Protecting data in buffer with an SA

Kevin D Butt kdbutt at us.ibm.com
Fri Mar 6 17:42:28 PST 2009


Formatted message: <a href="http://www.t10.org/cgi-bin/ac.pl?t=r&f=r0903063_f.htm">HTML-formatted message</a>

After further review, it appears that we could protect the request for an 
ESP-SCSI data-in using an extended CDB as well.
We could do something like:
------------------------
|     opcode 7Eh
-----------------------
|      reserved
-----------------------
|      length
----------------------
|     CDB
--------------------
       XCDB descriptors
Begin this new descriptor
--------------------
|    AC_SAI
-------------------
|   DS_SAI
------------------
|    Sequence Number
------------------
|   Salt (??)
-------------------
|   Integrity Check Value (ICV) (created using the SA computed beginning 
with the CDB field and continue up to the beginning of the ICV)
-------------------
End this new descriptor
This may need to be refined during the proposal revisions when everything 
is taken into consideration - like other XCDB descriptors which might be 
before this one, etc.
Question 1:  Does this look like a correct direction to take?
Question 2:  We see the need to protect Security Protocol In data.  While 
I dread the thought of this next question, we assume this needs to be 
covered in CAP.  Since it has to be covered in CAP (i.e., SPC-4) we wonder 
if it doesn't make sense to make a general solution where any data-in or 
data-out command could be placed in the CDB field.  Of course this would 
require a new additional sense code for "Device does not support using SA 
for the specified command".  --> Do people believe that a general solution 
should be attempted (and 6 months of my time swallowed up)?
Thanks,
Kevin D. Butt
SCSI & Fibre Channel Architect, Tape Firmware
MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
Tel: 520-799-5280
Fax: 520-799-2723 (T/L:321)
Email address: kdbutt at us.ibm.com
http://www-03.ibm.com/servers/storage/ 
From:
Ralph Weber <roweber at IEEE.org>
To:
t10 at t10.org
Date:
03/04/2009 08:11 PM
Subject:
Re: Protecting data in buffer with an SA
Kevin,
You are correct about needing a variable length CDB.
The ESP-SCSI descriptor is always bigger than 16 bytes.
Therefore, none of the small CDBs have room for the
operation code and the ESP-SCSI descriptor.
I do not understand the claim about prohibiting the
use of Extended CDBs. The known plaintext attack is
thwarted by having any portion (not necessarily all)
of the CDB data protected by an ESP-SCSI descriptor.
The ability to decrypt the ESP-SCSI descriptor and
validate the contents thus decrypted proves that the
application client has knowledge of the SA, and this
is true regardless of the number of encrypted bytes
transferred.
All the best,
.Ralph
Kevin D Butt wrote: 
Ralph, 
If I understand this correctly, then if I desire to protect the data 
returned by a Security Protocol In command with an SA, then I would need 
to protect the Security Protocol In command with the SA during the request 
(this is required to thwart known plain-text attacks).	This in turn would 
require that the standard be updated to specify how to protect the 
Security Protocol In command.  I think this would require use of a 
variable length CDB (in order to fit in the SA protected SPIN command) and 
would preclude use of an extended CDB (because the SPIN CDB would not be 
protected by an SA and there would be nothing to create a new extension 
with). 
Am I understanding this correctly? 
Thanks, 
Kevin D. Butt
SCSI & Fibre Channel Architect, Tape Firmware
MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
Tel: 520-799-5280
Fax: 520-799-2723 (T/L:321)
Email address: kdbutt at us.ibm.com
http://www-03.ibm.com/servers/storage/ 
From: 
Kevin D Butt/Tucson/IBM at IBMUS 
To: 
Ralph Weber <roweber at ieee.org> 
