IPSECME S. Kampati
Internet-Draft Huawei
Intended status: Standards Track Feb 18, 2019
Expires: Aug 22, 2019
IKEv2 Optional SA&TS Payloads in Child Exchange
draft-kampati-ipsecme-ikev2-sa-ts-payloads-opt-00
Abstract
This document describes a method for reduce the size of the Internet
Key Exchange version 2 (IKEv2) exchanges at time of IKE rekey and
Child SA Rekey by removing or making optional of SA & TS payloads.
Reducing size of IKEv2 exchange is desirable for low power
consumption battery powered devices. It also helps to avoid IP
fragmentation of IKEv2 messages.
Status of This Memo
This Internet-Draft is submitted in full conformance with the
provisions of BCP 78 and BCP 79.
Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet-
Drafts is at https://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress."
This Internet-Draft will expire on Aug 22, 2019.
Copyright Notice
Copyright (c) 2019 IETF Trust and the persons identified as the
document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents
(https://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents
carefully, as they describe your rights and restrictions with respect
to this document. Code Components extracted from this document must
Kampati. Expires Aug 22, 2019 [Page 1]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
include Simplified BSD License text as described in Section 4.e of
the Trust Legal Provisions and are provided without warranty as
described in the Simplified BSD License.
Table of Contents
1. Introduction . . . . . . . . . . . . . . . . . . . . . . . . . 2
2. Conventions Used in This Document . . . . . . . . . . . . . . 3
2.1. Requirements Language . . . . . . . . . . . . . . . . . . 3
3. Protocol Details . . . . . . . . . . . . . . . . . . . . . . . 3
3.1 Negotiation . . . . . . . . . . . . . . . . . . . . . . . . 3
3.2 Rekeying IKE SAs with the CREATE_CHILD_SA . . . . . . . . . 4
3.2.1 Exchange with out SA payload . . . . . . . . . . . . . 4
3.2.2 Exchange with optional SA payload . . . . . . . . . . 5
3.2.3 Exchange when there is change in responder . . . . . . 6
3.3 Exchange without SA and TS payload . . . . . . . . . . . . . 7
4 Security Considerations . . . . . . . . . . . . . . . . . . . . 7
5 IANA Considerations . . . . . . . . . . . . . . . . . . . . . . 8
4. References . . . . . . . . . . . . . . . . . . . . . . . . . . 8
4.1. Normative References . . . . . . . . . . . . . . . . . . . 8
4.2. Informative References . . . . . . . . . . . . . . . . . . 8
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 9
1. Introduction
The Internet Key Exchange protocol version 2 (IKEv2) specified in
[RFC7296] is used in the IP Security (IPsec) architecture for the
purposes of Security Association (SA) parameters negotiation and
authenticated key exchange. The protocol uses UDP as the transport
for its messages, which size varies from less than one hundred bytes
to several kBytes.
In 4G network security gateways/ePDG and in 5G networks cRAN/Cloud
will support more than one 100000 IKE/IPSEC tunnels. So on an
average, for every second we encounter many rekeys. This takes huge
amount of bandwidth, packet fragmentation and more processing. This
can be solved by introducing this solution.
This is useful in Internet of Things (IoT) devices which utilizing
lower power consumption technology. The appendix A of [IPSEC-IOT-
REQS] gives some estimate data.
Kampati. Expires Aug 22, 2019 [Page 2]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
Most of devices they don't preferred to change suits frequently.
Taking this advantage we can make SA and TS as optional payloads at
time of IKE SA rekey and IPSEC SA rekey.
In ESP transport mode if when protocol ID and port numbers are any to
any than no need to send TS payloads.
In case of Rekeying IKE SAs with the CREATE_CHILD_SA Exchange Minimum
size of (single set of cryptographic suite)SA payload 52 bytes, we
can replace these payloads with Notify payload N(NEW_SPI) to get SPI
which of Size is 16 bytes. So we are have reduced 36 bytes.
In case of Rekeying Child SAs with the CREATE_CHILD_SA Exchange
Minimum size of SA payload 40 bytes, each TS size 24 bytes (2*24 = 48
bytes). total Size 88 bytes. we can replace these payloads with
Notify payload N(NEW_SPI) to get SPI which of Size is 12 bytes, So
total reduced size is 76 bytes.
