BGPSEC Protocol (From -01 to -02 and on to -03) Matt Lepinski.

Slides:



Advertisements
Similar presentations
A Threat Model for BGPSEC
Advertisements

A Threat Model for BGPSEC Steve Kent BBN Technologies.
RPKI Standards Activity Geoff Huston APNIC February 2010.
Overview of draft-ietf-sidr-roa-format-01.txt Matt Lepinski BBN Technologies.
Entire Routes Reflecting capability draft-zhang-idr-bgp-entire-routes-reflect-00.txt Zhang Renhai :
Review of draft-ietf-sidr-arch-01.txt Steve Kent BBN Technologies.
IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.
Cryptology Digital Signatures and Digital Certificates Prof. David Singer Dept. of Mathematics Case Western Reserve University.
APNIC eLearning: Intro to RPKI 10 December :30 PM AEST Brisbane (UTC+10)
Mapping Internet Addresses to Physical Addresses (ARP)
Draft-ietf-sidr-bgpsec-protocol Matt Lepinski
SHIM6 Protocol Drafts Overview Geoff Huston, Marcelo Bagnulo, Erik Nordmark.
BGPSEC Router Key Roll-over draft-rogaglia-sidr-bgpsec-rollover-00 Roque Gagliano Keyur Patel Brian Weis.
BGPSEC : A BGP Extension to Support AS-Path Validation Matt Lepinski BBN Technologies.
BGPSEC router key rollover as an alternative to beaconing Roque Gagliano Keyur Patel Brian Weis draft-ietf-sidr-bgpsec-rollover-01.
1 draft-sidr-bgpsec-protocol-05 Open Issues. 2 Overview I received many helpful reviews: Thanks Rob, Sandy, Sean, Randy, and Wes Most issues are minor.
Currently Open Issues in the MIPv6 Base RFC MIPv6 security design team.
Requirements and Selection Process for RADIUS Crypto-Agility December 5, 2007 David B. Nelson IETF 70 Vancouver, BC.
Draft-ietf-sidr-roa-format draft-ietf-sidr-arch Matt Lepinski BBN Technologies.
© 2009 Cisco Systems, Inc. All rights reserved. Cisco Public Presentation_ID 1 BGP Diagnostic Message draft-raszuk-bgp-diagnostic-message-00 Robert Raszuk,
Praveen Muley (Alcatel), Susan Hares (NextHop), Keyur Patel (Cisco), Luyuan Fang (AT&T), Benson Schliesser (Savvis), Nabil Bitar (Verizon) Group Cooperative.
intra-va-01.txt -01 Draft of: “FIB Suppression with Virtual Aggregation and Default Routes” Paul.
Multicasting EECS June Multicast One-to-many, many-to-many communications Applications: – Teleconferencing – Database – Distributed computing.
BGP UPDATE-v2 Gargi Nalawade Himanshu Shah. Problem description Current UPDATE message was intended to carry IPv4 NLRIs Non-IPv4 NLRIs as well as NEXTHOP.
AS Numbers - Again Geoff Huston APNIC October 2009
Fri 2 Aug 2013SIDR IETF 87 Berlin, German1 BGPSEC Protcol Error Handling IETF 87 Berlin, Germany Wednesday, 31 Jul 2013 Friday, 2 Aug 2013.
HUAWEI TECHNOLOGIES CO., LTD. All rights reserved Internal DP MP-BGP for IPv6 原理 ISSUE 1.0.
Document update - what has happened since GGF11
Advertising Generic Information in IS-IS
Secure Proxy ND Support for SEND draft-krishnan-csi-proxy-send-00
Internet Networking recitation #9
Auto-Detecting Hijacked Prefixes?
NFD Tunnel Authentication
RPSEC WG Issues with Routing Protocols security mechanisms
draft-ietf-simple-message-sessions-00 Ben Campbell
IETF 81 Quebec, QC, Canada Thursday, 28 July, 2011
MPTCP – Multipath TCP WG Meeting Berlin, IETF-87, 30th July 2013
CSE 4905 IPsec II.
IPv6 Flow Label Specification
NAT State Synchronization using SCSP draft-xu-behave-nat-state-sync-01
draft-baker-opsawg-firewalls
Goals of soBGP Verify the origin of advertisements
In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia
Les Ginsberg Stefano Previdi Peter Psenak Martin Pilka
Bundle Protocol Specification
Internet Routing Health Measurement Bar BoF
Softwire Security Update
Formats for long term signatures
BGPSEC Potential Optimizations for AS-PATH Prepending and Transparent Route Servers. sidr wg / Québec City Doug Montgomery
Internet Protocol Version4
Multi-addressed Multipath TCP
Chapter 7 STRENGTH OF ENCRYPTION & Public Key Infrastructure
Internet Protocol Version4
CNA Processes CVE Team.
Geoff Huston APNIC August 2009
John Scudder October 24, 2000 BGP Update John Scudder October 24, 2000.
APNIC Trial of Certification of IP Addresses and ASes
SSL (Secure Socket Layer)
Updates to Draft Specification for DTN TCPCLv4
IP - The Internet Protocol
Internet Networking recitation #10
Using networks to be more effective
An Update on BGP Support for 4-byte ASN
Net 323 D: Networks Protocols
RIPE October 2005 Geoff Huston APNIC
Agenda Getting Started Performance Management
Export BGP community information in IPFIX draft-ietf-opsawg-ipfix-bgp-community-01.txt Zhenqiang Li Rong Gu China Mobile Jie Dong Huawei Technologies.
OBSS HCCA Race Condition
BPSec: AD Review Comments and Responses
Supporting Flexible Algorithm Prefix SIDs in LSP Ping/Traceroute
Presentation transcript:

