[Docs] [txt|pdf] [Tracker] [WG] [Email] [Diff1] [Diff2] [Nits]

Versions: 00 01 02 03

DHC Working Group                                                  L. Li
Internet-Draft                                                    Y. Cui
Intended status: Informational                                     J. Wu
Expires: April 21, 2016                              Tsinghua University
                                                        October 19, 2015


                   Opportunistic Security for DHCPv6
                draft-li-dhc-secure-dhcpv6-deployment-01

Abstract

   The Dynamic Host Configuration Protocol for IPv6 (DHCPv6) enables
   DHCPv6 servers to configure network parameters.  To secure DHCPv6,
   the authentication and encryption mechanisms are proposed to protect
   the DHCPv6 privacy information.  However, how to deploy the secure
   DHCPv6 mechanisms for DHCPv6 is not specified.  This draft analyses
   the DHCPv6 threat model and recommend the opportunistic security
   mechanism for DHCPv6 deployment.

Status of This Memo

   This Internet-Draft is submitted in full conformance with the
   provisions of BCP 78 and BCP 79.

   Internet-Drafts are working documents of the Internet Engineering
   Task Force (IETF).  Note that other groups may also distribute
   working documents as Internet-Drafts.  The list of current Internet-
   Drafts is at http://datatracker.ietf.org/drafts/current/.

   Internet-Drafts are draft documents valid for a maximum of six months
   and may be updated, replaced, or obsoleted by other documents at any
   time.  It is inappropriate to use Internet-Drafts as reference
   material or to cite them other than as "work in progress."

   This Internet-Draft will expire on April 21, 2016.

Copyright Notice

   Copyright (c) 2015 IETF Trust and the persons identified as the
   document authors.  All rights reserved.

   This document is subject to BCP 78 and the IETF Trust's Legal
   Provisions Relating to IETF Documents
   (http://trustee.ietf.org/license-info) in effect on the date of
   publication of this document.  Please review these documents
   carefully, as they describe your rights and restrictions with respect
   to this document.  Code Components extracted from this document must



Li, et al.               Expires April 21, 2016                 [Page 1]


Internet-Draft      Opportunistic Security for DHCPv6       October 2015


   include Simplified BSD License text as described in Section 4.e of
   the Trust Legal Provisions and are provided without warranty as
   described in the Simplified BSD License.

Table of Contents

   1.  Introduction  . . . . . . . . . . . . . . . . . . . . . . . .   2
   2.  DHCPv6 threat model . . . . . . . . . . . . . . . . . . . . .   2
   3.  Secure DHCPv6 mechanisms deployment . . . . . . . . . . . . .   3
     3.1.  Secure DHCPv6 Mechanism Deployment Difficulties . . . . .   3
     3.2.  Opportunistic security for DHCP . . . . . . . . . . . . .   3
     3.3.  DHCPv6 authentication deployment  . . . . . . . . . . . .   4
       3.3.1.  TOFU for DHCPv6 authentication deployment . . . . . .   4
       3.3.2.  PKI for DHCPv6 authentication deployment  . . . . . .   5
   4.  Security Considerations . . . . . . . . . . . . . . . . . . .   5
   5.  References  . . . . . . . . . . . . . . . . . . . . . . . . .   5
     5.1.  Normative References  . . . . . . . . . . . . . . . . . .   5
     5.2.  Informative References  . . . . . . . . . . . . . . . . .   6
   Authors' Addresses  . . . . . . . . . . . . . . . . . . . . . . .   6

1.  Introduction

   The Dynamic Host Configuration Protocol for IPv6 [RFC3315] enables
   DHCPv6 servers to configure network parameters dynamically.  Due to
   the unsecured nature of DHCPv6, the various critical identifiers in
   DHCPv6 are vulnerable to several types of attacks, such as pervasive
   monitoring and spoofing attack.  Currently, there have been some
   proposed mechanisms to secure DHCPv6.  Secure DHCPv6
   [I-D.ietf-dhc-sedhcpv6] provides the authentication mechanism between
   DHCPv6 client and server along with the DHCPv6 transaction.
   [I-D.cui-dhc-dhcpv6-encryption] proposes the DHCPv6 encryption
   mechanism between the DHCPv6 client and server.  However, how to
   deploy the proposed secure DHCPv6 mechanisms is still not specified.

   This document analyses the DHCPv6 threat model and recommends the
   opportunistic security mechanism for secure DHCPv6 mechanisms
   deployment to support the incremental deployment.  For the DHCPv6
   authentication deployment, we analysis two deployment schemes: TOFU
   and PKI, which are suitable for different DHCPv6 security
   requirements.

