Transcript PPT Version

Issues of SAAG(ing?) Interest
in the USGIPv6 V1.0 Profile.
Doug Montgomery ([email protected])
and
Sheila Frankel ([email protected])
NIST / Information Technology Laboratory
Topics Addressed
• What are we talking about?
– USG IPv6 Profile and Testing Program
•
•
•
•
•
•
Why are we doing this?
What have we done?
What we think it means?
What general issues remain?
Issues of potential SAAG interest.
How can you help?
– Submit your comments … in writing!
USG Policy Drivers
• OMB - Policy M-05-22 & FAQ
http://www.whitehouse.gov/omb/memoranda/fy2005/m05-22.pdf
http://www.whitehouse.gov/omb/egov/documents/IPv6_FAQs.pdf
– All Agencies – Plan for IPv6 adoption. Deploy & use “IPv6
capable/compliant” products in “core” networks by June 2008.
• Requires agencies to “ensure orderly and secure transition”
• FAQ: “Agencies should verify …capability through testing …are required to
maintain security during and after adoption …”
– NIST – “The National Institute for Standards and Technology (NIST) will
develop, as necessary, a standard to address IPv6 compliance for the
Federal government.”
– OMB & GSA – “Additionally, as necessary, the General Services
Administration and the Federal Acquisition Regulation Council will develop
a suitable FAR amendment for use by all agencies.”
• FAR Case 2005-041, Internet Protocol Version 6 (IPv6)
http://edocket.access.gpo.gov/2006/06-7126.htm
– “OMB further requires, to the maximum extent practicable, all new IT
procurements include IPv6 capable products and systems. “
• DoD Policy for Enterprise-wide Deployment of IPv6
– http://ipv6.disa.mil/docs/stenbit-memo-20030609.pdf
DRAFT USGIPv6-V1.0
http://www.antd.nist.gov/usgv6-v1-comments.html
Status / Plans
• Circulated for USG IPv6WG
Review – 2006-12-22
• USG comments resolved and
circulated for public comment –
2007-2-1.
– 30 day public comment period
ended March 3rd.
– ~500 comments from ~50
sources.
• Public comments resolved and
final document to be published
ASAP.
– ~ March.
• Issue plans for the
development of a testing
program.
– ~ March
– More on this later …..
USGIPv6-V1 Overview
• Scope and Application
– Recommendation from NIST – but in isolation is policy free.
• Applicable to “non classified Federal IT systems”.
– Strategic planning document to guide acquisition of IPv6
technologies for operational deployments.
• Other uses/time-frames are cautioned.
– Defines minimal low-bar of capabilities to:
•
•
•
•
Deliver expected functionality
Insure interoperability
Enable secure operation
Protect early investments
– Technical basis for further refinement and other uses:
• Agency / mission specific technical requirements.
– Everything that is not mentioned is optional.
• Agency / USG acquisition / deployment policies.
• Defines “USGIPv6-V1 Compliant” hosts, routers, NPDs.
– Provides technical basis for product testing and certification
program.
Relationship to Other Efforts
• Support OMB/GSA policies
– Provide a basis through which OMB and GSA can further refine
either emerging acquisition and deployment policies.
• Avoid policy confusion – allow policy sources to define “USG IPv6
Capable” and FAR in terms of our profile.
• Fill in the technical pieces necessary to support these policies and
their time frames.
– E.g., Provide interim specification of Network Protection Devices
(firewalls and IDS systems) vital to ensure the security of Federal IT
systems under OMB deployment strategy.
• Leverage DoD / IETF / Industry Efforts
– DISR, IETF Node Requirements, IPv6Ready, NSA, ICSA profiles
and testing programs carefully analyzed.
– USGv6V1.0 is a synthesis / intersection of these efforts mixed
with USG specific requirements.
– Long term goal is to get to a point where a distinct USG
profile / testing program is unnecessary.
What the Profile Defines
•
Sub profiles for 3 types of devices
–
–
–
•
3.
4.
5.
Host Profile
Router Profile
Network Protection Device Profile
12 Functional Categories of Capabilities
–
–
–
–
–
–
–
–
–
–
–
–
6.1
6.2
6.3
6.4
6.5
6.6
6.7
6.8
6.9
6.10
6.11
6.12
•
•
•
•
6.12.1
6.12.2
6.12.3
6.12.4
Base
Routing
Quality of Service
Transition
Link Technology
Addressing
IPsec
Application Environment
Network Management
Multicasting
Mobility
Network Protection Devices
Source of requirements
Common requirements for network protection devices
Firewall requirements
Intrusion detection and prevention system requirements
General Issues?
• Development of Testing Program
– Expect industry/USG meeting on the topic in
May at NIST.
