEC)
draft-ietf-lisp-sec-24 draft-ietf-lisp-sec-25
Abstract Abstract
This memo specifies LISP-SEC, a set of security mechanisms that This memo specifies LISP-SEC, a set of security mechanisms that
provides origin authentication, integrity and anti-replay protection provides origin authentication, integrity and anti-replay protection
to LISP's EID-to-RLOC mapping data conveyed via mapping lookup to LISP's EID-to-RLOC mapping data conveyed via mapping lookup
process. LISP-SEC also enables verification of authorization on EID- process. LISP-SEC also enables verification of authorization on EID-
prefix claims in Map-Reply messages. prefix claims in Map-Reply messages.
Status of This Memo Status of This Memo
skipping to change at page 2, line 12 skipping to change at page 2, line 12
license-info) in effect on the date of publication of this document. license-info) in effect on the date of publication of this document.
Please review these documents carefully, as they describe your rights Please review these documents carefully, as they describe your rights
and restrictions with respect to this document. Code Components and restrictions with respect to this document. Code Components
extracted from this document must include Revised BSD License text as extracted from this document must include Revised BSD License text as
described in Section 4.e of the Trust Legal Provisions and are described in Section 4.e of the Trust Legal Provisions and are
provided without warranty as described in the Revised BSD License. provided without warranty as described in the Revised BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 3
2. Requirements Language . . . . . . . . . . . . . . . . . . . . 3 2. Requirements Notation . . . . . . . . . . . . . . . . . . . . 3
3. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 3 3. Definition of Terms . . . . . . . . . . . . . . . . . . . . . 3
4. LISP-SEC Threat Model . . . . . . . . . . . . . . . . . . . . 4 4. LISP-SEC Threat Model . . . . . . . . . . . . . . . . . . . . 4
5. Protocol Operations . . . . . . . . . . . . . . . . . . . . . 5 5. Protocol Operations . . . . . . . . . . . . . . . . . . . . . 5
6. LISP-SEC Control Messages Details . . . . . . . . . . . . . . 7 6. LISP-SEC Control Messages Details . . . . . . . . . . . . . . 7
6.1. Encapsulated Control Message LISP-SEC Extensions . . . . 7 6.1. Encapsulated Control Message LISP-SEC Extensions . . . . 7
6.2. Map-Reply LISP-SEC Extensions . . . . . . . . . . . . . . 10 6.2. Map-Reply LISP-SEC Extensions . . . . . . . . . . . . . . 10
6.3. Map-Register LISP-SEC Extentions . . . . . . . . . . . . 11 6.3. Map-Register LISP-SEC Extentions . . . . . . . . . . . . 11
6.4. ITR Processing: Generating a Map-Request . . . . . . . . 12 6.4. ITR Processing: Generating a Map-Request . . . . . . . . 12
6.4.1. PITR Processing . . . . . . . . . . . . . . . . . . . 12 6.4.1. PITR Processing . . . . . . . . . . . . . . . . . . . 12
6.5. Encrypting and Decrypting an OTK . . . . . . . . . . . . 13 6.5. Encrypting and Decrypting an OTK . . . . . . . . . . . . 13
skipping to change at page 2, line 51 skipping to change at page 2, line 51
Attacks . . . . . . . . . . . . . . . . . . . . . . . . . 23 Attacks . . . . . . . . . . . . . . . . . . . . . . . . . 23
8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23 8. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 23
8.1. ECM AD Type Registry . . . . . . . . . . . . . . . . . . 23 8.1. ECM AD Type Registry . . . . . . . . . . . . . . . . . . 23
8.2. Map-Reply AD Type Registry . . . . . . . . . . . . . . . 23 8.2. Map-Reply AD Type Registry . . . . . . . . . . . . . . . 23
8.3. HMAC Functions . . . . . . . . . . . . . . . . . . . . . 24 8.3. HMAC Functions . . . . . . . . . . . . . . . . . . . . . 24
8.4. Key Wrap Functions . . . . . . . . . . . . . . . . . . . 24 8.4. Key Wrap Functions . . . . . . . . . . . . . . . . . . . 24
8.5. Key Derivation Functions . . . . . . . . . . . . . . . . 24 8.5. Key Derivation Functions . . . . . . . . . . . . . . . . 24
9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 25 9. Acknowledgements . . . . . . . . . . . . . . . . . . . . . . 25
