| SNMP-USM-DH-OBJECTS-MIB DEFINITIONS ::= BEGIN |
| |
| IMPORTS |
| MODULE-IDENTITY, OBJECT-TYPE, |
| -- OBJECT-IDENTITY, |
| experimental, Integer32 |
| FROM SNMPv2-SMI |
| TEXTUAL-CONVENTION |
| FROM SNMPv2-TC |
| MODULE-COMPLIANCE, OBJECT-GROUP |
| FROM SNMPv2-CONF |
| usmUserEntry |
| FROM SNMP-USER-BASED-SM-MIB |
| SnmpAdminString |
| FROM SNMP-FRAMEWORK-MIB; |
| |
| snmpUsmDHObjectsMIB MODULE-IDENTITY |
| LAST-UPDATED "200003060000Z" -- 6 March 2000, Midnight |
| ORGANIZATION "Excite@Home" |
| CONTACT-INFO "Author: Mike StJohns |
| Postal: Excite@Home |
| 450 Broadway |
| Redwood City, CA 94063 |
| Email: stjohns@corp.home.net |
| Phone: +1-650-556-5368" |
| DESCRIPTION |
| "The management information definitions for providing forward |
| secrecy for key changes for the usmUserTable, and for providing a |
| method for 'kickstarting' access to the agent via a Diffie-Helman |
| key agreement." |
| |
| REVISION "200003060000Z" |
| DESCRIPTION |
| "Initial version published as RFC 2786." |
| ::= { experimental 101 } -- IANA DHKEY-CHANGE 101 |
| |
| -- Administrative assignments |
| |
| usmDHKeyObjects OBJECT IDENTIFIER ::= { snmpUsmDHObjectsMIB 1 } |
| usmDHKeyConformance OBJECT IDENTIFIER ::= { snmpUsmDHObjectsMIB 2 } |
| |
| -- Textual conventions |
| |
| DHKeyChange ::= TEXTUAL-CONVENTION |
| STATUS current |
| DESCRIPTION |
| "Upon initialization, or upon creation of a row containing an |
| object of this type, and after any successful SET of this value, a |
| GET of this value returns 'y' where y = g^xa MOD p, and where g is |
| the base from usmDHParameters, p is the prime from |
| usmDHParameters, and xa is a new random integer selected by the |
| agent in the interval 2^(l-1) <= xa < 2^l < p-1. 'l' is the |
| optional privateValueLength from usmDHParameters in bits. If 'l' |
| is omitted, then xa (and xr below) is selected in the interval 0 |
| <= xa < p-1. y is expressed as an OCTET STRING 'PV' of length 'k' |
| which satisfies |
| |
| k |
| y = SUM 2^(8(k-i)) PV'i |
| i=1 |
| |
| where PV1,...,PVk are the octets of PV from first to last, and |
| where PV1 <> 0. |
| |
| A successful SET consists of the value 'y' expressed as an OCTET |
| STRING as above concatenated with the value 'z'(expressed as an |
| OCTET STRING in the same manner as y) where z = g^xr MOD p, where |
| g, p and l are as above, and where xr is a new random integer |
| selected by the manager in the interval 2^(l-1) <= xr < 2^l < |
| p-1. A SET to an object of this type will fail with the error |
| wrongValue if the current 'y' does not match the 'y' portion of |
| the value of the varbind for the object. (E.g. GET yout, SET |
| concat(yin, z), yout <> yin). |
| |
| Note that the private values xa and xr are never transmitted from |
| manager to device or vice versa, only the values y and z. |
| Obviously, these values must be retained until a successful SET on |
| the associated object. |
| |
| The shared secret 'sk' is calculated at the agent as sk = z^xa MOD |
| p, and at the manager as sk = y^xr MOD p. |
| |
| Each object definition of this type MUST describe how to map from |
| the shared secret 'sk' to the operational key value used by the |
| protocols and operations related to the object. In general, if n |
| bits of key are required, the author suggests using the n |
| right-most bits of the shared secret as the operational key value." |
| REFERENCE |
| "-- Diffie-Hellman Key-Agreement Standard, PKCS #3; |
| RSA Laboratories, November 1993" |
| SYNTAX OCTET STRING |
| |
| -- Diffie Hellman public values |
| |
| usmDHPublicObjects OBJECT IDENTIFIER ::= { usmDHKeyObjects 1 } |
| |
| usmDHParameters OBJECT-TYPE |
| SYNTAX OCTET STRING |
| MAX-ACCESS read-write |
| STATUS current |
| DESCRIPTION |
| "The public Diffie-Hellman parameters for doing a Diffie-Hellman |
| key agreement for this device. This is encoded as an ASN.1 |
| DHParameter per PKCS #3, section 9. E.g. |
| |
| DHParameter ::= SEQUENCE { |
| prime INTEGER, -- p |