2. Conventions Used in This Document
2.1. Requirements Language
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in BCP
14 [RFC2119] [RFC8174] when, and only when, they appear in all
capitals, as shown here.
3. Protocol Details
This section provides protocol details and contains the normative
parts.
3.1 Negotiation
The initiator indicates its support for IKE optional payloads at
rekey and willingness to use it by including a Notification payload
of type IKEV2_REKEY_OPTIONAL_PAYLOAD_SUPPORTED in the IKE_SA_INIT
request message. If the responder also supports this extension and
is willing to use it, it includes this notification in the response
message.
Initiator Responder
-----------------------------------------------------------------
Kampati. Expires Aug 22, 2019 [Page 3]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
HDR(A,0), SAi1, KEi, Ni, -->
N(IKEV2_REKEY_OPTIONAL_PAYLOAD_SUPPORTED)
<-- HDR, SAr1, KEr, Nr, [CERTREQ,]
N(IKEV2_REKEY_OPTIONAL_PAYLOAD_SUPPORTED)
The Notify payload is formatted as follows:
1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next Payload |C| RESERVED | Payload Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Protocol ID(=0)| SPI Size (=0) | Notify Message Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
o Protocol ID (1 octet) - MUST be zero.
o SPI Size (1 octet) - MUST be zero, meaning no Security Parameter
Index (SPI) is present.
o Notify Message Type (2 octets) - MUST be <Need to get value from
IANA>, the value assigned for the
IKEV2_REKEY_OPTIONAL_PAYLOAD_SUPPORTED notification.
3.2 Rekeying IKE SAs with the CREATE_CHILD_SA
IKE REKEY optional SA payloads support MUST NOT be used unless both
peers have indicated their support for it. The NEW_SPI notification
MUST be included in a CREATE_CHILD_SA exchange when there is no SA
payload, The New IKE SA is created with the SPI values in the NEW_SPI
Notify payload.
3.2.1 Exchange with out SA payload
At time of IKE rekey initiator sends NEW_SPI notification payload
instead SA payload when there is no change in initial negotiated
cryptographic suite. Responder sends NEW_SPI notification payload
instead SA payload when there is no change in initial negotiated
cryptographic suite.
An IKEv2 message exchange with this modification is shown below:
Initiator Responder
----------------------------------------------------------------
Kampati. Expires Aug 22, 2019 [Page 4]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
HDR, SK {N(NEW_SPI), Ni} -->
Initiator sends NEW_SPI notification payload, Nonce payload and a
Diffie-Hellman value in the KEi payload.
A new initiator SPI is supplied in the SPI field of the NEW_SPI
notification payload.
The CREATE_CHILD_SA response for creating a new Child SA is:
<-- HDR, SK {N(NEW_SPI), Nr}
The responder replies (using the same Message ID to respond) with the
NEW_SPI notification payload, Nonce payload and a Diffie-Hellman
value in the KEr payload
A new responder SPI is supplied in the SPI field of the SA payload.
NEW_SPI notification payload is included, MUST NOT include NEW_SPI
notification payload.
The Notify payload is formatted as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next Payload |C| RESERVED | Payload Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Protocol ID(=1)| SPI Size (=8) | Notify Message Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Security Parameter Index (SPI) ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
o Protocol ID (1 octet) - MUST be 1.
o SPI Size (1 octet) - this field MUST be 8.
o Notify Message Type (2 octets) - MUST be <To be assigned by
IANA>, the value assigned for the NEW_SPI notification.
o SPI - IKE SPI (4 octets), initiator will send initiator IKE
SPI. Responder will send responder IKE SPI
3.2.2 Exchange with optional SA payload
Kampati. Expires Aug 22, 2019 [Page 5]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
Initiator side new cryptographic suites are added after initial SA
creation, So at time of CREATE_CHILD_SA initiator sends SA payload
when multiple cryptographic suite, but responder selected previous
suits at time of CREATE_CHILD_SA Exchange, so responder MAY send
NEW_SPI notification payload instead of SA payload. so initiator need
to use old IKE SA negotiated cryptographic suits to new IKE SA.