10. References . . . . . . . . . . . . . . . . . . . . . . . . . 25 10. References . . . . . . . . . . . . . . . . . . . . . . . . . 25
10.1. Normative References . . . . . . . . . . . . . . . . . . 25 10.1. Normative References . . . . . . . . . . . . . . . . . . 25
10.2. Informative References . . . . . . . . . . . . . . . . . 26 10.2. Informational References . . . . . . . . . . . . . . . . 26
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 27
1. Introduction 1. Introduction
The Locator/ID Separation Protocol The Locator/ID Separation Protocol
[I-D.ietf-lisp-rfc6830bis],[I-D.ietf-lisp-rfc6833bis] is a network- [I-D.ietf-lisp-rfc6830bis],[I-D.ietf-lisp-rfc6833bis] is a network-
layer-based protocol that enables separation of IP addresses into two layer-based protocol that enables separation of IP addresses into two
new numbering spaces: Endpoint Identifiers (EIDs) and Routing new numbering spaces: Endpoint Identifiers (EIDs) and Routing
Locators (RLOCs). EID-to-RLOC mappings are stored in a database, the Locators (RLOCs). EID-to-RLOC mappings are stored in a database, the
skipping to change at page 3, line 43 skipping to change at page 3, line 43
entitled to do so according to the EID prefix registered in the entitled to do so according to the EID prefix registered in the
associated Map-Server. Map-Register/Map-Notify security, including associated Map-Server. Map-Register/Map-Notify security, including
the right for a LISP entity to register an EID-prefix or to claim the right for a LISP entity to register an EID-prefix or to claim
presence at an RLOC, is out of the scope of LISP-SEC as those presence at an RLOC, is out of the scope of LISP-SEC as those
protocols are protected by the security mechanisms specified in protocols are protected by the security mechanisms specified in
[I-D.ietf-lisp-rfc6833bis]. However, LISP-SEC extends the Map- [I-D.ietf-lisp-rfc6833bis]. However, LISP-SEC extends the Map-
Register message to allow an ITR to securely downgrade to non LISP- Register message to allow an ITR to securely downgrade to non LISP-
SEC Map-Requests. Additional security considerations are described SEC Map-Requests. Additional security considerations are described
in Section 6. in Section 6.
2. Requirements Language 2. Requirements Notation
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
document are to be interpreted as described in BCP14 [RFC2119] "OPTIONAL" in this document are to be interpreted as described in BCP
[RFC8174] when, and only when, they appear in all capitals, as shown 14 [RFC2119] [RFC8174] when, and only when, they appear in all
here. capitals, as shown here.
3. Definition of Terms 3. Definition of Terms
One-Time Key (OTK): An ephemeral randomly generated key that must One-Time Key (OTK): An ephemeral randomly generated key that must
be used for a single Map-Request/Map-Reply exchange. be used for a single Map-Request/Map-Reply exchange.
ITR One-Time Key (ITR-OTK): The One-Time Key generated at the ITR One-Time Key (ITR-OTK): The One-Time Key generated at the
Ingress Tunnel Router (ITR). Ingress Tunnel Router (ITR).
MS One-Time Key (MS-OTK): The One-Time Key generated at the Map- MS One-Time Key (MS-OTK): The One-Time Key generated at the Map-
Server. Server.
skipping to change at page 23, line 40 skipping to change at page 23, line 40
registry with values 0-255, for use in the ECM LISP-SEC Extensions registry with values 0-255, for use in the ECM LISP-SEC Extensions
Section 6.1. The registry MUST be initially populated with the Section 6.1. The registry MUST be initially populated with the
following values: following values:
Name Value Defined In Name Value Defined In
------------------------------------------------- -------------------------------------------------
Reserved 0 This memo Reserved 0 This memo
LISP-SEC-ECM-EXT 1 This memo LISP-SEC-ECM-EXT 1 This memo
Values 2-255 are unassigned. They are to be assigned according to Values 2-255 are unassigned. They are to be assigned according to
the "Specification Required" policy defined in [RFC5226]. the "Specification Required" policy defined in [RFC8126].
