Internet-Draft | IOAM Data Fields Integrity | July 2021 |
Brockners, et al. | Expires 8 January 2022 | [Page] |
In-situ Operations, Administration, and Maintenance (IOAM) records operational and telemetry information in the packet while the packet traverses a path between two points in the network. This document is to assist the IPPM WG in designing a solution for those deployments where the integrity of IOAM data fields is a concern. This document proposes several methods to ensure the integrity of IOAM data fields.¶
This Internet-Draft is submitted in full conformance with the provisions of BCP 78 and BCP 79.¶
Internet-Drafts are working documents of the Internet Engineering Task Force (IETF). Note that other groups may also distribute working documents as Internet-Drafts. The list of current Internet-Drafts is at https://datatracker.ietf.org/drafts/current/.¶
Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress."¶
This Internet-Draft will expire on 8 January 2022.¶
Copyright (c) 2021 IETF Trust and the persons identified as the document authors. All rights reserved.¶
This document is subject to BCP 78 and the IETF Trust's Legal Provisions Relating to IETF Documents (https://trustee.ietf.org/license-info) in effect on the date of publication of this document. Please review these documents carefully, as they describe your rights and restrictions with respect to this document. Code Components extracted from this document must include Simplified BSD License text as described in Section 4.e of the Trust Legal Provisions and are provided without warranty as described in the Simplified BSD License.¶
"In-situ" Operations, Administration, and Maintenance (IOAM) records OAM information within the packet while the packet traverses a particular network domain. The term "in-situ" refers to the fact that the OAM data is added to the data packets rather than is being sent within packets specifically dedicated to OAM. IOAM is to complement mechanisms such as Ping, Traceroute, or other active probing mechanisms. In terms of "active" or "passive" OAM, "in-situ" OAM can be considered a hybrid OAM type. "In-situ" mechanisms do not require extra packets to be sent. IOAM adds information to the already available data packets and therefore cannot be considered passive. In terms of the classification given in [RFC7799] IOAM could be portrayed as Hybrid Type 1. IOAM mechanisms can be leveraged where mechanisms using e.g. ICMP do not apply or do not offer the desired results, such as proving that a certain traffic flow takes a pre-defined path, SLA verification for the live data traffic, detailed statistics on traffic distribution paths in networks that distribute traffic across multiple paths, or scenarios in which probe traffic is potentially handled differently from regular data traffic by the network devices.¶
The current [I-D.ietf-ippm-ioam-data] assumes that IOAM is deployed in specific network domains, where an operator has means to select, monitor, and control the access to all the networking devices, making the domain a trusted network. As such, IOAM tracing data is carried in the packets in clear and there are no protections against any node or middlebox tampering with the data. As a consequence, IOAM tracing data collected in an untrusted or semi-trusted environments cannot be trusted for critical operational decisions. Any rogue or unauthorized change to IOAM data fields in a user packet cannot be detected.¶
Recent discussions following the IETF last call on [I-D.ietf-ippm-ioam-data] revealed that there might be uses of IOAM where integrity protection of IOAM data fields is at least desirable, knowing that IOAM data fields integrity protection would incur extra effort in the data path of a device processing IOAM data fields. As such, the following additional considerations and requirements are to be taken into account in addition to addressing the problem of detectability of any integrity breach of the IOAM trace data collected:¶
This document is to assist the IPPM working group in designing and specifying a solution for those deployments where the integrity of IOAM data fields is a concern. This document proposes several methods to achieve integrity protection for IOAM data fields.¶
The discussion of the different methods to protect the integrity of IOAM data fields focuses mostly on protecting the integrity of IOAM trace data fields, though the outlined methods are not limited to protecting IOAM trace data fields only. The methods could be applied to other IOAM Option-Types, such as the E2E Option-Type or the DEX Option-Type. If methods only apply to a specific set of IOAM Option-Types, like e.g. the method 5 discussed below, those limits are discussed and explained explicitly.¶
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119].¶
Abbreviations used in this document:¶
This section presents a threat analysis of integrity-related threats in the context of IOAM. The threats that are discussed are assumed to be independent of the lower layer protocols; it is assumed that threats at other layers are handled by security mechanisms that are deployed at these layers.¶
This document is focused on integrity protection for IOAM data fields. Thus the threat analysis includes threats that are related to or result from compromising the integrity of IOAM data fields. Other security aspects such as confidentiality are not within the scope of this document.¶
