[collectd] Authentication/Encryption for the network plugin.

Thorsten von Eicken tve at voneicken.com
Sat Apr 11 18:05:12 CEST 2009 

Cool! I believe a more powerful scheme is needed, but this is a great
start. It would be really good to explain in the man page what you're
signing and encrypting. Also, your english is a bit confusing around the
"Sign" option. I believe you want to say that the receiver requires
signed input data which may optionally also be encrypted.

I'm assuming the signature is something like:
   SHA1(shared_secret + ":" + unsigned_data)
and the resulting packet becomes
   unsigned_data + signature

And is the encryption something like:
   AES(shared_secret, iv + unencrypted_data)
and the resulting packet:
   iv, encrypted_data
where iv is a randomly generated "initialization vector"?
Which mode do you use for AES?

The big downside of all this that I see is that all machines need to
have the same shared secret. I'm wondering whether we can't construct a
simple scheme. Let me try:

- the server gets a master_key
- each client gets a client_hostname and a client_key:
   - the client_hostname should (must?) match the Hostname value in the
client config file
   - the client_key is computed as
     client_key = SHA1(master_key:client_hostname)
     (I don't know whether a salt is required)
- packets sent by the client have the form:
     client_hostname:data:signature
   where:
     - the client_hostname is always in the clear
     - the signature is over the client_hostname and the data
     - the data may be encrypted

I have to admit I haven't thought through the forwarding. The best would
probably be to forward the packets through as-is, without decryption,
reencryption and resignature.

Thoughts?
	Thorsten



Florian Forster wrote:
> Hi,
> 
> I've just finished writing a patch that adds authentication and
> encryption to the network plugin. Each listen socket can be assigned a
> “security level”. Currently, there are three of those:
> 
>  - Encrypt
>    Encrypt outgoing data and only accept encrypted data when receiving.
>  
>  - Sign
>    Outgoing data is signed; signed and encrypted data is accepted when
>    receiving.
>  
>  - None
>    Send without any cryptography and accept anything when receiving.
>  
> The security level and shared secret can be set per-socket, so that
> forwarding instances can re-encrypt and similar goodies.
>  
> The libgcrypt library is used to calculate hashes, encrypt and decrypt,
> see <http://www.gnu.org/software/libgcrypt/>. I tested compiling the
> `network' plugin without libgcrypt afterwards, but haven't tested this
> much yet. Feedback is welcome :)
>  
> Algorithms used are SHA-256 for signing and AES-256 in CBC mode /
> SHA-224 when encrypting. Also, SHA-256 is used to get the 32 byte key
> for AES-256 from the user-supplied secret.
> 
> I'm by no means an encryption expert, so any feedback on this would be
> very welcome, too :)
> 
> As usual, the collectd.conf(5) manual page has more information on
> configuration aspects.
> 
> A bit thank you goes out to Thorsten von Eicken of RightScale who
> motivated me to work into this direction :) I'm sure I would have put
> this off again otherwise ;)
> 
> Regards,
> -octo

More information about the collectd mailing list