draft-ietf-opsawg-hmac-sha-2-usm-snmp-new-03.txt   draft-ietf-opsawg-hmac-sha-2-usm-snmp-new-04.txt 
OPSAWG J. Merkle, Ed. OPSAWG J. Merkle, Ed.
Internet-Draft Secunet Security Networks Internet-Draft Secunet Security Networks
Obsoletes: 7630 (if approved) M. Lochter Obsoletes: 7630 (if approved) M. Lochter
Intended status: Standards Track BSI Intended status: Standards Track BSI
Expires: July 29, 2016 January 26, 2016 Expires: August 15, 2016 February 12, 2016
HMAC-SHA-2 Authentication Protocols in USM for SNMPv3 HMAC-SHA-2 Authentication Protocols in USM for SNMPv3
draft-ietf-opsawg-hmac-sha-2-usm-snmp-new-03 draft-ietf-opsawg-hmac-sha-2-usm-snmp-new-04
Abstract Abstract
This memo specifies new HMAC-SHA-2 authentication protocols for the This document specifies several authentication protocols based on the
User-based Security Model (USM) for SNMPv3 defined in RFC 3414. SHA-2 hash functions for the User-based Security Model (USM) for
SNMPv3 defined in RFC 3414. It obsoletes RFC 7630, in which the MIB
MODULE-IDENTITY value was incorrectly specified.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on July 29, 2016. This Internet-Draft will expire on August 15, 2016.
Copyright Notice Copyright Notice
Copyright (c) 2016 IETF Trust and the persons identified as the Copyright (c) 2016 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 10 skipping to change at page 2, line 10
to this document. Code Components extracted from this document must to this document. Code Components extracted from this document must
include Simplified BSD License text as described in Section 4.e of include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License. described in the Simplified BSD License.
Table of Contents Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2 1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . 2
2. The Internet-Standard Management Framework . . . . . . . . . 3 2. The Internet-Standard Management Framework . . . . . . . . . 3
3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3 3. Conventions . . . . . . . . . . . . . . . . . . . . . . . . . 3
4. The HMAC-SHA-2 Authentication Protocols . . . . . . . . . . . 3 4. The HMAC-SHA-2 Authentication Protocols . . . . . . . . . . 3
4.1. Deviations from the HMAC-SHA-96 Authentication Protocol . 4 4.1. Deviations from the HMAC-SHA-96 Authentication Protocol 4
4.2. Processing . . . . . . . . . . . . . . . . . . . . . . . 5 4.2. Processing . . . . . . . . . . . . . . . . . . . . . . . 5
4.2.1. Processing an Outgoing Message . . . . . . . . . . . 5 4.2.1. Processing an Outgoing Message . . . . . . . . . . . 5
4.2.2. Processing an Incoming Message . . . . . . . . . . . 6 4.2.2. Processing an Incoming Message . . . . . . . . . . . 6
5. Key Localization and Key Change . . . . . . . . . . . . . . . 6 5. Key Localization and Key Change . . . . . . . . . . . . . . . 6
6. Structure of the MIB Module . . . . . . . . . . . . . . . . . 6 6. Structure of the MIB Module . . . . . . . . . . . . . . . . . 6
7. Relationship to Other MIB Modules . . . . . . . . . . . . . . 7 7. Relationship to Other MIB Modules . . . . . . . . . . . . . . 7
7.1. Relationship to SNMP-USER-BASED-SM-MIB . . . . . . . . . 7 7.1. Relationship to SNMP-USER-BASED-SM-MIB . . . . . . . . . 7
7.2. Relationship to SNMP-FRAMEWORK-MIB . . . . . . . . . . . 7 7.2. Relationship to SNMP-FRAMEWORK-MIB . . . . . . . . . . . 7
7.3. MIB Modules Required for IMPORTS . . . . . . . . . . . . 7 7.3. MIB Modules Required for IMPORTS . . . . . . . . . . . . 7
8. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 7 8. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 7
9. Security Considerations . . . . . . . . . . . . . . . . . . . 9 9. Security Considerations . . . . . . . . . . . . . . . . . . . 9
9.1. Use of the HMAC-SHA-2 Authentication Protocols in USM . . 9 9.1. Use of the HMAC-SHA-2 Authentication Protocols in USM . 9
9.2. Cryptographic Strength of the Authentication Protocols . 9 9.2. Cryptographic Strength of the Authentication Protocols . 9
9.3. Derivation of Keys from Passwords . . . . . . . . . . . . 10 9.3. Derivation of Keys from Passwords . . . . . . . . . . . 10
9.4. Access to the SNMP-USM-HMAC-SHA2-MIB . . . . . . . . . . 11 9.4. Access to the SNMP-USM-HMAC-SHA2-MIB . . . . . . . . . . 10
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 10
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 11
11.1. Normative References . . . . . . . . . . . . . . . . . . 12 11.1. Normative References . . . . . . . . . . . . . . . . . . 11
11.2. Informative References . . . . . . . . . . . . . . . . . 13 11.2. Informative References . . . . . . . . . . . . . . . . . 12
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction 1. Introduction
This memo defines a portion of the Management Information Base (MIB) Within the Architecture for describing Simple Network Management
for use with network management protocols. In particular, it defines Protocol (SNMP) Management Frameworks [RFC3411], the User-based
additional authentication protocols for the User-based Security Model Security Model (USM) [RFC3414] for SNMPv3 is defined as a Security
(USM) for the Simple Network Management Protocol version 3 (SNMPv3) Subsystem within an SNMP engine. In RFC 3414, two different
specified in [RFC3414]. authentication protocols, HMAC-MD5-96 and HMAC-SHA-96, are defined
based on the hash functions MD5 and SHA-1, respectively.
