draft-ietf-opsawg-hmac-sha-2-usm-snmp-03.txt   draft-ietf-opsawg-hmac-sha-2-usm-snmp-04.txt 
OPSAWG J. Merkle, Ed. OPSAWG J. Merkle, Ed.
Internet-Draft Secunet Security Networks Internet-Draft Secunet Security Networks
Intended status: Standards Track M. Lochter Intended status: Standards Track M. Lochter
Expires: August 22, 2015 BSI Expires: September 24, 2015 BSI
February 18, 2015 March 23, 2015
HMAC-SHA-2 Authentication Protocols in USM for SNMP HMAC-SHA-2 Authentication Protocols in USM for SNMP
draft-ietf-opsawg-hmac-sha-2-usm-snmp-03 draft-ietf-opsawg-hmac-sha-2-usm-snmp-04
Abstract Abstract
This memo specifies new HMAC-SHA-2 authentication protocols for the This memo specifies new HMAC-SHA-2 authentication protocols for the
User-based Security Model (USM) for SNMPv3 defined in RFC 3414. User-based Security Model (USM) for SNMPv3 defined in RFC 3414.
Status of This Memo Status of This Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79. provisions of BCP 78 and BCP 79.
skipping to change at page 1, line 32 skipping to change at page 1, line 32
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on August 22, 2015. This Internet-Draft will expire on September 24, 2015.
Copyright Notice Copyright Notice
Copyright (c) 2015 IETF Trust and the persons identified as the Copyright (c) 2015 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 2, line 23 skipping to change at page 2, line 23
4.2. Processing . . . . . . . . . . . . . . . . . . . . . . . 5 4.2. Processing . . . . . . . . . . . . . . . . . . . . . . . 5
4.2.1. Processing an Outgoing Message . . . . . . . . . . . 5 4.2.1. Processing an Outgoing Message . . . . . . . . . . . 5
4.2.2. Processing an Incoming Message . . . . . . . . . . . 6 4.2.2. Processing an Incoming Message . . . . . . . . . . . 6
5. Key Localization and Key Change . . . . . . . . . . . . . . . 6 5. Key Localization and Key Change . . . . . . . . . . . . . . . 6
6. Structure of the MIB Module . . . . . . . . . . . . . . . . . 6 6. Structure of the MIB Module . . . . . . . . . . . . . . . . . 6
7. Relationship to Other MIB Modules . . . . . . . . . . . . . . 7 7. Relationship to Other MIB Modules . . . . . . . . . . . . . . 7
7.1. Relationship to SNMP-USER-BASED-SM-MIB . . . . . . . . . 7 7.1. Relationship to SNMP-USER-BASED-SM-MIB . . . . . . . . . 7
7.2. Relationship to SNMP-FRAMEWORK-MIB . . . . . . . . . . . 7 7.2. Relationship to SNMP-FRAMEWORK-MIB . . . . . . . . . . . 7
7.3. MIB modules required for IMPORTS . . . . . . . . . . . . 7 7.3. MIB modules required for IMPORTS . . . . . . . . . . . . 7
8. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 7 8. Definitions . . . . . . . . . . . . . . . . . . . . . . . . . 7
9. Security Considerations . . . . . . . . . . . . . . . . . . . 9 9. Security Considerations . . . . . . . . . . . . . . . . . . . 10
9.1. Use of the HMAC-SHA-2 authentication protocols in USM . . 9 9.1. Use of the HMAC-SHA-2 authentication protocols in USM . . 10
9.2. Cryptographic strength of the authentication protocols . 10 9.2. Cryptographic strength of the authentication protocols . 10
9.3. Derivation of keys from passwords . . . . . . . . . . . . 11 9.3. Derivation of keys from passwords . . . . . . . . . . . . 11
9.4. Access to the SNMP-USM-HMAC-SHA2-MIB . . . . . . . . . . 11 9.4. Access to the SNMP-USM-HMAC-SHA2-MIB . . . . . . . . . . 11
10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11 10. IANA Considerations . . . . . . . . . . . . . . . . . . . . . 11
11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12 11. References . . . . . . . . . . . . . . . . . . . . . . . . . 12
11.1. Normative References . . . . . . . . . . . . . . . . . . 12 11.1. Normative References . . . . . . . . . . . . . . . . . . 12
11.2. Informative References . . . . . . . . . . . . . . . . . 13 11.2. Informative References . . . . . . . . . . . . . . . . . 13
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . 13
1. Introduction 1. Introduction
This memo defines a portion of the Management Information Base (MIB) This memo defines a portion of the Management Information Base (MIB)
for use with network management protocols. In particular it defines for use with network management protocols. In particular it defines
additional authentication protocols for the User-based Security Model additional authentication protocols for the User-based Security Model
(USM) for version 3 of the Simple Network Management Protocol (USM) for version 3 of the Simple Network Management Protocol
(SNMPv3) specified in RFC 3414 [RFC3414]. (SNMPv3) specified in RFC 3414 [RFC3414].