| base INTEGER, -- g |
| privateValueLength INTEGER OPTIONAL } |
| |
| Implementors are encouraged to use either the values from |
| Oakley Group 1 or the values of from Oakley Group 2 as specified |
| in RFC-2409, The Internet Key Exchange, Section 6.1, 6.2 as the |
| default for this object. Other values may be used, but the |
| security properties of those values MUST be well understood and |
| MUST meet the requirements of PKCS #3 for the selection of |
| Diffie-Hellman primes. |
| |
| In addition, any time usmDHParameters changes, all values of |
| type DHKeyChange will change and new random numbers MUST be |
| generated by the agent for each DHKeyChange object." |
| REFERENCE |
| "-- Diffie-Hellman Key-Agreement Standard, PKCS #3, |
| RSA Laboratories, November 1993 |
| -- The Internet Key Exchange, RFC 2409, November 1998, |
| Sec 6.1, 6.2" |
| ::= { usmDHPublicObjects 1 } |
| |
| usmDHUserKeyTable OBJECT-TYPE |
| SYNTAX SEQUENCE OF UsmDHUserKeyEntry |
| MAX-ACCESS not-accessible |
| STATUS current |
| DESCRIPTION |
| "This table augments and extends the usmUserTable and provides |
| 4 objects which exactly mirror the objects in that table with the |
| textual convention of 'KeyChange'. This extension allows key |
| changes to be done in a manner where the knowledge of the current |
| secret plus knowledge of the key change data exchanges (e.g. via |
| wiretapping) will not reveal the new key." |
| ::= { usmDHPublicObjects 2 } |
| |
| usmDHUserKeyEntry OBJECT-TYPE |
| SYNTAX UsmDHUserKeyEntry |
| MAX-ACCESS not-accessible |
| STATUS current |
| DESCRIPTION |
| "A row of DHKeyChange objects which augment or replace the |
| functionality of the KeyChange objects in the base table row." |
| AUGMENTS { usmUserEntry } |
| ::= {usmDHUserKeyTable 1 } |
| |
| UsmDHUserKeyEntry ::= SEQUENCE { |
| usmDHUserAuthKeyChange DHKeyChange, |
| usmDHUserOwnAuthKeyChange DHKeyChange, |
| usmDHUserPrivKeyChange DHKeyChange, |
| usmDHUserOwnPrivKeyChange DHKeyChange |
| } |
| |
| usmDHUserAuthKeyChange OBJECT-TYPE |
| SYNTAX DHKeyChange |
| MAX-ACCESS read-create |
| STATUS current |
| DESCRIPTION |
| "The object used to change any given user's Authentication Key |
| using a Diffie-Hellman key exchange. |
| |
| The right-most n bits of the shared secret 'sk', where 'n' is the |
| number of bits required for the protocol defined by |
| usmUserAuthProtocol, are installed as the operational |
| authentication key for this row after a successful SET." |
| ::= { usmDHUserKeyEntry 1 } |
| |
| usmDHUserOwnAuthKeyChange OBJECT-TYPE |
| SYNTAX DHKeyChange |
| MAX-ACCESS read-create |
| STATUS current |
| DESCRIPTION |
| "The object used to change the agents own Authentication Key |
| using a Diffie-Hellman key exchange. |
| |
| The right-most n bits of the shared secret 'sk', where 'n' is the |
| number of bits required for the protocol defined by |
| usmUserAuthProtocol, are installed as the operational |
| authentication key for this row after a successful SET." |
| ::= { usmDHUserKeyEntry 2 } |
| |
| usmDHUserPrivKeyChange OBJECT-TYPE |
| SYNTAX DHKeyChange |
| MAX-ACCESS read-create |
| STATUS current |
| DESCRIPTION |
| "The object used to change any given user's Privacy Key using |
| a Diffie-Hellman key exchange. |
| |
| The right-most n bits of the shared secret 'sk', where 'n' is the |
| number of bits required for the protocol defined by |
| usmUserPrivProtocol, are installed as the operational privacy key |
| for this row after a successful SET." |
| ::= { usmDHUserKeyEntry 3 } |
| |
| usmDHUserOwnPrivKeyChange OBJECT-TYPE |
| SYNTAX DHKeyChange |
| MAX-ACCESS read-create |
| STATUS current |
| DESCRIPTION |
| "The object used to change the agent's own Privacy Key using a |
| Diffie-Hellman key exchange. |
| |
| The right-most n bits of the shared secret 'sk', where 'n' is the |
| number of bits required for the protocol defined by |
| usmUserPrivProtocol, are installed as the operational privacy key |
