Network Working Group T. Li
Request for Comments: 3567 Procket Networks
Category: Informational R. Atkinson
Extreme Networks
July 2003
Network Working Group T. Li
Request for Comments: 3567 Procket Networks
Category: Informational R. Atkinson
Extreme Networks
July 2003
Intermediate System to Intermediate System (IS-IS) Cryptographic Authentication
中间系统到中间系统(IS-IS)加密身份验证
Status of this Memo
本备忘录的状况
This memo provides information for the Internet community. It does not specify an Internet standard of any kind. Distribution of this memo is unlimited.
本备忘录为互联网社区提供信息。它没有规定任何类型的互联网标准。本备忘录的分发不受限制。
Copyright Notice
版权公告
Copyright (C) The Internet Society (2003). All Rights Reserved.
版权所有(C)互联网协会(2003年)。版权所有。
Abstract
摘要
This document describes the authentication of Intermediate System to Intermediate System (IS-IS) Protocol Data Units (PDUs) using the Hashed Message Authentication Codes - Message Digest 5 (HMAC-MD5) algorithm as found in RFC 2104. IS-IS is specified in International Standards Organization (ISO) 10589, with extensions to support Internet Protocol version 4 (IPv4) described in RFC 1195. The base specification includes an authentication mechanism that allows for multiple authentication algorithms. The base specification only specifies the algorithm for cleartext passwords.
本文件描述了使用RFC 2104中的哈希消息认证码-消息摘要5(HMAC-MD5)算法对中间系统到中间系统(IS-IS)协议数据单元(PDU)的认证。IS-IS在国际标准化组织(ISO)10589中有规定,其扩展支持RFC 1195中描述的Internet协议版本4(IPv4)。基本规范包括一种允许多种身份验证算法的身份验证机制。基本规范仅指定明文密码的算法。
This document proposes an extension to that specification that allows the use of the HMAC-MD5 authentication algorithm to be used in conjunction with the existing authentication mechanisms.
本文档提出了对该规范的扩展,允许将HMAC-MD5认证算法与现有认证机制结合使用。
The IS-IS protocol, as specified in ISO 10589 [1], provides for the authentication of Link State PDUs (LSPs) through the inclusion of authentication information as part of the LSP. This authentication information is encoded as a Type-Length-Value (TLV) tuple. The use of IS-IS for IPv4 networks is described in [3].
ISO 10589[1]中规定的IS-IS协议通过将身份验证信息作为LSP的一部分包括在内,提供链路状态PDU(LSP)的身份验证。此身份验证信息编码为类型长度值(TLV)元组。[3]中描述了IPv4网络使用IS-IS的情况。
The type of the TLV is specified as 10. The length of the TLV is variable. The value of the TLV depends on the authentication algorithm and related secrets being used. The first octet of the value is used to specify the authentication type. Type 0 is
TLV的类型指定为10。TLV的长度是可变的。TLV的值取决于所使用的身份验证算法和相关机密。值的第一个八位字节用于指定身份验证类型。类型0是
reserved, type 1 indicates a cleartext password, and type 255 is used for routing domain private authentication methods. The remainder of the TLV value is known as the Authentication Value.
保留,类型1表示明文密码,类型255用于路由域私有身份验证方法。TLV值的其余部分称为身份验证值。
This document extends the above situation by allocating a new authentication type for HMAC-MD5 and specifying the algorithms for the computation of the Authentication Value. This document also describes modifications to the base protocol to ensure that the authentication mechanisms described in this document are effective.
本文档通过为HMAC-MD5分配新的身份验证类型并指定用于计算身份验证值的算法,扩展了上述情况。本文档还描述了对基本协议的修改,以确保本文档中描述的身份验证机制有效。
This document is a publication of the IS-IS Working Group within the IETF, and is a contribution to ISO IEC JTC1/SC6, for eventual inclusion with ISO 10589.
本文件是IETF内is-is工作组的出版物,是对ISO IEC JTC1/SC6的贡献,最终纳入ISO 10589。
The authentication type used for HMAC-MD5 is 54 (0x36). The length of the Authentication Value for HMAC-MD5 is 16, and the length field in the TLV is 17.
HMAC-MD5使用的身份验证类型为54(0x36)。HMAC-MD5的身份验证值的长度为16,TLV中的长度字段为17。
The HMAC-MD5 algorithm requires a key K and text T as input [2]. The key K is the password for the PDU type, as specified in ISO 10589. The text T is the IS-IS PDU to be authenticated with the Authentication Value field inside of the Authentication Information TLV set to zero. Note that the Authentication Type is set to 54 and the length of the TLV is set to 17 before authentication is computed. When LSPs are authenticated, the Checksum and Remaining Lifetime fields are set to zero (0) before authentication is computed. The result of the algorithm is placed in the Authentication Value field.