In RFC 3414, two different authentication protocols, HMAC-MD5-96 and In RFC 3414, two different authentication protocols, HMAC-MD5-96 and
skipping to change at page 7, line 33 skipping to change at page 7, line 33
Therefore, the use of the HMAC-SHA2 authentication protocols requires Therefore, the use of the HMAC-SHA2 authentication protocols requires
the usage of the objects defined in the SNMP-FRAMEWORK-MIB. the usage of the objects defined in the SNMP-FRAMEWORK-MIB.
7.3. MIB modules required for IMPORTS 7.3. MIB modules required for IMPORTS
The following MIB module IMPORTS objects from SNMPv2-SMI [RFC2578] The following MIB module IMPORTS objects from SNMPv2-SMI [RFC2578]
and SNMP-FRAMEWORK-MIB [RFC3411]. and SNMP-FRAMEWORK-MIB [RFC3411].
8. Definitions 8. Definitions
SNMP-USM-HMAC-SHA2-MIB DEFINITIONS ::= BEGIN SNMP-USM-HMAC-SHA2-MIB DEFINITIONS ::= BEGIN
IMPORTS IMPORTS
MODULE-IDENTITY, OBJECT-IDENTITY, MODULE-IDENTITY, OBJECT-IDENTITY,
snmpModules FROM SNMPv2-SMI -- [RFC2578] snmpModules FROM SNMPv2-SMI -- [RFC2578]
snmpAuthProtocols FROM SNMP-FRAMEWORK-MIB; -- [RFC3411] snmpAuthProtocols FROM SNMP-FRAMEWORK-MIB; -- [RFC3411]
snmpUsmHmacSha2MIB MODULE-IDENTITY snmpUsmHmacSha2MIB MODULE-IDENTITY
LAST-UPDATED "201501150000Z" -- 25 January 2015, midnight LAST-UPDATED "201503090000Z" -- 9th Mar 2015, midnight
ORGANIZATION "SNMPv3 Working Group" -- RFC Ed.: replace with publication date & remove this line
CONTACT-INFO "WG email: OPSAWG@ietf.org ORGANIZATION "SNMPv3 Working Group"
Subscribe: CONTACT-INFO "WG email: OPSAWG@ietf.org
https://www.ietf.org/mailman/listinfo/opsawg Subscribe:
Editor: Johannes Merkle https://www.ietf.org/mailman/listinfo/opsawg
Editor: Johannes Merkle
secunet Security Networks secunet Security Networks
postal: Mergenthaler Allee 77 postal: Mergenthaler Allee 77
D-65760 Eschborn D-65760 Eschborn
Germany Germany
phone: +49 20154543091
email: johannes.merkle@secunet.com
Co-Editor: Manfred Lochter phone: +49 20154543091
email: johannes.merkle@secunet.com
Co-Editor: Manfred Lochter
Bundesamt fuer Sicherheit in der Bundesamt fuer Sicherheit in der
Informationstechnik (BSI) Informationstechnik (BSI)
postal: Postfach 200363 postal: Postfach 200363
D-53133 Bonn D-53133 Bonn
Germany Germany
phone: +49 228 9582 5643 phone: +49 228 9582 5643
email: manfred.lochter@bsi.bund.de" email: manfred.lochter@bsi.bund.de"
DESCRIPTION "Definitions of Object Identities needed
for the use of HMAC-SHA2 by SNMP's User-based
Security Model.