• Linkages to USG Policies
– Working with OMB / GSA to define linkages
and time frames.
• Final USGv6-V1 Profile
– Resolve ~500 comments and publish.
– Define profile use / maintenance cycles.
Issues of SAAG Interest?
• General
– Specsmanship
• Detailed profiling of IETF normative requirements is challenging.
– This issue is particularly acute in the IPsec area.
– Poison pill technique?
– Device profiles?
• How many / types of conformance classes of IPv6
implementations?
• USGv6: Hosts, Routers, Network Protection Devices (NPDs)
• IETF: Hosts, Routers
• Why would we need more?
– Allow some IPv6 devices to not implement IPsec, SNMP, DHCP.
– Grandfather existing implementations …
• Why did we need 3?
Issues of SAAG Interest?
• General
– Network Protection Device Profiles
• Capability / behavior specifications for Firewalls, IDS/IPS
systems.
• Seeming void in the industry.
– We would have loved to cite consensus standards.
– We did consult “requirements” as we could find them (NSA,
ICSA, etc).
• Received Comment – “remove from USG profile and submit
to the IETF”.
– USG has operational deployment policies (June 2008) that
can’t wait for this right now.
– Not sure if the IETF considers NPD specifications within their
scope.
Issues of SAAG Interest?
• IPsec
– Old or new IPsec/IKE? and when?
•
•
•
•
USGv6 Arch: Arch-v2/2401(M), Arch-v3/4301(S+)
USGv6 IKE: IKE-v1/2409(M), IKE-v2/4306(S+)
When can IPsec-v3/IKE-v2 be M?
When could IPsec-v2/IKE-v1 be M-?
– AH mandated or optional?
• USGv6: AH-v2/2402(O), AH-v3/4302(O).
• Seems to be some disagreement in the industry about AH
utility/advisability?
– IETF: AH(O) in Arch-v3/4301, but AH(M) in Node-Reqs/4294.
– Concerns about unused/tested protocol, operational concerns.
– Other protocols that require AH? (OSPFv3).
Issues of SAAG Interest?
• IPsec
– Algorithms:
• USGv6 3DES-CBC(M):
– IETF: (M-) for Crypt-ESP-AH/4305 and Crypt-IKEv2/4307.
• USGv6 AES-CBC-128(M):
– IETF: (S+) for Crypt-ESP-AH/4305 and Crypt-IKEv2/4307, (S) for
Crypt-IKEv1/4109.
• USGv6 Null-Auth(O):
– IETF: (M) in Crypto-Algs-ESP-AH/4305, but (O) in draft-manral-ipsecrfc4305-bis-errata-03.txt
• USGv6 AES-GCM/AES-GMAC(O):
– Need understanding of status in industry / DoD.
– IKEv2
• USGv6 NAT-T(M): but UDP-encap/3948 is (O)?
• USGv6 DPD/3706(O): Required/preferred for IKEv2?
Issues of SAAG Interest?
• Base Protocol / Addressing:
– SEND/CGA:
• USGv6: SEND/3971(S+), CGA/3972(S+)
• Consistent with DoD …but, consistent with reality?
– Privacy Addresses
• USGv6: PA/3401(S)
• Some thoughts abound that an IP address is Personally
Identifying Information (PII), maybe privacy addresses will
be universally mandated?
A Different View of Things …
USGIPv6-V1.0
Spec /
Condition
Section
Title / Definition
Condition/
Context
Host
IETF
DoD DISR v 1.1 2006-12-1
Node
Base Std Requirem
Host/ Work
Status
ents
station
Notes / Issues / Discussion.