2.  DHCPv6 threat model

   Most of the privacy considerations for DHCPv6 focus on the client
   privacy protection.  As the public service infrastructure, the
   privacy protection of DHCPv6 server and relay agent is less
   important.  DHCPv6 privacy consideration
   [I-D.ietf-dhc-dhcpv6-privacy] analyses the privacy problem for DHCPv6



Li, et al.               Expires April 21, 2016                 [Page 2]


Internet-Draft      Opportunistic Security for DHCPv6       October 2015


   client, listing the various DHCPv6 options containing the privacy
   information and the possible attack to the DHCPv6 client.  The attack
   specific to a DHCPv6 client is the possibility of the "rogue" server,
   which may provide the incorrect information to the client.  In
   addition, the client is also faced up with the pervasive monitoring
   attack.  Pervasive monitoring may gleans the privacy information
   about the IPv6 host, which is used to find location information,
   previously visited networks and so on.  [RFC7258] claims that
   pervasive monitoring should be mitigated in the design of IETF
   protocols, where possible.

   The attack specific to a DHCPv6 server is the possibility of the
   invalid client masquerading as a valid client, which may cause the
   consuming to address resources configured on a DHCPv6 server.

3.  Secure DHCPv6 mechanisms deployment

3.1.  Secure DHCPv6 Mechanism Deployment Difficulties

   Because of the DHCPv6 property, secure DHCPv6 mechanisms deployment
   has some specific difficulties.  For the secure DHCPv6 mechanisms
   deployment, the DHCPv6 server is always assumed to have connectivity
   to authorized CA and verifies the client's certificate.  The
   difficulty for the deployment is that the client is difficult to
   verify the server's identity without access to network.  When the
   client is pre-configured with the server authentication information,
   such as one or multiple CA certificates that form the certification
   path, the server's identity is verified through the pre-configured
   server authentication information.  When the client is not pre-
   configured with the server authentication information, the client has
   no capability to verify the server's identity.  In the scenario where
   the DHCPv6 client is mobile and connects to random networks, the
   client cannot always get pre-configured with the authentication
   information.

3.2.  Opportunistic security for DHCP

   There have been some proposed secure DHCPv6 mechanisms.  Secure
   DHCPv6 [I-D.ietf-dhc-sedhcpv6] provides the authentication mechanism
   between DHCPv6 client and server along with the DHCPv6 transaction.
   [I-D.cui-dhc-dhcpv6-encryption] proposes the DHCPv6 encryption
   mechanism between the DHCPv6 client and server.  The use of secure
   DHCPv6 protects DHCPv6 from active attack, such as spoofing attack.
   The use of DHCPv6 encryption defends DHCPv6 against pervasive
   monitoring and other passive attacks.

   In order to achieve the maximum protection that is available, we
   recommend the opportunistic security for DHCPv6.  Opportunistic



Li, et al.               Expires April 21, 2016                 [Page 3]


Internet-Draft      Opportunistic Security for DHCPv6       October 2015


   security for DHCPv6 use encryption even when authentication is not
   available.  Based on the DHCPv6 security requirement and the client
   capability, the incremental deployment is supported.  When the client
   is pre-configured the server configuration information, it has the
   capability to authenticate the server.  When the client has
   capability to authenticate the server, the client is secure enabled.
   The communication is authenticated and encrypted, which protects the
   DHCPv6 transaction from passive and active attacks.  When the client
   has no capability to authenticate the server, but is informed of the
   server's public key, the client is encrypted enabled.  The
   communication is then not authenticated but encrypted, which protects
   the DHCPv6 transaction from passive attacks, such as pervasive
   monitoring attack.  If the client has no capability to authenticate
   the server and does not know the server's public key, clear text is
   used as the baseline communication security policy.

   In the scenario where the tight security policy is required, such as
   the enterprise networks, the authentication and encryption are both
   required.  Opportunistic security can coexist with the explicit and
   never preempt the explicit security policies.  For example, the
   enterprise's explicit policy is that authenticated and encrypted
   communication is required, which covers the default opportunistic
   security policy.

   In the scenario where the security policy is loss, the DHCPv6 server
   is not pre-configured with the authentication information, such as
   the trusted CA certificates.  So the server authentication is
   optional in order to not impede the following DHCPv6 communication.
   After the public keys exchange, the non-authenticated encryption
   communication is applied to avoid the passive attack.  In this way,
   the DHCPv6 message content is protected from the pervasive
   monitoring.

3.3.  DHCPv6 authentication deployment

   According to the different DHCPv6 security requirement and client
   pre-configured information, different schemes for DHCPv6
   authentication deployment is used. we analysis two deployment
   schemes: TOFU and PKI, which are suitable for different DHCPv6
   security requirements.