Throughout the analysis there is a distinction between on-path and off-path attackers. As discussed in [I-D.ietf-detnet-security], on-path attackers are located in a position that allows interception and modification of in-flight protocol packets, whereas off-path attackers can only attack by generating protocol packets.¶
The analysis also includes the impact of each of the threats. Generally speaking, the impact of a successful attack on an OAM protocol [RFC7276] is a false illusion of nonexistent failures or preventing the detection of actual ones; in both cases, the attack may result in denial of service (DoS). Furthermore, creating the false illusion of a nonexistent issue may trigger unnecessary processing in some of the IOAM nodes along the path, and may cause more IOAM-related data to be exported to the management plane than is conventionally necessary. Beyond these general impacts, threat-specific impacts are discussed in each of the subsections below.¶
Threat¶
Impact¶
Threat¶
Impact¶
Threat¶
Impact¶
Threat¶
Impact¶
Threat¶
Impact¶
Threat¶
Impact¶
Threat¶
Impact¶
This section describes enhancements to IOAM Options to carry an intergrity data fields. This can be achieved using symmetric or asymetric key based signatures as described below sub-sections.¶
Each of the IOAM Options defined in [I-D.ietf-ippm-ioam-data] are extended to include Integrity Protected (IP) options by allocating the following IOAM Option-Types in the IOAM Option-Type registry.¶
The integrity data sub-header is included in IOAM Integrity Protected Options is defined as follows:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Signature-suite| Nonce length | Reserved. | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Nonce ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signature ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
The Integrity sub-header will follow the IOAM Option header when the IOAM Option Type is Intergrity Protected Option. Pre-allocated and incremental Trace option headers are as defined in [I-D.ietf-ippm-ioam-data]. When IOAM Option Type is set to IOAM Pre-allocated Trace Intergrity Protected Option-Type or IOAM Incremental Trace Intergrity Protected Option-Type then Integrity Protection subheader follows the original IOAM Option Type header: :¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID |NodeLen | Flags | RemainingLen| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | IOAM-Trace-Type | Reserved | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Signature-suite| Nonce length | Reserved. | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Nonce ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signature ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
IOAM POT option header as defined in [I-D.ietf-ippm-ioam-data] is followed by Integrity Protection subheader when IOAM Option Type is set to IOAM POT Intergrity Protected Option-Type:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID |IOAM POT Type | IOAM POT flags| +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Signature-suite| Nonce length | Reserved. | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Nonce ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signature ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
IOAM E2E option header as defined in [I-D.ietf-ippm-ioam-data] is followed by Integrity Protection subheader when IOAM Option Type is set to IOAM E2E Intergrity Protected Option-Type:¶
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Namespace-ID | IOAM-E2E-Type | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ |Signature-suite| Nonce length | Reserved. | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Nonce ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | Signature ~ +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
This method assumes that symmetric keys have been distributed to the respective nodes as well as the Validator (the Validator receives all the keys). The details of the mechanisms of how keys are distributed are outside the scope of this document. The "Trace Signature" field is populated as follows:¶
This method recommends use of the following algorithms:¶
The Signature would consume 32 bytes with AES-256 - though with this method the Signature is only carried once for the entire packet. As there are dedicated options for carrying IOAM data with integrity protection, in case of performance concerns in calculating signature and validating it, these options can be used for a subset of the packets by using sampling of data to enable IOAM with integrity protection.¶
This method assumes that asymmetric keys have been generated per IOAM node and the respective nodes can access their keys. The Validator receives all the public keys. The details of the mechanisms of how keys are generated and shared are outside the scope of this document. The " Signature" field is populated as follows:¶
This method recommend use of the following algorithms:¶
The Signature would consume 32 bytes based on the SHA-256 ECDSA P-256 algorithm employed - though with this method the Signature is only carried once for the entire packet. As there are dedicated options for carrying IOAM data with integrity protection, in case of performance concerns in calculating signature and validating it, these options can be used for a subset of the packets by using sampling of data to enable IOAM with integrity protection.¶
