Menu
▾
▴
Re: [tipc-discussion] [PATCH RFC 0/5] tipc: add more features to TIPC encryption
|
From: Jon M. <jm...@re...> - 2020-07-10 18:37:51
|
On 7/10/20 6:11 AM, Tuong Lien wrote:
> Hi Jon/all,
>
> As mentioned, I'd like to share the series that I have added some new
> features in order to complete the TIPC encryption:
>
> - Patch 1 ("tipc: fix using smp_processor_id() in preemptible"):
> - Patch 2 ("tipc: optimize key switching time and logic"):
> These two patches just do a bug-fix and optimization for the code as
> a preparation for later commits.
>
> - Patch 3 ("tipc: introduce encryption master key"):
> This will introduce a 'master key' support which is set by user as a
> 'long-term' or static key (e.g. shared between nodes in the cluster in
> user control way). It will act like a key encryption key for the later
> key exchange, as well as allow a new node joins the cluster while it
> has no knowledge of current active session keys in the existing nodes.
>
> The master key setting will use the same 'tipc node set key' command
> but with a 'master' flag (see below).
>
> - Patch 4 ("tipc: add automatic session key exchange"):
> TX key of a node will now be able to be exchanged to peer nodes (
> encrypted/decrypted by the master key) and attached as the
> corresponding RX keys automatically. A node can also 'request' for a TX
> key from peer whenever needed.
>
> This will enable us to do the later rekeying, and also make a new node
> being able to obtain the session keys from existing nodes.
>
> - Patch 5 ("tipc: add automatic rekeying for encryption key"):
> Finally, this patch will add the automatic rekeying which will generate
> a session key on each node at a specific interval. The key will be
> also distributed automatically to peer nodes, so it will be switched to
> be active shortly and traffic will be finally encrypted/decrypted by
> that new key.
>
> The rekeying interval is configurable as well, also user can disable or
> trigger an immediate rekeying if he wants.
>
> Besides, there will be a patch in the 'iproute2/tipc' including the new
> 'tipc node set key' command options, basically it will look like this:
>
> ---------
> $tipc node set key --help
> Usage: tipc node set key KEY [algname ALGNAME] [PROPERTIES]
> tipc node set key rekeying REKEYING
>
> KEY
> Symmetric KEY & SALT as a composite ASCII or hex string (0x...) in form:
> [KEY: 16, 24 or 32 octets][SALT: 4 octets]
>
> ALGNAME
> Cipher algorithm [default: "gcm(aes)"]
>
> PROPERTIES
> master - Set KEY as a cluster master key
> <empty> - Set KEY as a cluster key
> nodeid NODEID - Set KEY as a per-node key for own or peer
>
> REKEYING
> INTERVAL - Set rekeying interval (in minutes) [0: disable]
> now - Trigger one (first) rekeying immediately
>
> EXAMPLES
> tipc node set key 0x746869735F69735F615F6B657931365F73616C74
> tipc node set key this_is_a_key16_salt algname "gcm(aes)" nodeid 1001002
> tipc node set key this_is_a_master_key master rekeying now
> tipc node set key rekeying 600
> ---------
>
> So, please help check the patches and give your comments, thanks a lot!
>
> BR/Tuong
I haven't reviewed this yet, but still have a comment and a question.
1) It would sound less scary if we call this a "cluster key" instead of
a "master key"
2) Do you have any thoughts about how we can replace this key if it ever
gets compromised?
To me it sounds like will need a user space TLS based framework
after all to achieve this.
Regards
///jon
>
> Tuong Lien (5):
> tipc: fix using smp_processor_id() in preemptible
> tipc: optimize key switching time and logic
> tipc: introduce encryption master key
> tipc: add automatic session key exchange
> tipc: add automatic rekeying for encryption key
>
> include/uapi/linux/tipc.h | 2 +
> include/uapi/linux/tipc_netlink.h | 2 +
> net/tipc/crypto.c | 986 ++++++++++++++++++++++++++++----------
> net/tipc/crypto.h | 41 +-
> net/tipc/link.c | 5 +
> net/tipc/msg.h | 10 +-
> net/tipc/netlink.c | 2 +
> net/tipc/node.c | 89 ++--
> net/tipc/node.h | 2 +
> net/tipc/sysctl.c | 9 +
> 10 files changed, 862 insertions(+), 286 deletions(-)
>
|