| for this row after a successful SET." |
| ::= { usmDHUserKeyEntry 4 } |
| |
| usmDHKickstartGroup OBJECT IDENTIFIER ::= { usmDHKeyObjects 2 } |
| |
| usmDHKickstartTable OBJECT-TYPE |
| SYNTAX SEQUENCE OF UsmDHKickstartEntry |
| MAX-ACCESS not-accessible |
| STATUS current |
| DESCRIPTION |
| "A table of mappings between zero or more Diffie-Helman key |
| agreement values and entries in the usmUserTable. Entries in this |
| table are created by providing the associated device with a |
| Diffie-Helman public value and a usmUserName/usmUserSecurityName |
| pair during initialization. How these values are provided is |
| outside the scope of this MIB, but could be provided manually, or |
| through a configuration file. Valid public value/name pairs |
| result in the creation of a row in this table as well as the |
| creation of an associated row (with keys derived as indicated) in |
| the usmUserTable. The actual access the related usmSecurityName |
| has is dependent on the entries in the VACM tables. In general, |
| an implementor will specify one or more standard security names |
| and will provide entries in the VACM tables granting various |
| levels of access to those names. The actual content of the VACM |
| |
| table is beyond the scope of this MIB. |
| |
| Note: This table is expected to be readable without authentication |
| using the usmUserSecurityName 'dhKickstart'. See the conformance |
| statements for details." |
| ::= { usmDHKickstartGroup 1 } |
| |
| usmDHKickstartEntry OBJECT-TYPE |
| SYNTAX UsmDHKickstartEntry |
| MAX-ACCESS not-accessible |
| STATUS current |
| DESCRIPTION |
| "An entry in the usmDHKickstartTable. The agent SHOULD either |
| delete this entry or mark it as inactive upon a successful SET of |
| any of the KeyChange-typed objects in the usmUserEntry or upon a |
| successful SET of any of the DHKeyChange-typed objects in the |
| usmDhKeyChangeEntry where the related usmSecurityName (e.g. row of |
| usmUserTable or row of ushDhKeyChangeTable) equals this entry's |
| usmDhKickstartSecurityName. In otherwords, once you've changed |
| one or more of the keys for a row in usmUserTable with a |
| particular security name, the row in this table with that same |
| security name is no longer useful or meaningful." |
| INDEX { usmDHKickstartIndex } |
| ::= {usmDHKickstartTable 1 } |
| |
| UsmDHKickstartEntry ::= SEQUENCE { |
| usmDHKickstartIndex Integer32, |
| usmDHKickstartMyPublic OCTET STRING, |
| usmDHKickstartMgrPublic OCTET STRING, |
| usmDHKickstartSecurityName SnmpAdminString |
| } |
| |
| usmDHKickstartIndex OBJECT-TYPE |
| SYNTAX Integer32 (1..2147483647) |
| MAX-ACCESS not-accessible |
| STATUS current |
| DESCRIPTION |
| "Index value for this row." |
| ::= { usmDHKickstartEntry 1 } |
| |
| usmDHKickstartMyPublic OBJECT-TYPE |
| SYNTAX OCTET STRING |
| MAX-ACCESS read-only |
| STATUS current |
| DESCRIPTION |
| "The agent's Diffie-Hellman public value for this row. At |
| |
| initialization, the agent generates a random number and derives |
| its public value from that number. This public value is published |
| here. This public value 'y' equals g^r MOD p where g is the from |
| the set of Diffie-Hellman parameters, p is the prime from those |
| parameters, and r is a random integer selected by the agent in the |
| interval 2^(l-1) <= r < p-1 < 2^l. If l is unspecified, then r is |
| a random integer selected in the interval 0 <= r < p-1 |
| |
| The public value is expressed as an OCTET STRING 'PV' of length |
| 'k' which satisfies |
| |
| k |
| y = SUM 2^(8(k-i)) PV'i |
| i = 1 |
| |
| where PV1,...,PVk are the octets of PV from first to last, and |
| where PV1 != 0. |
| |
| The following DH parameters (Oakley group #2, RFC 2409, sec 6.1, |
| 6.2) are used for this object: |
| |
| g = 2 |
| p = FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 |
| 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD |
| EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 |