8.2. Map-Reply AD Type Registry 8.2. Map-Reply AD Type Registry
IANA is requested to create the "Map-Reply Authentication Data Type" IANA is requested to create the "Map-Reply Authentication Data Type"
registry with values 0-255, for use in the Map-Reply LISP-SEC registry with values 0-255, for use in the Map-Reply LISP-SEC
Extensions Section 6.2. The registry MUST be initially populated Extensions Section 6.2. The registry MUST be initially populated
with the following values: with the following values:
Name Value Defined In Name Value Defined In
------------------------------------------------- -------------------------------------------------
Reserved 0 This memo Reserved 0 This memo
LISP-SEC-MR-EXT 1 This memo LISP-SEC-MR-EXT 1 This memo
Values 2-255 are unassigned. They are to be assigned according to Values 2-255 are unassigned. They are to be assigned according to
the "Specification Required" policy defined in [RFC5226]. the "Specification Required" policy defined in [RFC8126].
8.3. HMAC Functions 8.3. HMAC Functions
IANA is requested to create the "LISP-SEC Authentication Data HMAC IANA is requested to create the "LISP-SEC Authentication Data HMAC
ID" registry with values 0-65535 for use as Requested HMAC ID, EID ID" registry with values 0-65535 for use as Requested HMAC ID, EID
HMAC ID, and PKT HMAC ID in the LISP-SEC Authentication Data: HMAC ID, and PKT HMAC ID in the LISP-SEC Authentication Data:
Name Number Defined In Name Number Defined In
------------------------------------------------- -------------------------------------------------
NONE 0 This memo NONE 0 This memo
AUTH-HMAC-SHA-1-96 1 [RFC2104] AUTH-HMAC-SHA-1-96 1 [RFC2104]
AUTH-HMAC-SHA-256-128 2 [RFC6234] AUTH-HMAC-SHA-256-128 2 [RFC6234]
Values 3-65535 are unassigned. They are to be assigned according to Values 3-65535 are unassigned. They are to be assigned according to
the "Specification Required" policy defined in [RFC5226]. the "Specification Required" policy defined in [RFC8126].
AUTH-HMAC-SHA-1-96 MUST be supported, AUTH-HMAC-SHA-256-128 SHOULD be AUTH-HMAC-SHA-1-96 MUST be supported, AUTH-HMAC-SHA-256-128 SHOULD be
supported. supported.
8.4. Key Wrap Functions 8.4. Key Wrap Functions
IANA is requested to create the "LISP-SEC Authentication Data Key IANA is requested to create the "LISP-SEC Authentication Data Key
Wrap ID" registry with values 0-65535 for use as OTK key wrap Wrap ID" registry with values 0-65535 for use as OTK key wrap
algorithms ID in the LISP-SEC Authentication Data: algorithms ID in the LISP-SEC Authentication Data:
Name Number KEY WRAP KDF Name Number KEY WRAP KDF
----------------------------------------------------------------- -----------------------------------------------------------------
Reserved 0 None None Reserved 0 None None
NULL-KEY-WRAP-128 1 This memo None NULL-KEY-WRAP-128 1 This memo None
AES-KEY-WRAP-128+HKDF-SHA256 2 [RFC3394] [RFC4868] AES-KEY-WRAP-128+HKDF-SHA256 2 [RFC3394] [RFC4868]
Values 3-65535 are unassigned. They are to be assigned according to Values 3-65535 are unassigned. They are to be assigned according to
the "Specification Required" policy defined in [RFC5226]. the "Specification Required" policy defined in [RFC8126].
NULL-KEY-WRAP-128, and AES-KEY-WRAP-128+HKDF-SHA256 MUST be NULL-KEY-WRAP-128, and AES-KEY-WRAP-128+HKDF-SHA256 MUST be
supported. supported.
NULL-KEY-WRAP-128 is used to carry an unencrypted 128-bit OTK, with a NULL-KEY-WRAP-128 is used to carry an unencrypted 128-bit OTK, with a
64-bit preamble set to 0x0000000000000000 (64 bits). 64-bit preamble set to 0x0000000000000000 (64 bits).
8.5. Key Derivation Functions 8.5. Key Derivation Functions
IANA is requested to create the "LISP-SEC Authentication Data Key IANA is requested to create the "LISP-SEC Authentication Data Key
Derivation Function ID" registry with values 0-65535 for use as KDF Derivation Function ID" registry with values 0-65535 for use as KDF
ID in the LISP-SEC Authentication Data: ID in the LISP-SEC Authentication Data:
Name Number Defined In Name Number Defined In
------------------------------------------------- -------------------------------------------------
NONE 0 This memo NONE 0 This memo
HKDF-SHA1-128 1 [RFC5869] HKDF-SHA1-128 1 [RFC5869]
Values 2-65535 are unassigned. They are to be assigned according to Values 2-65535 are unassigned. They are to be assigned according to
the "Specification Required" policy defined in [RFC5226]. the "Specification Required" policy defined in [RFC8126].
