IETF-66 MSEC IPsec composite groups

1
Multicast IPsec Composite Cryptographic Groups

• George Gross
• IdentAware Multicast Security gmgross_at_IdentAware.
  com
• IETF-66, Montreal, Canada
• July 11th 2006

2
Composite Cryptographic Groups

• Definition The logical group formed from union
  of two or more sub-groups, each sub-group
  supporting different cryptographic properties
  (e.g. IPsec software version).
• Composite groups occur when large-scale groups
  contains multiple protocol versions or multiple
  partially interoperable vendors.
• e.g. retiring 3-DES, migrating to AES
• software bug fixes

3
IPsec SubsystemComposite Group Requirements

• Multicast application is unaware of sub-groups,
  it only sends one packet to the composite group,
  not each sub-group.
• Must provide a mechanism where each data packet
  gets replicated for each sub-group, and treated
  with the respective sub-groups IPsec
  cryptographic policy.
• IPsec policy per sub-group, set by its GCKS

4
Motivation for Composite Groups

• Can not easily upgrade a large-scale group, no
  flag day is allowed
• Cryptographic algorithms age or break, need
  strategy to move to new ones
• witness recent attacks on MD5, SHA-1
• Parallel vendor-specific sub-groups support
  different feature sets, want best combination
• Straddle IPv4 and IPv6 sub-groups

5
Transport Mode IPsec
Group Speaker
Transport mode multicast data security association
Host IPsec Subsystem
A2
A1
A0
A5
A3
B2
A4
B4
Sub-Group A
B1
B0
B5
B3
Internet
Sub-Group B
6
Composite Cryptographic Group IPsec Transport Mode

• End-to-end security, no plain-text on wire
• Supports Native, BITS, and BITW architectural
  modes
• Requires IPsec subsystem replicate each data SA
  packet for each sub-group before applying its
  cryptographic algorithms
• do not want the multicast application to be aware
  of the cryptographic sub-groups

7
Application data sent unencrypted across
multicast LAN to security gateways
Tunnel Mode IPsec
Group Speaker
multicast-capable LAN
IPsec Tunnel Endpoint
IPsec Tunnel Endpoint
IPsec Security Gateway
IPsec Security Gateway
Internet
A2
A1
B2
A0
A5
B4
A3
B1
A4
Sub-Group A
B0
B5
B3
Sub-Group B
8
Composite Cryptographic GroupIPsec Tunnel Mode

• Application multicasts its data to two or more
  IPsec security gateways, one gateway per
  sub-group.
• Advantage simply bolt together as many gateways
  as there are sub-groups
• Drawback Unencrypted data must transit a trusted
  network to reach the gateways

9
Composite Groups Proposed for Experimental Track

• Request that draft-gross-ipsec-composite-group-00.
  txt become a MSEC WG item
• Publish as an IETF experimental RFC
• Revise and transition to a proposed standard RFC
  after
• additional operational experience
• wider recognition by industry that this provides
  a solution that merits full standardization

10
Background Reading

• draft-gross-msec-ipsec-composite-group-00.txt
• draft-ietf-msec-ipsec-extensions-02.txt
• RFC4301 - IP security architecture