| E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED |
| EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 |
| FFFFFFFF FFFFFFFF |
| l=1024 |
| " |
| REFERENCE |
| "-- Diffie-Hellman Key-Agreement Standard, PKCS#3v1.4; |
| RSA Laboratories, November 1993 |
| -- The Internet Key Exchange, RFC2409; |
| Harkins, D., Carrel, D.; November 1998" |
| ::= { usmDHKickstartEntry 2 } |
| |
| usmDHKickstartMgrPublic OBJECT-TYPE |
| SYNTAX OCTET STRING |
| MAX-ACCESS read-only |
| STATUS current |
| DESCRIPTION |
| "The manager's Diffie-Hellman public value for this row. Note |
| that this value is not set via the SNMP agent, but may be set via |
| some out of band method, such as the device's configuration file. |
| |
| The manager calculates this value in the same manner and using the |
| same parameter set as the agent does. E.g. it selects a random |
| number 'r', calculates y = g^r mod p and provides 'y' as the |
| public number expressed as an OCTET STRING. See |
| usmDHKickstartMyPublic for details. |
| |
| When this object is set with a valid value during initialization, |
| a row is created in the usmUserTable with the following values: |
| |
| usmUserEngineID localEngineID |
| usmUserName [value of usmDHKickstartSecurityName] |
| usmUserSecurityName [value of usmDHKickstartSecurityName] |
| usmUserCloneFrom ZeroDotZero |
| usmUserAuthProtocol usmHMACMD5AuthProtocol |
| usmUserAuthKeyChange -- derived from set value |
| usmUserOwnAuthKeyChange -- derived from set value |
| usmUserPrivProtocol usmDESPrivProtocol |
| usmUserPrivKeyChange -- derived from set value |
| usmUserOwnPrivKeyChange -- derived from set value |
| usmUserPublic '' |
| usmUserStorageType permanent |
| usmUserStatus active |
| |
| A shared secret 'sk' is calculated at the agent as sk = |
| mgrPublic^r mod p where r is the agents random number and p is the |
| DH prime from the common parameters. The underlying privacy key |
| for this row is derived from sk by applying the key derivation |
| function PBKDF2 defined in PKCS#5v2.0 with a salt of 0xd1310ba6, |
| and iterationCount of 500, a keyLength of 16 (for |
| usmDESPrivProtocol), and a prf (pseudo random function) of |
| 'id-hmacWithSHA1'. The underlying authentication key for this row |
| is derived from sk by applying the key derivation function PBKDF2 |
| with a salt of 0x98dfb5ac , an interation count of 500, a |
| keyLength of 16 (for usmHMAC5AuthProtocol), and a prf of |
| 'id-hmacWithSHA1'. Note: The salts are the first two words in the |
| ks0 [key schedule 0] of the BLOWFISH cipher from 'Applied |
| Cryptography' by Bruce Schnier - they could be any relatively |
| random string of bits. |
| |
| The manager can use its knowledge of its own random number and the |
| agent's public value to kickstart its access to the agent in a |
| secure manner. Note that the security of this approach is |
| directly related to the strength of the authorization security of |
| the out of band provisioning of the managers public value |
| (e.g. the configuration file), but is not dependent at all on the |
| strength of the confidentiality of the out of band provisioning |
| data." |
| REFERENCE |
| "-- Password-Based Cryptography Standard, PKCS#5v2.0; |
| RSA Laboratories, March 1999 |
| -- Applied Cryptography, 2nd Ed.; B. Schneier, |
| Counterpane Systems; John Wiley & Sons, 1996" |
| ::= { usmDHKickstartEntry 3 } |
| |
| usmDHKickstartSecurityName OBJECT-TYPE |
| SYNTAX SnmpAdminString |
| MAX-ACCESS read-only |
| STATUS current |
| DESCRIPTION |
| "The usmUserName and usmUserSecurityName in the usmUserTable |
| associated with this row. This is provided in the same manner and |
| at the same time as the usmDHKickstartMgrPublic value - |
| e.g. possibly manually, or via the device's configuration file." |
| ::= { usmDHKickstartEntry 4 } |
| |
| -- Conformance Information |
| |
| usmDHKeyMIBCompliances OBJECT IDENTIFIER ::= { usmDHKeyConformance 1 } |
| usmDHKeyMIBGroups OBJECT IDENTIFIER ::= { usmDHKeyConformance 2 } |