Security Subprofile
IPsec-v2
Security Architecture for the Internet
Protocol
ESP
Null Authentication
AH
IPsec-v2
IPsec-v2
IPsec-v2
M
M
M
O
M
M
M
IPsec-v3
Security Architecture for the Internet
Protocol
ESP
Null Authentication
AH
IPsec-v3
IPsec-v3
IPsec-v3
S+
M
O
O
M
M/O
O
IPsec-v2 or IPsec-v3
UDP Encapsulation of ESP Packets
Cryptographic Algorithms for ESP and AH
Cryptographic Suites for IPsec
VPN-A
VPN-B
IPsec
IPsec
IPsec
IPsec
IPsec
O
S
O
SS+
O
M
O
SS+
RFC3947
RFC4304
IKEv1
IKEv1
The Internet IP Security DOI for ISAKMP
ISAKMP
Algorithms for IKEv1
Pre-shared secrets
Diffie-Hellman MODP group 2
Diffie-Hellman MODP group 14
RSA sig auth
NAT-T in IKEv1
ESN Addendum to IPsec DOI for ISAKMP
IKEv1
IKEv1
IKEv1
IKEv1
IKEv1
IKEv1
IKEv1
IKEv1
IKEv1
M
M
M
M
M
M
S
S
O
M
O
O
O
M
M
M
S
S
O
O
RFC4306
IKEv2
IKEv2
IKEv2
IKEv2
IKEv2
IKEv2
IKEv2
IKEv2
S+
M
M
M
M
M
M
S+
O
M
M
M
M
M
MS+
IKEv1 | IKEv2
IKEv1 | IKEv2
S
O
RFC2401
RFC2406
5
RFC2402
RFC4301
RFC4303
5
RFC4302
RFC3948
RFC4305
RFC4308
2.1
2.2
RFC2409
RFC2407
RFC2408
RFC4109
3
3
3
3
M
M
M
M
M
DoD: IPsec-v2 M for legacy deployments
M
M
M
M
M
M
M
M
S
M
M
Null auth: M in RFC 4305; O in I-D 4305bis
See individual crypto alg's
S
M
M
M
M
DoD: temp must until IKEv2 widely available
IPsec-v2: IKEv1 spec'd key mgmt prot; others allowed
S+
IPsec-v3: IKEv2 default key mgmt prot; others allowed
Node Req's: key mgmt is S; M if need anti-replay etc.
IKEv2
4
4
4
3.3.3
RFC4307
3.1.2
3.1.2
RFC3526
RFC3706
Pre-shared secrets
RSA sig auth
NAT-T in IKEv2
ESN
Cryptographic Algorithms for IKEv2
Diffie-Hellman MODP group 2
Diffie-Hellman MODP group 14
IKEv1 or IKEv2
More MODP DH Groups for IKE
Detecting Dead IKE Peers
S/M
S
S+
S
…more terse view.
USGIPv6-V1.0
Spec /
Condition
RFC2410
RFC4305
Condition/
Context
Section
Title / Definition
18
3.1.1
Security Subprofile
Uses of Cryptographic Algorithms
NULL Encryption
NULL Encryption
RFC4305
RFC4109
RFC4307
2.6
3.1.1
3
3.1.1
RFC3602
RFC4305
RFC4109
RFC4307
3.1.1
3
3.1.1
RFC3686
RFC4305
3.1.1
RFC4309
RFC4305
3.1.2
M
M
M
3DES-CBC
3DES-CBC
3DES-CBC
3DES-CBC
ESP
ESP
IKEv1
IKEv2
M
M
M
M
M
MM
M-
M
M
M
M
AES-CBC with 128 bit keys
AES-CBC with 128 bit keys
AES-CBC with 128 bit keys
ESP
IKEv1
IKEv2
M
M
M
M
S+
S
S+
M
S/M
S/M
S/M
AES-CTR with 128-bit keys
ESP
S
S
S
AES-CCM with 128 bit keys
ESP
O
O
O
128-bit ICV
AES-GCM with 128 bit keys
ESP
ESP
O
O
O
O
O
S
S
S
AES-GMAC with 128 bit keys
ESP
O
O
O
S
S
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1 as a PRF
HMAC-SHA-1 as a PRF
ESP/AH
IKEv1
IKEv2
IKEv1
IKEv2
M
M
M
M
M
M
M
M
M
M
M
AES-XCBC-MAC-96
ESP/AH
S+
S+
S+
S
AES128-XCBC-PRF
AES128-XCBC-PRF
IKEv1
IKEv2
S
S
S+
S
S+
S
AH
O
O
O
AES-CCM
AES-GCM
AES-GMAC
RFC4543
RFC4543
5.4
RFC2404
RFC4305
RFC4109
RFC4307
RFC4109
RFC4307
3.1.1/3.2
3
3.1.1
3
3.1.4
RFC3566
RFC4305
3.1.1/3.2
RFC4434
RFC4109
RFC4307
3
3.1.4+D3
HMAC-SHA-1-96
AES-XCBC-MAC-96
AES-XCBC-PRF-128
AES-GMAC
RFC4543
5.4
M
M
M
AES-CTR
6
8.1
M
ESP
AES-CBC
RFC4106
DoD DISR v 1.1 2006-12-1
Node
Base Std Requirem
Host/ Work
Status
ents
station
Notes / Issues / Discussion.
M
ESP CBC-mode Algorithms
RFC2451
Host
IETF
AES-GMAC with 128 bit keys
M
M
M
M
M
M
How Can You Help?
• Submit comments on the draft USGIPv6 profile!
– [email protected].
• Participate in upcoming forums.
– GSA/OMB “USG IPv6 industry day” – in planning.
– NIST – IPv6 Testing Forum – in planning - ~May 4th
@ NIST.
• Encourage / Embrace User Group Participation
– In industry profiles, testing plans, etc.