The following code points are defined in this draft in "IOAM Option-Type Registry" :¶
"IOAM Integrity Protection Algorithm Suite Registry" in the "In-Situ OAM (IOAM) Protocol Parameters" group. The one-octet "IOAM Integrity Protection Algorithm Suite Registry" identifiers assigned by IANA identify the digest algorithm and signature algorithm used in the Signature Suite Identifier field. IANA has registered the following algorithm suite identifiers for the digest algorithm and for the signature algorithm.¶
IOAM Integrity Protection Algorithm Suite Registry Algorithm Digest Signature Specification Suite Algorithm Algorithm Pointer Identifier +------------+------------+-------------+-----------------------+ | 0x0 | Reserved | Reserved | This document | +------------+------------+-------------+-----------------------+ | 0x1 | SHA-256 | ECDSA P-256 | [SHS] [DSS] [RFC6090] | | | | | This document | +------------+------------+-------------+-----------------------+ | 0x2 | SHA-256 | AES-256 | [AES] [NIST.800-38D] | | | | | This document | +------------+------------+-------------+-----------------------+ | 0xEF-0xFF | Unassigned | Unassigned | | +------------+------------+-------------+-----------------------+¶
Future assignments are to be made using the Standards Action process defined in [RFC8126]. Assignments consist of the one-octet algorithm suite identifier value and the associated digest algorithm name and signature algorithm name.¶
This section will be completed in a future revision of this document.¶
The authors would like to thank Santhosh N, Rakesh Kandula, Saiprasad Muchala, Greg Mirsky, Benjamin Kaduk and Martin Duke for their comments and advice.¶
This section outlines three different methods that are to provide integrity protection of IOAM data fields. As noted earlier, this document is to support the IPPM working group in designing and specifying a method for protecting the integrity of IOAM data fields. It isn't expected that all four methods would be chosen for a solution specification.¶
As already stated in the introduction, the discussion of the different methods focuses mostly on protecting the integrity of IOAM trace data fields, though the outlined methods are not limited to protecting IOAM trace data fields only. The methods could be applied to other IOAM Option-Types, such as the E2E Option-Type or the DEX Option-Type.¶
IOAM trace data can be embedded in a variety of protocols. There are specific drafts that cover the encapsulation of IOAM data into different protocols, like IPv6 [I-D.ietf-ippm-ioam-ipv6-options], NSH [I-D.ietf-sfc-ioam-nsh], Geneve [I-D.brockners-ippm-ioam-geneve], etc.¶
The IOAM Option-Types for tracing (Pre-allocated Trace-Option and Incremental Trace-Option) organize the collected data in an array, the "node data list". See [I-D.ietf-ippm-ioam-data] for further details).¶
The basic idea is to introduce a new "signed node-data hash field" added by each node along with the node data to prove the integrity of the node data inserted.¶
The following sections describe different methods of how such a "signed node-data field" could be used and populated. The methods assume an IOAM-Domain containing IOAM-encapsulating nodes, IOAM-decapsulating nodes and IOAM-transit nodes. In addition, it is assumed that traffic also traverses a Validator node, which verifies the integrity of the IOAM data fields. In a typical deployment, the IOAM-decapsulating node would also serve as the Validator. The setup also includes a network management entity/controller which handles key distributions to the network nodes and also serves as a receiver for validation results provided by the Validator. Protocols and procedures for the exchange of keys and validation results between the network management entity/controller and the nodes are outside the scope of this document.¶
Method 1 uses asymmetric keys for signing node trace data. This is the procedure to be followed by each node:¶
Each node data list [x] field is extended with an additional "signed node-data" field: node_data_sign[x]. Node_data_sign includes a signature using the private key of the node over the hash of node data list[x] of the node and the previous node's node data sign node_data_sign[x-1]. This couples the signature of the current field to the earlier field and creates a chain of trust. This way of chaining the node data signatures provides protection against replay of a previous node trace of a specific node.¶
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | node_data_sign [x] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | node data list [x] | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
Assuming e.g Ed25519, the public keys would have a size of 256 bits / 32 bytes, and as such signatures would be 512 bits / 64 bytes wide. node_data_sign[x] would consume 64 bytes per hop. Note that depending on the deployment, weaker keys might well apply, given that the provided integrity check is an online method, i.e. packets are verified as they arrive. This allows an attacker only a short time-window.¶
The same procedure as Method 1 can be followed by using a MAC (Message Authentication Code) algorithm for node signature. This involves distributing a secret key to the individual IOAM nodes and the Validator. Steps 1 to 4 of Method 1 apply in a similar way, the only difference is that symmetric keys are used. As such, each node data list [x] field is extended with an additional "signed node-data" field: node_data_sign[x]. The size of the node_data_sign[x] field depends on the cryptographic message authentication code used.¶