Copyright (C) The Internet Society (2015). DESCRIPTION "Definitions of Object Identities needed
for the use of HMAC-SHA2 by SNMP's User-based
Security Model.
This version of this MIB module is part of RFC TBD; Copyright (c) 2014 IETF Trust and the persons identified
see the RFC itself for full legal notices. as authors of the code. All rights reserved.
Supplementary information may be available on
http://www.ietf.org/copyrights/ianamib.html."
-- RFC Ed.: replace TBD with actual RFC number & remove this line
REVISION "201501150000Z" Redistribution and use in source and binary forms, with
DESCRIPTION "Initial version, published as RFC TBD" or without modification, is permitted pursuant to, and
subject to the license terms contained in, the Simplified
BSD License set forth in Section 4.c of the IETF Trust's
Legal Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info)."
::= { snmpModules nn } -- nn to be assigned by IANA REVISION "201503090000Z" -- 9th Mar 2015, midnight
-- RFC Ed.: replace with publication date & remove this line
DESCRIPTION "Initial version, published as RFC TBD"
-- RFC Ed.: replace TBD with actual RFC number & remove this line
usmHMAC128SHA224AuthProtocol OBJECT-IDENTITY ::= { snmpModules nn } -- nn to be assigned by IANA
STATUS current -- RFC Ed.: replace nn with actual number assigned by IANA & remove
DESCRIPTION "The Authentication Protocol usmHMAC128SHA224AuthProtocol -- this comment
uses HMAC-SHA-224 and truncates output to 128 bits."
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC:
Keyed-Hashing for Message Authentication, RFC 2104.
- National Institute of Standards and Technology,
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
::= { snmpAuthProtocols aa } -- aa to be assigned by IANA
-- RFC Ed.: replace aa with actual number assigned by IANA & remove
-- this comment
usmHMAC192SHA256AuthProtocol OBJECT-IDENTITY usmHMAC128SHA224AuthProtocol OBJECT-IDENTITY
STATUS current STATUS current
DESCRIPTION "The Authentication Protocol usmHMAC192SHA256AuthProtocol DESCRIPTION "The Authentication Protocol
uses HMAC-SHA-256 and truncates output to 192 bits." usmHMAC128SHA224AuthProtocol uses HMAC-SHA-224 and
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC: truncates output to 128 bits."
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC:
Keyed-Hashing for Message Authentication, RFC 2104.
- National Institute of Standards and Technology,
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
::= { snmpAuthProtocols aa } -- aa to be assigned by IANA
-- RFC Ed.: replace aa with actual number assigned by IANA & remove
-- this comment
Keyed-Hashing for Message Authentication, RFC 2104. usmHMAC192SHA256AuthProtocol OBJECT-IDENTITY
- National Institute of Standards and Technology, STATUS current
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012." DESCRIPTION "The Authentication Protocol
::= { snmpAuthProtocols bb } -- bb to be assigned by IANA usmHMAC192SHA256AuthProtocol uses HMAC-SHA-256 and
-- RFC Ed.: replace bb with actual number assigned by IANA & remove truncates output to 192 bits."
-- this comment REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC:
Keyed-Hashing for Message Authentication, RFC 2104.
- National Institute of Standards and Technology,
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
::= { snmpAuthProtocols bb } -- bb to be assigned by IANA
-- RFC Ed.: replace bb with actual number assigned by IANA & remove
-- this comment
usmHMAC256SHA384AuthProtocol OBJECT-IDENTITY usmHMAC256SHA384AuthProtocol OBJECT-IDENTITY
STATUS current STATUS current
DESCRIPTION "The Authentication Protocol usmHMAC256SHA384AuthProtocol DESCRIPTION "The Authentication Protocol
uses HMAC-SHA-384 and truncates output to 256 bits." usmHMAC256SHA384AuthProtocol uses HMAC-SHA-384 and
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC: truncates output to 256 bits."
Keyed-Hashing for Message Authentication, RFC 2104. REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC:
- National Institute of Standards and Technology, Keyed-Hashing for Message Authentication, RFC 2104.