| |
| -- Compliance statements |
| |
| usmDHKeyMIBCompliance MODULE-COMPLIANCE |
| STATUS current |
| DESCRIPTION |
| "The compliance statement for this module." |
| MODULE |
| GROUP usmDHKeyMIBBasicGroup |
| DESCRIPTION |
| "This group MAY be implemented by any agent which |
| implements the usmUserTable and which wishes to provide the |
| ability to change user and agent authentication and privacy |
| keys via Diffie-Hellman key exchanges." |
| |
| GROUP usmDHKeyParamGroup |
| DESCRIPTION |
| "This group MUST be implemented by any agent which |
| implements a MIB containing the DHKeyChange Textual |
| Convention defined in this module." |
| |
| GROUP usmDHKeyKickstartGroup |
| DESCRIPTION |
| "This group MAY be implemented by any agent which |
| implements the usmUserTable and which wishes the ability to |
| populate the USM table based on out-of-band provided DH |
| ignition values. |
| |
| Any agent implementing this group is expected to provide |
| preinstalled entries in the vacm tables as follows: |
| |
| In the usmUserTable: This entry allows access to the |
| system and dhKickstart groups |
| |
| usmUserEngineID localEngineID |
| usmUserName 'dhKickstart' |
| usmUserSecurityName 'dhKickstart' |
| usmUserCloneFrom ZeroDotZero |
| usmUserAuthProtocol none |
| usmUserAuthKeyChange '' |
| usmUserOwnAuthKeyChange '' |
| usmUserPrivProtocol none |
| usmUserPrivKeyChange '' |
| usmUserOwnPrivKeyChange '' |
| usmUserPublic '' |
| usmUserStorageType permanent |
| usmUserStatus active |
| |
| In the vacmSecurityToGroupTable: This maps the initial |
| user into the accessible objects. |
| |
| vacmSecurityModel 3 (USM) |
| vacmSecurityName 'dhKickstart' |
| vacmGroupName 'dhKickstart' |
| vacmSecurityToGroupStorageType permanent |
| vacmSecurityToGroupStatus active |
| |
| In the vacmAccessTable: Group name to view name translation. |
| |
| vacmGroupName 'dhKickstart' |
| vacmAccessContextPrefix '' |
| vacmAccessSecurityModel 3 (USM) |
| vacmAccessSecurityLevel noAuthNoPriv |
| vacmAccessContextMatch exact |
| vacmAccessReadViewName 'dhKickRestricted' |
| vacmAccessWriteViewName '' |
| vacmAccessNotifyViewName 'dhKickRestricted' |
| vacmAccessStorageType permanent |
| vacmAccessStatus active |
| |
| In the vacmViewTreeFamilyTable: Two entries to allow the |
| initial entry to access the system and kickstart groups. |
| |
| vacmViewTreeFamilyViewName 'dhKickRestricted' |
| vacmViewTreeFamilySubtree 1.3.6.1.2.1.1 (system) |
| vacmViewTreeFamilyMask '' |
| |
| vacmViewTreeFamilyType 1 |
| vacmViewTreeFamilyStorageType permanent |
| vacmViewTreeFamilyStatus active |
| |
| vacmViewTreeFamilyViewName 'dhKickRestricted' |
| vacmViewTreeFamilySubtree (usmDHKickstartTable OID) |
| vacmViewTreeFamilyMask '' |
| vacmViewTreeFamilyType 1 |
| vacmViewTreeFamilyStorageType permanent |
| vacmViewTreeFamilyStatus active |
| " |
| |
| OBJECT usmDHParameters |
| MIN-ACCESS read-only |
| DESCRIPTION |
| "It is compliant to implement this object as read-only for |
| any device." |
| ::= { usmDHKeyMIBCompliances 1 } |
| |
| -- Units of Compliance |
| |
| usmDHKeyMIBBasicGroup OBJECT-GROUP |
| OBJECTS { |
| usmDHUserAuthKeyChange, |
| usmDHUserOwnAuthKeyChange, |
| usmDHUserPrivKeyChange, |
| usmDHUserOwnPrivKeyChange |
| } |
| STATUS current |
| DESCRIPTION |
| "" |
| ::= { usmDHKeyMIBGroups 1 } |
| |
| usmDHKeyParamGroup OBJECT-GROUP |
| OBJECTS { |
| usmDHParameters |
| } |
| STATUS current |
| DESCRIPTION |
| "The mandatory object for all MIBs which use the DHKeyChange |
| textual convention." |
| ::= { usmDHKeyMIBGroups 2 } |
| |
| usmDHKeyKickstartGroup OBJECT-GROUP |
| OBJECTS { |
| usmDHKickstartMyPublic, |
| usmDHKickstartMgrPublic, |
| usmDHKickstartSecurityName |
| } |
| STATUS current |
| DESCRIPTION |
| "The objects used for kickstarting one or more SNMPv3 USM |
| associations via a configuration file or other out of band, |
| non-confidential access." |
| ::= { usmDHKeyMIBGroups 3 } |
| |
| END |