In RFC 3414, two different authentication protocols, HMAC-MD5-96 and This memo specifies new HMAC-SHA-2 authentication protocols for USM
HMAC-SHA-96, are defined based on the hash functions MD5 and SHA-1, using a Hashed Message Authentication Code (HMAC) based on the SHA-2
respectively. This memo specifies new HMAC-SHA-2 authentication family of hash functions [SHA] and truncated to 128 bits for SHA-224,
protocols for USM using a Hashed Message Authentication Code (HMAC) to 192 bits for SHA-256, to 256 bits for SHA-384, and to 384 bits for
based on the SHA-2 family of hash functions [SHA] and truncated to SHA-512. These protocols are straightforward adaptations of the
128 bits for SHA-224, to 192 bits for SHA-256, to 256 bits for authentication protocols HMAC-MD5-96 and HMAC-SHA-96 to the
SHA-384, and to 384 bits for SHA-512. These protocols are SHA-2-based HMAC.
straightforward adaptations of the authentication protocols HMAC-
MD5-96 and HMAC-SHA-96 to the SHA-2-based HMAC.
This document obsoletes RFC 7630, in which the MIB MODULE-IDENTITY This document obsoletes RFC 7630, in which the MIB MODULE-IDENTITY
value was incorrectly specified. value was incorrectly specified.
2. The Internet-Standard Management Framework 2. The Internet-Standard Management Framework
For a detailed overview of the documents that describe the current For a detailed overview of the documents that describe the current
Internet-Standard Management Framework, please refer to section 7 of Internet-Standard Management Framework, please refer to section 7 of
[RFC3410]. [RFC3410].
skipping to change at page 5, line 12 skipping to change at page 5, line 12
* 64 octets long and derived with SHA-512 for the SHA-512-based * 64 octets long and derived with SHA-512 for the SHA-512-based
protocol usmHMAC384SHA512AuthProtocol protocol usmHMAC384SHA512AuthProtocol
as opposed to the keys being 16 and 20 octets long in HMAC-MD5-96 as opposed to the keys being 16 and 20 octets long in HMAC-MD5-96
and HMAC-SHA-96, respectively. and HMAC-SHA-96, respectively.
4.2. Processing 4.2. Processing
This section describes the procedures for the HMAC-SHA-2 This section describes the procedures for the HMAC-SHA-2
authentication protocols. The descriptions are based on the authentication protocols. The descriptions are based on the
definition of services and data elements defined for HMAC-SHA-96 in definition of services and data elements specified for HMAC-SHA-96 in
RFC 3414 with the deviations listed in Section 4.1. RFC 3414 with the deviations listed in Section 4.1.
Values of constants M (the length of the secret key in octets) and N Values of constants M (the length of the secret key in octets) and N
(the length of the Message Authentication Code (MAC) output in (the length of the Message Authentication Code (MAC) output in
octets), and the hash function H used below are: octets), and the hash function H used below are:
usmHMAC128SHA224AuthProtocol: M=28, N=16, H=SHA-224; usmHMAC128SHA224AuthProtocol: M=28, N=16, H=SHA-224;
usmHMAC192SHA256AuthProtocol: M=32, N=24, H=SHA-256; usmHMAC192SHA256AuthProtocol: M=32, N=24, H=SHA-256;
skipping to change at page 7, line 31 skipping to change at page 7, line 31
MIB module defines new authentication protocols in the MIB module defines new authentication protocols in the
snmpAuthProtocols subtree. snmpAuthProtocols subtree.
