The Integration of the Bundle Security Protocol Features into DTN2

1. The Integration of the Bundle Security Protocol Features into DTN2 Walter J. Scheirer and Prof. Mooi Choo Chuah Department of Computer Science and Engineering Lehigh University

2. References: • Bundle Security Protocol Specification • draft-irtf-dtnrg-bundle-security-00, June 8, 2005 • Bundle Protocol Specification • draft-irtf-dtnrg-bundle-spec-03.txt, July 2005 * • draft-irtf-dtnrg-bundle-spec-02.txt, Sept. 2004 • DTN2 • Sept. 6, 2005 CVS revision • Current

3. Major Features • Bundle Authentication Header (BAH) • Payload Security Header (PSH) • Confidentiality Header (CH) • Bundle Fragmentation/Reassembly

4. Summary of Technical Approach • Bundle Authentication Header (BAH) • The BAH is used to assure the authenticity of the bundle along a single hop from sender to recipient • Payload Security Header (PSH) • The PSH is used to assure the authenticity of the bundle from the PSH security source, which creates the PSH, to the PSH security destination, which verifies the PSH authenticator • Confidentiality Header (CH) • The CH is used to indicate that the bundle payload has been encrypted while en route between the CH source and the CH security destination

5. Summary of Technical Approach • Each node will turn on the optional security-related delivery option parameters if it desires certain security features - • if it desires confidentiality, then a CH header must be applied to the bundle • if it desires authentication, a PSH and/or a BAH must be applied and the relevant parts of the bundle digitally signed or MACed appropriately

6. Primary Bundle Header All other Headers BAH (w/ signed Hash value PSH (w/ signed Hash value) Confid. Header Payload Class Len. Payload AE78F98D567BB32CAD5F4D BAH Primary Bundle Header Fragment Header (offset=0) All other Headers Next Hdr Len. Format flag Toilet Paper Ciphersuite ID Payload Segment Size Payload Hash Size Key ID (optional) 0 PSH (w/ signed Hash value) Confid. Header Payload Class Len. Payload AE78F98D Authent. of Hdr & payload segment PSH, confidentiality header and payload class field deleted from successive fragments BAH Primary Bundle Header Fragment Header (offset=9) All other Headers Next Hdr Len. Format flag Toilet Paper Ciphersuite ID Payload Segment Size Payload Hash Size Key ID (optional) 0 Len. 567BB32 Authent. of Hdr & payload segment CAD5F4D Authent. of Hdr & payload segment Bundle with security headers Challenges faced in fragmentation scenario:

7. Implementation Details • Ciphersuites • Have been implemented using the OpenSSL (v. 0.9.7a, Fedora Core 2) library • Significant code addition to servlib/bundling/BundleProtocol.cc • BAH • EntireBundleHMAC, HeadofBundleHMAC, HeadOfBundleSig, EntireBundleSig, EntireBundleMAC

8. Implementation Details • PSH • EntireBundleHMAC • CH • Payload Encryption - Blowfish • Support different combinations of Headers • BAH, PSH, CH; BAH and PSH; BAH and CH

9. Implementation Details • Security Headers Sending Receiving populate header fields parse header fields apply ciphersuite apply ciphersuite append to bundle verify integrity

10. Implementation Details • Protocol Stack TCP Convergence Layer Bundle Transmitted BundleProtocol.cc / format_headers() BundleProtocol.cc / parse_headers() build CH check BAH build PSH check PSH build BAH check CH TCP Convergence Layer Bundle Received

11. Questions?