BGPSEC Protocol (From -01 to -02 and on to -03) Matt Lepinski

Agenda Overview BGPSEC Capability Format of BGPSEC_Path_Signatures Replay Protection Key Topic Today

Overview: What's happened since Taipei? Lots of feedback on attribute formats Thanks to all who have provided feedback! If you are thinking about implementation please let me know what you think of the -03 formats Feb. Interim after NANOG in San Diego Thanks to everyone who showed up! Replay Protection Route Leaks

Overview: Document Status I published an -02 version based on discussions at the February interim Since then I have gotten feedback that the attribute formats in the -02 version are not implementation- friendly An -03 version is in the drafts archive today addresses this feedback I will talk about the -02 and -03 versions in this presentation Goal: Publish a version of the document in May that has a stable attribute format

BGPSEC Capability Change from -01 to -02: BGPSEC Capability uses exactly the same AFI/SAFI format as RFC 4760 Namely: 2-octet AFI and 1-octet SAFI Note that for this version of the spec, BGPSEC is still only defined for IPv4 and Ipv6.

Path_Signatures Format Feedback from -01: Don't use AS_Path for data that is semantically different than BGP-4 AS_Path Don't duplicate data It just creates more error cases! Bring AS number into the BGPSEC_Path_Signatures attribute So the validation procedure doesn't need to hunt for it Make sure all of the lengths are explicit

First Try: The -02 Format Algorithm Suite 1 Algorithm Suite 2 Reserved (signed) AS Number pCount SKI 1 Length SKI 1 Repeats once per AS Signature 1 Length Signature 1 SKI 2 Length SKI 2 Signature 2 Length Signature 2

Next Try : The -03 Format AS Number pCount Reserved (signed) Secure Path Reserved (signed) Flags (signed) … Alg Suite ID 1 Alg Suite ID 2 SKI Length SKI Length SKI SKI Sig Block 1 Sig Block 2 Sig Length Sig Length Sig Sig … …

A Couple Notes on the -03 Format We will talk about “Reserved” later with regards to replay protection Note that the Secure_Path and both Signature_Blocks have their own length field (which didn't fit conveniently in the diagram) Since AS number is now in the BGPSEC_Path_Signatures attribute, to avoid repeating data we DO NOT include AS4_Path in signed update messages Note that Flags could be used in future for something like “customer”/”transit” coloring

SKI Length ? Recall, that the (AS, SKI) pair is used to look up a key (from a valid certificate) in your cache Currently, the RPKI specs mandate a 20 byte SKI Within your AS you should have two different keys with the same SKI And a collision occurs, just generate a new key Is there any reason we would ever want to change the RPKI specs to allow longer SKIs?

Replay Protection Version -01 had an Expire-Time in the BGPSEC_Path_Signatures Used a “beaconing” mechanism in which each prefix was re-advertised periodically With a new Expire-Time and a new Signature Goal was to protect against replay of stale signatures E.g., Business relationship changes, but old business partner still has my signature saying that path from me to old partner is valid

Replay Protection Disadvantages of the -01 use of Expire-Time were discussed at length at the Feb interim Consensus was to remove this mechanism from the -02 draft Needs more discussion! -02 and -03 have there is a “reserved” field Sender sets to zero, receiver ignores value Should permit backwards-compatible introduction of an Expire-Time variant in the future, if desired

Summary of Proposed Mechanisms Expire-Time mechanism from -01 Key Issue: Frequent sending of “beacons” inflicts high cost on the routing system There may be an incentive to set low expire time (frequent beacons) to gain “better” protection

Summary of Proposed Mechanisms Use of RPKI to invalidate old signatures Idea: Revoke a certificate in the case of suspected vulnerability to replay attack (e.g., business relationship changes) Key Issue: Frequent revocation/expiration of RPKI certificates would have high network cost Idea needs to be made more concrete if we are to give advice to BGPSEC operators

Summary of Proposed Mechanisms Expire-Time with Coarse Granularity Idea: Set units of Expire-Time to be something like “days” Provides some protection with less network load Key Issue: More discussion is needed regarding how to set the correct units. Very difficult to change units if we choose poorly

Summary of Proposed Mechanisms Signing-Time with implicit validity period Idea: Validity period not chosen by the sender, all signatures have a (relatively long) implicit validity period Key Issue: More discussion is needed regarding how to set the implicit validity period Very difficult to change implicit validity period if we choose poorly

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.