Hi Rafa,
Hi Tero, Valery: Please see inline. El 18 jul 2017, a las 17:06, Tero Kivinen <[email protected]> escribió: Valery Smyslov writes: I'm very much concerned with the IKE-less option presented in the draft. First, the Network Controller becomes a very attractive target for attacks in this case, since an attacker, if attack is successful, will gain all the keys for the whole system. And it is big difference if you get the traffic keys, or if you get just the authentication keys used to authenticate the peers when creating traffic keys. [Rafa] Overall, the SDN paradigm states the controller is a trusted entity. The controller can generate session keys based on PNRG and sends those keys and forget about them. No need to store any keys, just generate them and distribute them. Having said this, in SDN paradigm, (and forgetting for a moment about IPsec) , the SDN controller is ALWAYS a very attractive target. Reason: if a SDN controller is attacked the attacker has the control over the network (it can make the entire network no operative). Example: in the SDN paradigm, for example, the “router” does not have routing protocol, just routing/switching table. The SDN controller fills tables. If the SDN is attacked the “router” does not know how to react anymore. [Valery] No, there situations are completely different. If attackers hijacks SDN and makes the entire network no operative, this is an active attack and it is easy to detect and take some measures. On the other hand, if an attacker hijacks SDN, learns all the keys and then just passively eavesdrops all the traffic in the network – you’ll never know that you were really hijacked. That’s much more dangerous. And another consideration. Did you see the ongoing discussion in the TLS WG about the draft draft-green-tls-static-dh-in-tls13 that basically suggests to hand over the TLS keys to some third party for later inspection of encrypted traffic? Your proposal looks like more “superior” approach, since SDN can collaborate with inspection devices handing them over the keys. And the large proportion of security people in the TLS WG seem to find this idea inappropriate for IETF standards in general. Regards, Valery.
_______________________________________________ I2nsf mailing list [email protected] https://www.ietf.org/mailman/listinfo/i2nsf