HKDF-SHA1-128 MUST be supported HKDF-SHA1-128 MUST be supported
9. Acknowledgements 9. Acknowledgements
The authors would like to acknowledge Pere Monclus, Dave Meyer, Dino The authors would like to acknowledge Pere Monclus, Dave Meyer, Dino
Farinacci, Brian Weis, David McGrew, Darrel Lewis and Landon Curt Farinacci, Brian Weis, David McGrew, Darrel Lewis and Landon Curt
Noll for their valuable suggestions provided during the preparation Noll for their valuable suggestions provided during the preparation
of this document. of this document.
10. References 10. References
10.1. Normative References 10.1. Normative References
[AFN] IANA - Internet Assigned Numbers Authority, "Address
Family Numbers", 2021,
<http://www.iana.org/assignments/address-family-numbers/>.
[I-D.ietf-lisp-rfc6833bis] [I-D.ietf-lisp-rfc6833bis]
Farinacci, D., Maino, F., Fuller, V., and A. Cabellos, Farinacci, D., Maino, F., Fuller, V., and A. Cabellos,
"Locator/ID Separation Protocol (LISP) Control-Plane", "Locator/ID Separation Protocol (LISP) Control-Plane",
Work in Progress, Internet-Draft, draft-ietf-lisp- Work in Progress, Internet-Draft, draft-ietf-lisp-
rfc6833bis-30, 18 November 2020, rfc6833bis-30, 18 November 2020,
<https://www.ietf.org/archive/id/draft-ietf-lisp- <https://www.ietf.org/archive/id/draft-ietf-lisp-
rfc6833bis-30.txt>. rfc6833bis-30.txt>.
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104,
DOI 10.17487/RFC2104, February 1997,
<https://www.rfc-editor.org/info/rfc2104>.
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, Requirement Levels", BCP 14, RFC 2119,
DOI 10.17487/RFC2119, March 1997, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>. <https://www.rfc-editor.org/info/rfc2119>.
[RFC3394] Schaad, J. and R. Housley, "Advanced Encryption Standard
(AES) Key Wrap Algorithm", RFC 3394, DOI 10.17487/RFC3394,
September 2002, <https://www.rfc-editor.org/info/rfc3394>.
[RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker, [RFC4086] Eastlake 3rd, D., Schiller, J., and S. Crocker,
"Randomness Requirements for Security", BCP 106, RFC 4086, "Randomness Requirements for Security", BCP 106, RFC 4086,
DOI 10.17487/RFC4086, June 2005, DOI 10.17487/RFC4086, June 2005,
<https://www.rfc-editor.org/info/rfc4086>. <https://www.rfc-editor.org/info/rfc4086>.
[RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA- [RFC4868] Kelly, S. and S. Frankel, "Using HMAC-SHA-256, HMAC-SHA-
384, and HMAC-SHA-512 with IPsec", RFC 4868, 384, and HMAC-SHA-512 with IPsec", RFC 4868,
DOI 10.17487/RFC4868, May 2007, DOI 10.17487/RFC4868, May 2007,
<https://www.rfc-editor.org/info/rfc4868>. <https://www.rfc-editor.org/info/rfc4868>.
[RFC5226] Narten, T. and H. Alvestrand, "Guidelines for Writing an [RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer
IANA Considerations Section in RFCs", RFC 5226, Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347,
DOI 10.17487/RFC5226, May 2008, January 2012, <https://www.rfc-editor.org/info/rfc6347>.
<https://www.rfc-editor.org/info/rfc5226>.
[RFC8126] Cotton, M., Leiba, B., and T. Narten, "Guidelines for
Writing an IANA Considerations Section in RFCs", BCP 26,
RFC 8126, DOI 10.17487/RFC8126, June 2017,
<https://www.rfc-editor.org/info/rfc8126>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
10.2. Informational References
[AFN] IANA - Internet Assigned Numbers Authority, "Address
Family Numbers", 2021,
<http://www.iana.org/assignments/address-family-numbers/>.
[I-D.ietf-lisp-rfc6830bis]
Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A.