Initiator Responder
--------------------------------------------------------------------
HDR, SK {SA, Ni, KEi} -->
<-- HDR, SK {N(NEW_SPI), Nr}
3.2.3 Exchange when there is change in responder
At time of IKE rekey initiator sends NEW_SPI notification payload
instead SA payload when there is no change in initial negotiated
cryptographic suite. Responder side there is change in cryptographic
suite so responder send NO_PROPOSAL_CHOSEN notification payload to
initiator.
Initiator need to send new rekey request with SA payload.
Initiator Responder
--------------------------------------------------------------------
HDR, SK {N(NEW_SPI), Ni, KEi} -->
<-- HDR, SK {N(NO_PROPOSAL_CHOSEN), Nr, KEr}
HDR, SK {SA, Ni, KEi} -->
<-- HDR, SK {SA, Ni, KEi}
Kampati. Expires Aug 22, 2019 [Page 6]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
3.3 Exchange without SA and TS payload
Child SA REKEY optional SA and TS paylaods, support MUST NOT be used
unless both peers have indicated their support for it.
The NEW_SPI notification MUST be included in a CREATE_CHILD_SA
exchange when there is no SA payload, The New Child SA is created
with the SPI values in the NEW_SPI Notify payload.
An Rekeying Child SAs with the CREATE_CHILD_SA Exchange exchange with
this modification is shown below:
Initiator Responder
------------------------------------------------------------------
HDR, SK {N(NEW_SPI), Ni, [KEi,]} -->
<-- HDR, SK {N(NEW_SPI), Nr, [KEr,]}
The Notify payload is formatted as follows:
0 1 2 3
0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Next Payload |C| RESERVED | Payload Length |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Protocol ID | SPI Size (=4) | Notify Message Type |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Security Parameter Index (SPI) ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
o Protocol ID (1 octet) - this field MUST contain either (2) to
indicate AH or (3) to indicate ESP.
o SPI Size (1 octet) - MUST be 4.
o Notify Message Type (2 octets) - MUST be <Need to get value from
IANA>, the value assigned for the NEW_SPI notification.
o SPI (variable length) - AH/ESP SPI (4 octets), initiator will
send initiator SPI. Responder will send responder SPI
4 Security Considerations
TBD
Kampati. Expires Aug 22, 2019 [Page 7]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
5 IANA Considerations
This document defines two new Notify Message Types in the "Notify
Message Types - Status Types" registry. IANA is requested to assign
codepoints in this registry.
NOTIFY messages: status types Value
----------------------------------------------------------
NEW_SPI TBD
IKEV2_REKEY_OPTIONAL_PAYLOAD_SUPPORTED TBD
4. References
4.1. Normative References
[RFC2119]
Bradner, S., "Key words for use in RFCs to Indicate Requirement
Levels", BCP 14, RFC 2119, DOI 10.17487/RFC2119, March 1997,
<https://www.rfc-editor.org/info/rfc2119>.
[RFC7296]
Kaufman, C., Hoffman, P., Nir, Y., Eronen, P., and T.Kivinen,
"Internet Key Exchange Protocol Version 2 (IKEv2)", STD 79, RFC
7296, DOI 10.17487/RFC7296, October 2014, <https://www.rfc-
editor.org/info/rfc7296>.
[RFC8174]
Leiba, B., "Ambiguity of Uppercase vs Lowercase in RFC 2119 Key
Words", BCP 14, RFC 8174, DOI 10.17487/RFC8174, May 2017,
<https://www.rfc-editor.org/info/rfc8174>.
4.2. Informative References
[IPSEC-IOT-REQS]
Migault, D., Guggemos, T., and C. Bormann, "Requirements for
Diet-ESP the IPsec/ESP protocol for IoT", draft-mglt-6lo-diet-
esp-requirements-02 (work in progress), July 2016.
Kampati. Expires Aug 22, 2019 [Page 8]
Internet-Draft IKEv2 Optional Child SA&TS Payloads Feb 18, 2019
Authors' Addresses
Sandeep Kampati
Huawei Technologies
Divyashree Techno Park, Whitefield
Bangalore, Karnataka 560066
India
Email: sandeepkampati@huawei.com
Kampati. Expires Aug 22, 2019 [Page 9]