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012." - National Institute of Standards and Technology,
::= { snmpAuthProtocols cc } -- cc to be assigned by IANA Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
-- RFC Ed.: replace cc with actual number assigned by IANA & remove ::= { snmpAuthProtocols cc } -- cc to be assigned by IANA
this comment -- RFC Ed.: replace cc with actual number assigned by IANA & remove
-- this comment
usmHMAC384SHA12AuthProtocol OBJECT-IDENTITY usmHMAC384SHA512AuthProtocol OBJECT-IDENTITY
STATUS current STATUS current
DESCRIPTION "The Authentication Protocol usmHMAC384SHA512AuthProtocol DESCRIPTION "The Authentication Protocol
uses HMAC-SHA-512 and truncates output to 384 bits." usmHMAC384SHA512AuthProtocol uses HMAC-SHA-512 and
REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC: truncates output to 384 bits."
Keyed-Hashing for Message Authentication, RFC 2104. REFERENCE "- Krawczyk, H., Bellare, M., and R. Canetti, HMAC:
- National Institute of Standards and Technology, Keyed-Hashing for Message Authentication, RFC 2104.
Secure Hash Standard (SHS), FIPS PUB 180-4, 2012." - National Institute of Standards and Technology,
::= { snmpAuthProtocols dd } -- dd to be assigned by IANA Secure Hash Standard (SHS), FIPS PUB 180-4, 2012."
-- RFC Ed.: replace dd with actual number assigned by IANA & remove ::= { snmpAuthProtocols dd } -- dd to be assigned by IANA
this comment -- RFC Ed.: replace dd with actual number assigned by IANA & remove
-- this comment
END END
9. Security Considerations 9. Security Considerations
9.1. Use of the HMAC-SHA-2 authentication protocols in USM 9.1. Use of the HMAC-SHA-2 authentication protocols in USM
The security considerations of [RFC3414] also apply to the use of all The security considerations of [RFC3414] also apply to the HMAC-SHA-2
the HMAC-SHA-2 authentication protocols in USM. authentication protocols defined in this document.
9.2. Cryptographic strength of the authentication protocols 9.2. Cryptographic strength of the authentication protocols
At the time of this writing, all of the HMAC-SHA-2 authentication At the time of publication of this document, all of the HMAC-SHA-2
protocols provide a very high level of security. The security of authentication protocols provide a very high level of security. The
each HMAC-SHA-2 authentication protocol depends on the parameters security of each HMAC-SHA-2 authentication protocol depends on the
used in the corresponding HMAC computation, which are the length of parameters used in the corresponding HMAC computation, which are the
the key (if the key has maximum entropy), the size of the hash length of the key (if the key has maximum entropy), the size of the
function's internal state, and the length of the truncated MAC. For hash function's internal state, and the length of the truncated MAC.
the HMAC-SHA-2 authentication protocols these values are as follows For the HMAC-SHA-2 authentication protocols these values are as
(values are given in bits). follows (values are given in bits).
+------------------------------+---------+----------------+---------+ +------------------------------+---------+----------------+---------+
| Protocol | Key | Size of | MAC | | Protocol | Key | Size of | MAC |
| | length | internal state | length | | | length | internal state | length |
+------------------------------+---------+----------------+---------+ +------------------------------+---------+----------------+---------+
| usmHMAC128SHA224AuthProtocol | 224 | 256 | 128 | | usmHMAC128SHA224AuthProtocol | 224 | 256 | 128 |
| usmHMAC192SHA256AuthProtocol | 256 | 256 | 192 | | usmHMAC192SHA256AuthProtocol | 256 | 256 | 192 |
| usmHMAC256SHA384AuthProtocol | 384 | 512 | 256 | | usmHMAC256SHA384AuthProtocol | 384 | 512 | 256 |
| usmHMAC384SHA512AuthProtocol | 512 | 512 | 384 | | usmHMAC384SHA512AuthProtocol | 512 | 512 | 384 |
+------------------------------+---------+----------------+---------+ +------------------------------+---------+----------------+---------+
 End of changes. 24 change blocks. 
93 lines changed or deleted 105 lines changed or added

This html diff was produced by rfcdiff 1.42. The latest version is available from http://tools.ietf.org/tools/rfcdiff/