HMAC-MD5算法需要密钥K和文本T作为输入[2]。密钥K是ISO 10589中规定的PDU类型的密码。文本T是要进行身份验证的is-is PDU,身份验证信息TLV中的身份验证值字段设置为零。注意,在计算认证之前,认证类型设置为54,TLV的长度设置为17。对LSP进行身份验证时,在计算身份验证之前,校验和和剩余生存期字段将设置为零(0)。算法的结果放置在“身份验证值”字段中。
When calculating the HMAC-MD5 result for Sequence Number PDUs, Level 1 Sequence Number PDUs SHALL use the Area Authentication string as in Level 1 Link State PDUs. Level 2 Sequence Number PDUs shall use the domain authentication string as in Level 2 Link State PDUs. IS-IS HELLO PDUs SHALL use the Link Level Authentication String, which MAY be different from that of Link State PDUs. The HMAC-MD5 result for the IS-IS HELLO PDUs SHALL be calculated after the Packet is padded to the MTU size, if padding is not disabled. Implementations that support the optional checksum for the Sequence Number PDUs and IS-IS HELLO PDUs MUST NOT include the Checksum TLV.
当计算序列号PDU的HMAC-MD5结果时,1级序列号PDU应使用1级链路状态PDU中的区域认证字符串。2级序列号PDU应使用2级链路状态PDU中的域身份验证字符串。IS-IS HELLO PDU应使用链路级认证字符串,该字符串可能不同于链路状态PDU的认证字符串。如果未禁用填充,则应在将数据包填充到MTU大小后计算IS-IS HELLO PDU的HMAC-MD5结果。支持序列号PDU和IS-IS HELLO PDU可选校验和的实现不得包括校验和TLV。
To authenticate an incoming PDU, a system should save the values of the Authentication Value field, the Checksum and the Remaining Lifetime field, set these fields to zero, compute authentication, and then restore the values of these fields.
要对传入PDU进行身份验证,系统应保存身份验证值字段、校验和和剩余生存期字段的值,将这些字段设置为零,计算身份验证,然后恢复这些字段的值。
An implementation that implements HMAC-MD5 authentication and receives HMAC-MD5 Authentication Information MUST discard the PDU if the Authentication Value is incorrect.
如果身份验证值不正确,则实现HMAC-MD5身份验证并接收HMAC-MD5身份验证信息的实现必须丢弃PDU。
An implementation MAY have a transition mode where it includes HMAC-MD5 Authentication Information in PDUs but does not verify the HMAC-MD5 authentication information. This is a transition aid for networks in the process of deploying authentication.
实现可能具有转换模式,其中在PDU中包括HMAC-MD5身份验证信息,但不验证HMAC-MD5身份验证信息。这是部署身份验证过程中网络的过渡辅助工具。
An implementation MAY check a set of passwords when verifying the Authentication Value. This provides a mechanism for incrementally changing passwords in a network.
在验证身份验证值时,实现可以检查一组密码。这提供了一种在网络中增量更改密码的机制。
An implementation that does not implement HMAC-MD5 authentication MAY accept a PDU that contains the HMAC-MD5 Authentication Type. ISes (routers) that implement HMAC-MD5 authentication and initiate LSP purges MUST remove the body of the LSP and add the authentication TLV. ISes implementing HMAC-MD5 authentication MUST NOT accept unauthenticated purges. ISes MUST NOT accept purges that contain TLVs other than the authentication TLV. These restrictions are necessary to prevent a hostile system from receiving an LSP, setting the Remaining Lifetime field to zero, and flooding it, thereby initiating a purge without knowing the authentication password.