Cabellos, "The Locator/ID Separation Protocol (LISP)",
Work in Progress, Internet-Draft, draft-ietf-lisp-
rfc6830bis-36, 18 November 2020,
<https://www.ietf.org/archive/id/draft-ietf-lisp-
rfc6830bis-36.txt>.
[RFC2104] Krawczyk, H., Bellare, M., and R. Canetti, "HMAC: Keyed-
Hashing for Message Authentication", RFC 2104,
DOI 10.17487/RFC2104, February 1997,
<https://www.rfc-editor.org/info/rfc2104>.
[RFC3394] Schaad, J. and R. Housley, "Advanced Encryption Standard
(AES) Key Wrap Algorithm", RFC 3394, DOI 10.17487/RFC3394,
September 2002, <https://www.rfc-editor.org/info/rfc3394>.
[RFC5869] Krawczyk, H. and P. Eronen, "HMAC-based Extract-and-Expand [RFC5869] Krawczyk, H. and P. Eronen, "HMAC-based Extract-and-Expand
Key Derivation Function (HKDF)", RFC 5869, Key Derivation Function (HKDF)", RFC 5869,
DOI 10.17487/RFC5869, May 2010, DOI 10.17487/RFC5869, May 2010,
<https://www.rfc-editor.org/info/rfc5869>. <https://www.rfc-editor.org/info/rfc5869>.
[RFC6347] Rescorla, E. and N. Modadugu, "Datagram Transport Layer [RFC6234] Eastlake 3rd, D. and T. Hansen, "US Secure Hash Algorithms
Security Version 1.2", RFC 6347, DOI 10.17487/RFC6347, (SHA and SHA-based HMAC and HKDF)", RFC 6234,
January 2012, <https://www.rfc-editor.org/info/rfc6347>. DOI 10.17487/RFC6234, May 2011,
<https://www.rfc-editor.org/info/rfc6234>.
[RFC6836] Fuller, V., Farinacci, D., Meyer, D., and D. Lewis, [RFC6836] Fuller, V., Farinacci, D., Meyer, D., and D. Lewis,
"Locator/ID Separation Protocol Alternative Logical "Locator/ID Separation Protocol Alternative Logical
Topology (LISP+ALT)", RFC 6836, DOI 10.17487/RFC6836, Topology (LISP+ALT)", RFC 6836, DOI 10.17487/RFC6836,
January 2013, <https://www.rfc-editor.org/info/rfc6836>. January 2013, <https://www.rfc-editor.org/info/rfc6836>.
[RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID [RFC7835] Saucez, D., Iannone, L., and O. Bonaventure, "Locator/ID
Separation Protocol (LISP) Threat Analysis", RFC 7835, Separation Protocol (LISP) Threat Analysis", RFC 7835,
DOI 10.17487/RFC7835, April 2016, DOI 10.17487/RFC7835, April 2016,
<https://www.rfc-editor.org/info/rfc7835>. <https://www.rfc-editor.org/info/rfc7835>.
[RFC8060] Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical [RFC8060] Farinacci, D., Meyer, D., and J. Snijders, "LISP Canonical
Address Format (LCAF)", RFC 8060, DOI 10.17487/RFC8060, Address Format (LCAF)", RFC 8060, DOI 10.17487/RFC8060,
February 2017, <https://www.rfc-editor.org/info/rfc8060>. February 2017, <https://www.rfc-editor.org/info/rfc8060>.
[RFC8174] Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC
2119 Key Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174,
May 2017, <https://www.rfc-editor.org/info/rfc8174>.
10.2. Informative References
[I-D.ietf-lisp-rfc6830bis]
Farinacci, D., Fuller, V., Meyer, D., Lewis, D., and A.
Cabellos, "The Locator/ID Separation Protocol (LISP)",
Work in Progress, Internet-Draft, draft-ietf-lisp-
rfc6830bis-36, 18 November 2020,
<https://www.ietf.org/archive/id/draft-ietf-lisp-
rfc6830bis-36.txt>.
Authors' Addresses Authors' Addresses
Fabio Maino Fabio Maino
Cisco Systems Cisco Systems
170 Tasman Drive 170 Tasman Drive
San Jose, California 95134 San Jose, California 95134
United States of America United States of America
Email: fmaino@cisco.com Email: fmaino@cisco.com
 End of changes. 16 change blocks. 
47 lines changed or deleted 52 lines changed or added

This html diff was produced by rfcdiff 1.48. The latest version is available from http://tools.ietf.org/tools/rfcdiff/