[LU-8590] Fix issues with SK privacy and integrity mode Created: 07/Sep/16  Updated: 07/Jul/17  Resolved: 26/Oct/16

Status: Resolved
Project: Lustre
Component/s: None
Affects Version/s: Lustre 2.9.0
Fix Version/s: Lustre 2.9.0, Lustre 2.10.0

Type: Bug Priority: Blocker
Reporter: Andreas Dilger Assignee: Jeremy Filizetti
Resolution: Fixed Votes: 0
Labels: None

Issue Links:
Related
is related to LU-3289 IU Shared Secret Key authentication a... Resolved
Severity: 3
Rank (Obsolete): 9223372036854775807

 Description   

Create a new ticket for tracking fixes to GSS/SK, since LU-3289 (the main feature implementation tracker) has been closed since the SSK feature is landed for 2.9.0 already.

Several fixes are needed for skpi:

1. The original SK patches failed to account for out of order
handling of RPCs and bulk pages during encryption. As a result
clients would be out of sync with the IV used for decryption.
This patches moves the encryption to a format similar to RFC3686
to handle these RPCs and bulk pages.

2. A header was added to the SK mode RPCs to allow versioning and
send the unencrypted IV used for an RPC. The versioning will allow
for future protocol changes.

3. Several changes to fix or improve security of the implementation
based on a security review from Matthew Wood at Intel:

  • Derive a unique key for integrity modes instead of using the
    shared secret key (ska, ski, and skpi modes). This helps prevent
    replays.
  • Use PBKDF2 instead of HMAC to derive keys for integrity and
    encryption.
  • Have the server side pass a random value (like the client) and
    incorporate this value into the key binding information.

4. Store generated prime into the client key file to avoid generating
a new prime for every connection, which takes too long.

5. Increase the default key size to 2048 bits, after #4 is done.

Since #1 and #2 are network protocol changes, this is a blocker for the 2.9.0 release.

 Comments   
Comment by Peter Jones [ 07/Sep/16 ]

Items #1-3 are addressed by patch
http://review.whamcloud.com/21922

Comment by Gerrit Updater [ 06/Oct/16 ]

Andreas Dilger (andreas.dilger@intel.com) uploaded a new patch: http://review.whamcloud.com/22987
Subject: LU-8590 ssk: increase default keylen to 2048 bits
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 5bb5749cc3ad301b6d21174cd1b97583b7c08e50

Comment by Gerrit Updater [ 26/Oct/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/23322/
Subject: LU-8590 gss: Move DH parameter generation out of upcall
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 2de43286f95281648881033062abf9503bd60541

Comment by Peter Jones [ 26/Oct/16 ]

Landed for 2.9

Comment by Gerrit Updater [ 10/Nov/16 ]

Andreas Dilger (andreas.dilger@intel.com) uploaded a new patch: http://review.whamcloud.com/23691
Subject: LU-8590 gss: fix minor issues in lgss_sk usage
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: a4a607f40012a6c7365b26f59a1b97a1a095bfd6

Comment by Gerrit Updater [ 11/Nov/16 ]

Andreas Dilger (andreas.dilger@intel.com) uploaded a new patch: http://review.whamcloud.com/23722
Subject: LU-8590 utils: remove duplicate code in lgss_sk
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 265b5ee8af385086a6ba9b729c02573b26b7647b

Comment by Gerrit Updater [ 23/Nov/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch http://review.whamcloud.com/23691/
Subject: LU-8590 utils: fix minor issues in lgss_sk usage
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 075f98e585a27b846ebd26f1d70a77eefb0f8c5f

Comment by Gerrit Updater [ 17/Dec/16 ]

Oleg Drokin (oleg.drokin@intel.com) merged in patch https://review.whamcloud.com/23722/
Subject: LU-8590 utils: remove duplicate code in lgss_sk
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: a598df837b946711407ec93eed08f144dae6d35a

Generated at Sat Feb 10 02:18:53 UTC 2024 using Jira 9.4.14#940014-sha1:734e6822bbf0d45eff9af51f82432957f73aa32c.