7.3. MIB Modules Required for IMPORTS 7.3. MIB Modules Required for IMPORTS
The following MIB module IMPORTS definitions from SNMPv2-SMI The following MIB module IMPORTS definitions from SNMPv2-SMI
[RFC2578] and SNMP-FRAMEWORK-MIB [RFC3411]. [RFC2578] and SNMP-FRAMEWORK-MIB [RFC3411].
8. Definitions 8. Definitions
SNMP-USM-HMAC-SHA2-MIB DEFINITIONS ::= BEGIN SNMP-USM-HMAC-SHA2-MIB DEFINITIONS ::= BEGIN
IMPORTS IMPORTS MODULE-IDENTITY, OBJECT-IDENTITY, mib-2 FROM SNMPv2-SMI
MODULE-IDENTITY, OBJECT-IDENTITY, -- [RFC2578] snmpAuthProtocols FROM SNMP-FRAMEWORK-MIB; -- [RFC3411]
mib-2 FROM SNMPv2-SMI -- [RFC2578]
snmpAuthProtocols FROM SNMP-FRAMEWORK-MIB; -- [RFC3411]
snmpUsmHmacSha2MIB MODULE-IDENTITY
LAST-UPDATED "201510210000Z" -- 21 October 2015, midnight
ORGANIZATION "SNMPv3 Working Group"
CONTACT-INFO "WG email: OPSAWG@ietf.org
Subscribe:
https://www.ietf.org/mailman/listinfo/opsawg
Editor: Johannes Merkle
secunet Security Networks
Postal: Mergenthaler Allee 77
D-65760 Eschborn
Germany
Phone: +49 20154543091
Email: johannes.merkle@secunet.com
- [RFC2578] snmpAuthProtocols FROM SNMP-FRAMEWORK-MIB; -- [RFC3411] snmpUsmHmacSha2MIB MODULE-IDENTITY LAST-UPDATED "201510210000Z" -- 21
Co-Editor: Manfred Lochter October 2015, midnight ORGANIZATION "SNMPv3 Working Group" CONTACT-INFO
Bundesamt fuer Sicherheit in der "WG email: OPSAWG@ietf.org Subscribe:
Informationstechnik (BSI) https://www.ietf.org/mailman/listinfo/opsawg Editor: Johannes Merkle
Postal: Postfach 200363 secunet Security Networks Postal: Mergenthaler Allee 77
D-53133 Bonn D-65760 Eschborn Germany Phone: +49 20154543091 Email:
Germany johannes.merkle@secunet.com
Phone: +49 228 9582 5643
Email: manfred.lochter@bsi.bund.de"
DESCRIPTION "Definitions of Object Identities needed Co-Editor: Manfred Lochter Bundesamt fuer Sicherheit in der
for the use of HMAC-SHA2 by SNMP's User-based Informationstechnik (BSI) Postal: Postfach 200363
Security Model. D-53133 Bonn Germany Phone: +49 228 9582 5643 Email:
manfred.lochter@bsi.bund.de"
Copyright (c) 2015 IETF Trust and the persons identified DESCRIPTION "Definitions of Object Identities needed
as authors of the code. All rights reserved. for the use of HMAC-SHA2 by SNMP's User-based Security Model.
Redistribution and use in source and binary forms, with Copyright (c) 2015 IETF Trust and the persons identified as authors of
or without modification, is permitted pursuant to, and the code. All rights reserved.
subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info)."
REVISION "201510210000Z" -- 21 October 2015, midnight Redistribution and use in source and binary forms, with or without
DESCRIPTION "Version correcting the MODULE-IDENTITY value, published as RFC TBD" modification, is permitted pursuant to, and subject to the license terms
-- RFC Ed.: replace TBD with actual RFC number & remove this line contained in, the Simplified BSD License set forth in Section 4.c of the
REVISION "201508130000Z" -- 13 August 2015, midnight IETF Trust's Legal Provisions Relating to IETF Documents
DESCRIPTION "Initial version, published as RFC 7630" (http://trustee.ietf.org/license-info)."
