The Integration of the Bundle Security Protocol Features into DTN2 Walter J. Scheirer and Prof. Mooi Choo Chuah Department of Computer Science and Engineering Lehigh University

References: Bundle Security Protocol Specification  draft-irtf-dtnrg-bundle-security-00, June 8, 2005 Bundle Protocol Specification  draft-irtf-dtnrg-bundle-spec-03.txt, July 2005 *  draft-irtf-dtnrg-bundle-spec-02.txt, Sept DTN2  Sept. 6, 2005 CVS revision  Current

Major Features Bundle Authentication Header (BAH) Payload Security Header (PSH) Confidentiality Header (CH) Bundle Fragmentation/Reassembly

Summary of Technical Approach Bundle Authentication Header (BAH)  The BAH is used to assure the authenticity of the bundle along a single hop from sender to recipient Payload Security Header (PSH)  The PSH is used to assure the authenticity of the bundle from the PSH security source, which creates the PSH, to the PSH security destination, which verifies the PSH authenticator Confidentiality Header (CH)  The CH is used to indicate that the bundle payload has been encrypted while en route between the CH source and the CH security destination

Summary of Technical Approach Each node will turn on the optional security-related delivery option parameters if it desires certain security features -  if it desires confidentiality, then a CH header must be applied to the bundle  if it desires authentication, a PSH and/or a BAH must be applied and the relevant parts of the bundle digitally signed or MACed appropriately

Bundle with security headers BAH (w/ signed Hash value All other Headers Primary Bundle Header Payload Class Len. Payload AE78F98D567BB32CAD5F4D PSH (w/ signed Hash value) Confid. Header 567BB32CAD5F4D All other Headers Primary Bundle Header Len. Payload Segment Size Payload Hash Size Toilet Paper Ciphersuite ID Format flag Key ID (optional) Len.0 BAH All other Headers Primary Bundle Header Payload Class Len. Payload AE78F98D Payload Segment Size Payload Hash Size Toilet Paper Ciphersuite ID Format flag Next Hdr Key ID (optional) Len.0 PSH (w/ signed Hash value) BAH Fragment Header (offset=9) Next Hdr PSH, confidentiality header and payload class field deleted from successive fragments Authent. of Hdr & payload segment Authent. of Hdr & payload segment Fragment Header (offset=0) Authent. of Hdr & payload segment Confid. Header Challenges faced in fragmentation scenario:

Implementation Details Ciphersuites  Have been implemented using the OpenSSL (v a, Fedora Core 2) library  Significant code addition to servlib/bundling/BundleProtocol.cc  BAH EntireBundleHMAC, HeadofBundleHMAC, HeadOfBundleSig, EntireBundleSig, EntireBundleMAC

Implementation Details  PSH EntireBundleHMAC  CH Payload Encryption - Blowfish Support different combinations of Headers  BAH, PSH, CH; BAH and PSH; BAH and CH

Implementation Details Security Headers populate header fields apply ciphersuite append to bundle Sending parse header fields apply ciphersuite verify integrity Receiving

Implementation Details Protocol Stack Bundle Transmitted BundleProtocol.cc / format_headers() build CH build PSH build BAH TCP Convergence LayerBundle Received BundleProtocol.cc / parse_headers() check CH check PSH check BAH TCP Convergence Layer

Questions?