未实现HMAC-MD5身份验证的实现可以接受包含HMAC-MD5身份验证类型的PDU。实现HMAC-MD5身份验证并启动LSP清除的ISE(路由器)必须移除LSP主体并添加身份验证TLV。实现HMAC-MD5身份验证的ISE不得接受未经验证的清除。ISE不得接受包含认证TLV以外的TLV的清除。这些限制对于防止恶意系统接收LSP、将剩余生存期字段设置为零并将其淹没,从而在不知道身份验证密码的情况下启动清除是必要的。
There is an implementation issue just after password rollover on an IS-IS router that might benefit from additional commentary. Immediately after password rollover on the router, the router or IS-IS process may restart. If this happens, this causes the LSP Sequence Number restarts from the value 1 using the new password. However, neighbors will reject those new LSPs because the Sequence Number is smaller. The router can not increase its own LSP Sequence Number because it fails to authenticate its own old LSP that neighbors keep sending to it. So the router can not update its LSP Sequence Number to its neighbors until all the neighbors time out all of the original LSPs. One possible solution to this problem is for the IS-IS process to detect if any inbound LSP with an authentication failure has the local System ID and also has a higher Sequence Number than the IS-IS process has. In this event, the IS-IS process SHOULD increase its own LSP Sequence Number accordingly and re-flood the LSPs. However, as this scenario could also be triggered by an active attack by an adversary, it is recommended that a counter also be kept on this case to mitigate the risk from such an active attack.
在is-is路由器上的密码翻转之后,有一个实现问题,可能会从附加注释中受益。路由器上的密码翻转后,路由器或IS-IS进程可能会立即重新启动。如果发生这种情况,这将导致使用新密码从值1重新启动LSP序列号。但是,邻居将拒绝这些新的LSP,因为序列号较小。路由器无法增加自己的LSP序列号,因为它无法验证邻居一直发送给它的自己的旧LSP。因此,在所有邻居超时所有原始LSP之前,路由器无法将其LSP序列号更新到其邻居。此问题的一个可能解决方案是is-is进程检测任何身份验证失败的入站LSP是否具有本地系统ID,并且序列号是否高于is-is进程。在这种情况下,IS-IS进程应相应地增加其自身的LSP序列号,并重新填充LSP。但是,由于这种情况也可能由对手的主动攻击触发,因此建议在这种情况下也保留一个计数器,以降低这种主动攻击的风险。
This document enhances the security of the IS-IS routing protocol. Because a routing protocol contains information that need not be kept secret, privacy is not a requirement. However, authentication of the messages within the protocol is of interest, to reduce the risk of an adversary compromising the routing system by deliberately injecting false information into the routing system.
本文档增强了IS-IS路由协议的安全性。因为路由协议包含不需要保密的信息,所以不需要保密。然而,协议内消息的认证是有意义的,以减少对手通过故意将虚假信息注入路由系统而危害路由系统的风险。
The technology in this document provides an authentication mechanism for IS-IS. The mechanism described here is not perfect and does not need to be perfect. Instead, this mechanism represents a significant increase in the work function of an adversary attacking the IS-IS protocol, while not causing undue implementation, deployment, or operational complexity.
本文档中的技术为IS-IS提供了一种身份验证机制。这里描述的机制并不完美,也不需要完美。相反,该机制代表了攻击IS-IS协议的对手的工作功能的显著增加,同时不会导致不适当的实现、部署或操作复杂性。
This mechanism does not prevent replay attacks, however, in most cases, such attacks would trigger existing mechanisms in the IS-IS protocol that would effectively reject old information. Denial of service attacks are not generally preventable in a useful networking protocol [4].
这种机制不能防止重播攻击,但是,在大多数情况下,这种攻击会触发IS-IS协议中的现有机制,从而有效地拒绝旧信息。在有用的网络协议中,拒绝服务攻击通常是不可预防的[4]。
Changes to the authentication mechanism described here (primarily: to add a Key-ID field such as OSPFv2 and RIPv2 have) were considered at some length, but ultimately were rejected. The mechanism here was already widely implemented in 1999. As of this writing, this mechanism is fairly widely deployed within the users interested in cryptographic authentication of IS-IS. The improvement provided by the proposed revised mechanism was not large enough to justify the change, given the installed base and lack of operator interest in deploying a revised mechanism.
对此处描述的身份验证机制的更改(主要是:添加密钥ID字段,如OSPFv2和RIPv2)经过了一定的考虑,但最终被拒绝。该机制已于1999年广泛实施。在撰写本文时,该机制在对is-is加密身份验证感兴趣的用户中得到了相当广泛的部署。考虑到安装基数和运营商对部署经修订的机制缺乏兴趣,拟议的经修订的机制所提供的改进不够大,不足以证明这一改变是合理的。
If and when a key management protocol appears that is both widely implemented and easily deployed to secure routing protocols such as IS-IS, a different authentication mechanism that is designed for use with that key management schema could be added if desired.