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | node_data_sign [x] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | node data list [x] | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
Different types of cryptographic message authentication codes could be chosen, such as HMAC-SHA256 or Poly1305-AES.¶
HMAC-SHA256 would take a secret key of any size and provide a 32 byte authenticator. Consequently, node_data_sign[x] would consume 32 bytes per hop.¶
Poly1305-AES would use a 32 bytes secret key and provide a 16 byte authenticator. Consequently, node_data_sign[x] would consume 16 bytes per hop.¶
Methods 1 and 2 add a node_data_sign field at every IOAM node the packet traverses. While feasible for network domains with only a few IOAM enabled hops, the number of bytes consumed in case of larger networks might not be acceptable.¶
This method builds on top of Method 3 leverages Post-quantum Secure Pre-shared key distribution for deriving a dynamic symmetric key for every packet or a set of packets. The method utilizes the dynamic keys to provide for replay protection and does not require a seed to be added to the trace data to protect from replays because a private key is derived for each packet. The method relies on a local service that generates common Key/KeyID pairs for the participating Node and Validator (see the figure below). This common key generator uses ratcheting cryptography to generate the next secret while forgetting about the previous one. A unique ID is paired with each secret generated. Given the same seed secret as input parameter, two implementations of the common key generator will generate the exact same key and associated ID. The common key generator can be queried for the next key or for a specific key ID.¶
The figure below illustrates the concept:¶
Validator Node | | | | Generate McEliece | public/private key-pair | | | |<---Establ. classic secure connection---------| | (e.g. TLS) | |---Send public key over secure connection---->| | | | Generate random secret nonce | and encrypt w/ Validator | public key | | |<--Send encrypted seed over secure connection-| | | Decrypt secret nonce sent from Node | using Validator's private key | | | (-- Common secret nonce established between --) (-- Node and Validator --) | | | Generate Node's KeyID pair | based on common secret nonce | | | Use Node's key to update Signature field | in Integrity protection option header. Include Node's | KeyID in the extended node data. | | (-- Packet reaches Validator --) | | Get Node's key using Node's KeyID | present in extended node data. | Validate Signature using Node's key. |¶
The main steps of method 4 are:¶
Each node will then use the seed to generate a symmetric key per packet and use it in updating the Signature field in the IOAM Trace-Option header over its node data hash. The node data is extended to include the KeyID of the dynamic key generated.¶
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | KeyID [x] | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+ | | | node data list [x] | | | +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+¶
The detailed mechanisms how keys and seeds are exchanged between nodes are outside the scope of this document.¶
Like with method 3, the Signature is only carried once for the entire packet and could be 32 bytes total. In addition, the KeyID needs to be added on a per hop basis. For sizing the Key ID, similar considerations like those for proof-of-transit packet random numbers apply - i.e. it depends on the packet rates of quickly keys are consumed. E.g. assuming a packet rate of 100Gbps and a KeyID space of 64 bits / 8 bytes, the system would need to be re-keyed after 3100 years (see also [I-D.ietf-sfc-proof-of-transit]). If frequent re-keying is feasible, 32 bits for KeyID might well be feasible.¶
The IP Authentication Header (AH) is used to provide connectionless integrity and data origin authentication for IP datagrams and to provide protection against replays as defined in RFC4302 [RFC4302]. The AH provides authentication for as much of the IP header as possible, by classifying and including the immutable fields in the integrity calculation. To protect the IOAM data in the IP header, the AH may be employed in transport mode by setting up an IP AH Security Association (SA) with supported integrity algorithms between IOAM encapsulating nodes, IOAM decapsulating nodes and IOAM transit nodes. Method 5 utilizes the IP AH for integrity protection of IOAM options that are immutable enroute between IOAM entities that are required to validate the integrity of the IOAM data. It is applicable to IOAM Option-Types as follows:¶
This method involves overhead of setting up and maintaining SA for the AH IOAM-encapsulating nodes and IOAM-decapsulating nodes. The anti-replay mechanism supported by IP AH must be enabled for this method to effectively protect IOAM data fields whose integrity and freshness needs to be guarenteed. The anti-replay mechanism of IP AH has the overhead of maintaining and validating sequence numbers as part of the IP AH validation. In cases where IOAM-transit nodes have to validate IOAM Option-Types e.g. the DEX Option-Type, then there will be additional overhead to distribute shared secrets to the transit nodes when the integrity algorithm is based on shared secrets.¶