::= { mib-2 235 } REVISION "201510210000Z" -- 21 October 2015, midnight DESCRIPTION
"Version correcting the MODULE-IDENTITY value, published as RFC TBD"
-- RFC Ed.: replace TBD with actual RFC number & remove this line
REVISION "201508130000Z" -- 13 August 2015, midnight DESCRIPTION
"Initial version, published as RFC 7630" ::= { mib-2 235 }
usmHMAC128SHA224AuthProtocol OBJECT-IDENTITY usmHMAC128SHA224AuthProtocol OBJECT-IDENTITY STATUS current DESCRIPTION
STATUS current "The Authentication Protocol usmHMAC128SHA224AuthProtocol uses
DESCRIPTION "The Authentication Protocol HMAC-SHA-224 and truncates output to 128 bits." REFERENCE "- Krawczyk,
usmHMAC128SHA224AuthProtocol uses HMAC-SHA-224 and H., Bellare, M., and R. Canetti, HMAC: Keyed-Hashing for Message
truncates output to 128 bits." Authentication, RFC 2104. - National Institute of Standards and
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC: Technology, Secure Hash Standard (SHS), FIPS PUB 180-4, 2012." ::= {
Keyed-Hashing for Message Authentication, RFC 2104. snmpAuthProtocols 4 }
- National Institute of Standards and Technology,
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
::= { snmpAuthProtocols 4 }
usmHMAC192SHA256AuthProtocol OBJECT-IDENTITY usmHMAC192SHA256AuthProtocol OBJECT-IDENTITY STATUS current DESCRIPTION
STATUS current "The Authentication Protocol usmHMAC192SHA256AuthProtocol uses
DESCRIPTION "The Authentication Protocol HMAC-SHA-256 and truncates output to 192 bits." REFERENCE "- Krawczyk,
usmHMAC192SHA256AuthProtocol uses HMAC-SHA-256 and H., Bellare, M., and R. Canetti, HMAC: Keyed-Hashing for Message
truncates output to 192 bits." Authentication, RFC 2104. - National Institute of Standards and
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC: Technology, Secure Hash Standard (SHS), FIPS PUB 180-4, 2012." ::= {
Keyed-Hashing for Message Authentication, RFC 2104. snmpAuthProtocols 5 }
- National Institute of Standards and Technology,
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
::= { snmpAuthProtocols 5 }
usmHMAC256SHA384AuthProtocol OBJECT-IDENTITY usmHMAC256SHA384AuthProtocol OBJECT-IDENTITY STATUS current DESCRIPTION
STATUS current "The Authentication Protocol usmHMAC256SHA384AuthProtocol uses
DESCRIPTION "The Authentication Protocol HMAC-SHA-384 and truncates output to 256 bits." REFERENCE "- Krawczyk,
usmHMAC256SHA384AuthProtocol uses HMAC-SHA-384 and H., Bellare, M., and R. Canetti, HMAC: Keyed-Hashing for Message
truncates output to 256 bits." Authentication, RFC 2104. - National Institute of Standards and
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC: Technology, Secure Hash Standard (SHS), FIPS PUB 180-4, 2012." ::= {
Keyed-Hashing for Message Authentication, RFC 2104. snmpAuthProtocols 6 }
- National Institute of Standards and Technology,
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
::= { snmpAuthProtocols 6 }
usmHMAC384SHA512AuthProtocol OBJECT-IDENTITY usmHMAC384SHA512AuthProtocol OBJECT-IDENTITY STATUS current DESCRIPTION
STATUS current "The Authentication Protocol usmHMAC384SHA512AuthProtocol uses
DESCRIPTION "The Authentication Protocol HMAC-SHA-512 and truncates output to 384 bits." REFERENCE "- Krawczyk,
usmHMAC384SHA512AuthProtocol uses HMAC-SHA-512 and H., Bellare, M., and R. Canetti, HMAC: Keyed-Hashing for Message
truncates output to 384 bits." Authentication, RFC 2104. - National Institute of Standards and
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC: Technology, Secure Hash Standard (SHS), FIPS PUB 180-4, 2012." ::= {
Keyed-Hashing for Message Authentication, RFC 2104. snmpAuthProtocols 7 }
- National Institute of Standards and Technology,
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
::= { snmpAuthProtocols 7 }
END END
9. Security Considerations 9. Security Considerations
9.1. Use of the HMAC-SHA-2 Authentication Protocols in USM 9.1. Use of the HMAC-SHA-2 Authentication Protocols in USM
The security considerations of [RFC3414] also apply to the HMAC-SHA-2 The security considerations of [RFC3414] also apply to the HMAC-SHA-2
authentication protocols defined in this document. authentication protocols defined in this document.
9.2. Cryptographic Strength of the Authentication Protocols 9.2. Cryptographic Strength of the Authentication Protocols
At the time of publication of this document, all of the HMAC-SHA-2 At the time of publication of this document, all of the HMAC-SHA-2
 End of changes. 21 change blocks. 
116 lines changed or deleted 87 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/