如果出现广泛实施且易于部署到安全路由协议(如is-is)的密钥管理协议,如果需要,可以添加设计用于该密钥管理模式的不同身份验证机制。
If a stronger authentication were believed to be required, then the use of a full digital signature [5] would be an approach that should be seriously considered. It was rejected for this purpose at this time because the computational burden of full digital signatures is believed to be much higher than is reasonable given the current threat environment in operational commercial networks.
如果认为需要更强的认证,那么使用完整数字签名[5]将是一种值得认真考虑的方法。鉴于商业运营网络中当前的威胁环境,完全数字签名的计算负担被认为比合理的要高得多,因此在此时被拒绝。
Acknowledgements
致谢
The authors would like to thank (in alphabetical order) Dave Katz, Steven Luong, Tony Przygienda, Nai-Ming Shen, and Henk Smit for their comments and suggestions on this document.
作者要感谢(按字母顺序排列)Dave Katz、Steven Luong、Tony Przygienda、Nai Ming Shen和Henk Smit对本文件的评论和建议。
Normative References
规范性引用文件
[1] ISO, "Intermediate System to Intermediate System Routing Information Exchange Protocol for use in Conjunction with the Protocol for Providing the Connectionless-mode Network Service (ISO 8473)", ISO/IEC 10589:2002, Second Edition.
[1] ISO,“与提供无连接模式网络服务的协议一起使用的中间系统到中间系统路由信息交换协议(ISO 8473)”,ISO/IEC 10589:2002,第二版。
[2] Krawczyk, H., Bellare, M. and R. Canetti, "HMAC: Keyed-Hashing for Message Authentication", RFC 2104, February 1997.
[2] Krawczyk,H.,Bellare,M.和R.Canetti,“HMAC:用于消息身份验证的键控哈希”,RFC2104,1997年2月。
Informative References
资料性引用
[3] Callon, R., "Use of OSI IS-IS for Routing in TCP/IP and Dual environments", RFC 1195, December 1990.
[3] Callon,R.,“OSI IS-IS在TCP/IP和双环境中的路由使用”,RFC1195,1990年12月。
[4] Voydock, V. and S. Kent, "Security Mechanisms in High-level Networks", ACM Computing Surveys, Vol. 15, No. 2, June 1983.
[4] Voydock,V.和S.Kent,“高级网络中的安全机制”,ACM计算调查,第15卷,第2期,1983年6月。
[5] Murphy, S., Badger, M. and B. Wellington, "OSPF with Digital Signatures", RFC 2154, June 1997.
[5] Murphy,S.,Badger,M.和B.Wellington,“具有数字签名的OSPF”,RFC 2154,1997年6月。
Authors' Addresses
作者地址
Tony Li Procket Networks 1100 Cadillac Ct. Milpitas, CA 95035 USA
Tony Li Procket Networks 1100凯迪拉克Ct。美国加利福尼亚州米尔皮塔斯95035
Phone: +1 (408) 635-7903
EMail: tli@procket.net
Phone: +1 (408) 635-7903
EMail: tli@procket.net
Ran J. Atkinson Extreme Networks 3585 Monroe Street Santa Clara, CA 95051 USA
Ran J.阿特金森极端网络公司美国加利福尼亚州圣克拉拉门罗街3585号,邮编95051
Phone: +1 (408) 579-2800
EMail: rja@extremenetworks.com
Phone: +1 (408) 579-2800
EMail: rja@extremenetworks.com
Full Copyright Statement
完整版权声明
Copyright (C) The Internet Society (2003). All Rights Reserved.
版权所有(C)互联网协会(2003年)。版权所有。
This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English.
本文件及其译本可复制并提供给他人,对其进行评论或解释或协助其实施的衍生作品可全部或部分编制、复制、出版和分发,不受任何限制,前提是上述版权声明和本段包含在所有此类副本和衍生作品中。但是,不得以任何方式修改本文件本身,例如删除版权通知或对互联网协会或其他互联网组织的引用,除非出于制定互联网标准的需要,在这种情况下,必须遵循互联网标准过程中定义的版权程序,或根据需要将其翻译成英语以外的其他语言。
The limited permissions granted above are perpetual and will not be revoked by the Internet Society or its successors or assignees.
上述授予的有限许可是永久性的,互联网协会或其继承人或受让人不会撤销。
This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
本文件和其中包含的信息是按“原样”提供的,互联网协会和互联网工程任务组否认所有明示或暗示的保证,包括但不限于任何保证,即使用本文中的信息不会侵犯任何权利,或对适销性或特定用途适用性的任何默示保证。
Acknowledgement
确认
Funding for the RFC Editor function is currently provided by the Internet Society.
RFC编辑功能的资金目前由互联网协会提供。