3.3.1.  TOFU for DHCPv6 authentication deployment

   TOFU plays a role in the scenario where the DHCPv6 client is mobile
   and connects to random networks.  In such scenario, the secure policy
   is loss and the DHCPv6 client is not previously establish the trusted
   relationship between the DHCPv6 server and client.  The TOFU model
   assumes that an authenticated public key obtained on first contact is



Li, et al.               Expires April 21, 2016                 [Page 4]


Internet-Draft      Opportunistic Security for DHCPv6       October 2015


   good enough to secure future communication.  In addition, for the
   subsequent connections, if the received public key conflicts to the
   cached key, the user may change the current cached kay without any
   validation.

   TOFU-based authentication has a clear improvement over completely
   insecure protocols, and it is also low-cost and simple to deploy.
   However, TOFU-based authentication make it difficult to distinguish
   rouge DHCPv6 servers by accepting any key on the initial connection.
   And it also has no protection against MitM (Man in the Middle)
   attacks without the validation of the conflicted public key.

3.3.2.  PKI for DHCPv6 authentication deployment

   In the scenario where the tight security policy is required and the
   client are stable terminal devices, the PKI model plays a role to
   verify the certificate and perform the authentication.  The client
   validates the server's certificate locally according to the rule
   defined in [RFC5280] through the pre-configured information.  The
   client is pre-configured with the trusted relationship between the
   DHCPv6 client and server, or one or multiple CA certificates, which
   form the certificate path.

   The PKI model achieves the authentication of the certificate all the
   time, which improves the security performance.  However, without the
   pre-configured information, the DHCPv6 communication will fail.  And
   it also brings the deployment difficulties.

4.  Security Considerations

   TBD

5.  References

5.1.  Normative References

   [RFC3315]  Droms, R., Ed., Bound, J., Volz, B., Lemon, T., Perkins,
              C., and M. Carney, "Dynamic Host Configuration Protocol
              for IPv6 (DHCPv6)", RFC 3315, DOI 10.17487/RFC3315, July
              2003, <http://www.rfc-editor.org/info/rfc3315>.

   [RFC5280]  Cooper, D., Santesson, S., Farrell, S., Boeyen, S.,
              Housley, R., and W. Polk, "Internet X.509 Public Key
              Infrastructure Certificate and Certificate Revocation List
              (CRL) Profile", RFC 5280, DOI 10.17487/RFC5280, May 2008,
              <http://www.rfc-editor.org/info/rfc5280>.





Li, et al.               Expires April 21, 2016                 [Page 5]


Internet-Draft      Opportunistic Security for DHCPv6       October 2015


   [RFC7435]  Dukhovni, V., "Opportunistic Security: Some Protection
              Most of the Time", RFC 7435, DOI 10.17487/RFC7435,
              December 2014, <http://www.rfc-editor.org/info/rfc7435>.

5.2.  Informative References

   [I-D.cui-dhc-dhcpv6-encryption]
              Cui, Y., Li, L., Wu, J., and Y. Lee, "Encryption Mechanism
              for DHCPv6", draft-cui-dhc-dhcpv6-encryption-04 (work in
              progress), October 2015.

   [I-D.ietf-dhc-dhcpv6-privacy]
              Krishnan, S., Mrugalski, T., and S. Jiang, "Privacy
              considerations for DHCPv6", draft-ietf-dhc-
              dhcpv6-privacy-01 (work in progress), August 2015.

   [I-D.ietf-dhc-sedhcpv6]
              Jiang, S., Shen, S., Zhang, D., and T. Jinmei, "Secure
              DHCPv6", draft-ietf-dhc-sedhcpv6-08 (work in progress),
              June 2015.

   [RFC7258]  Farrell, S. and H. Tschofenig, "Pervasive Monitoring Is an
              Attack", BCP 188, RFC 7258, DOI 10.17487/RFC7258, May
              2014, <http://www.rfc-editor.org/info/rfc7258>.

Authors' Addresses

   Lishan Li
   Tsinghua University
   Beijing  100084
   P.R.China

   Phone: +86-15201441862
   Email: lilishan9248@126.com


   Yong Cui
   Tsinghua University
   Beijing  100084
   P.R.China

   Phone: +86-10-6260-3059
   Email: yong@csnet1.cs.tsinghua.edu.cn








Li, et al.               Expires April 21, 2016                 [Page 6]


Internet-Draft      Opportunistic Security for DHCPv6       October 2015


   Jianping Wu
   Tsinghua University
   Beijing  100084
   P.R.China

   Phone: +86-10-6278-5983
   Email: jianping@cernet.edu.cn












































Li, et al.               Expires April 21, 2016                 [Page 7]


Html markup produced by rfcmarkup 1.129b, available from https://tools.ietf.org/tools/rfcmarkup/