Cc: 
t10 at t10.org 
Date: 
03/04/2009 11:13 AM 
Subject: 
Re: Protecting data in buffer with an SA
Ralph, 
Thanks.  I need to dig through this and assimilate the information. Thanks 
for your responses. 
Kevin D. Butt
SCSI & Fibre Channel Architect, Tape Firmware
MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
Tel: 520-799-5280
Fax: 520-799-2723 (T/L:321)
Email address: kdbutt at us.ibm.com
http://www-03.ibm.com/servers/storage/ 
From: 
Ralph Weber <roweber at ieee.org> 
To: 
t10 at t10.org 
Date: 
03/03/2009 06:32 PM 
Subject: 
Re: Protecting data in buffer with an SA
* From the T10 Reflector (t10 at t10.org), posted by:
* Ralph Weber <roweber at ieee.org>
*
Kevin,
I believe the RECEIVE CREDENTIAL command (see 6.19) provides
a worked example of how to SA-protect a data-in buffer.
N.B. The use of an SA to protect data in the CDB is a
security-motivated "feature", as described in the last
paragraph in 5.14.7.5.1.
All the best,
.Ralph
Kevin D Butt wrote:
>
> Ralph,
>
> Thanks for the response.  Does it help to restate my question as this:
> How can the device server know which SA the application client wants 
> the device server to use to protect the data-in buffer using ESP-SCSI?
>
> 5.14.7.5.1 Overview
> A device server shall transfer ESP-SCSI parameter data descriptors in 
> a data-in buffer only in response to a
> request that specifies an SA using the AC_SAI SA parameter and DS_SAI 
> SA parameter values (see 5.14.2.2). If
> the specified combination of AC_SAI and DS_SAI values in a command 
> that requests the transfer of ESP-SCSI
> parameter data descriptors is not known to the device server, the 
> command shall be terminated with CHECK
> CONDITION status, with the sense key set to ILLEGAL REQUEST, the 
> additional sense code set to INVALID
> FIELD IN PARAMETER LIST or to INVALID FIELD IN CDB, the SKSV bit set 
> to one, and SENSE KEY SPECIFIC field
> set as defined in 4.5.2.4.2.
>
> How is this line in the above fulfilled "only in response to a request 
> that specifies an SA using the AC_SAI SA parameter and DS_SAI SA 
> parameter values".  How can the request (i.e., a CDB) specify an SA?
>
> Thanks,
>
> Kevin D. Butt
> SCSI & Fibre Channel Architect, Tape Firmware
> MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
> Tel: 520-799-5280
> Fax: 520-799-2723 (T/L:321)
> Email address: kdbutt at us.ibm.com
> http://www-03.ibm.com/servers/storage/
>
>
> From: 		 Ralph Weber <roweber at IEEE.org>
> To:		       t10 at t10.org
> Date: 		 03/03/2009 05:06 PM
> Subject:		    Re: Protecting data in buffer with an SA
>
>
> ------------------------------------------------------------------------
>
>
>
> * From the T10 Reflector (t10 at t10.org), posted by:
> * Ralph Weber <roweber at ieee.org>
> *
> Kevin,
>
> I am having difficulty parsing everything that follows, "There
> is an ESP-SCSI defined for parameter in data but no method for
> selecting which SA to use to protect it" in the original message.
>
> Every ESP-SCSI format that I have checked contains an SAI
> (Security Association Index) -- either DS_SAI or AC_SAI --
> that identifies the SA to be applied when protecting the data.
>
> Perhaps my confusion over the other questions will be clarified
> when the inability of SAIs to identify SAs is explained.
>
> All the best,
>
> .Ralph
>
> Kevin D Butt wrote:
> >
> > IBM is looking at what would be required to protect a data in buffer
> > with an SA.  There is an ESP-SCSI defined for parameter in data but no
> > method for selecting which SA to use to protect it.  How does the
> > application client tell the device server which SA to use?	Since
> > there are no SAI fields in the CDB's for the commands that request the
> > data we are looking to protect, we don't see how to do this.
> >
> > Has anybody thought about this yet?
> >
> > Thanks,
> >
> > Kevin D. Butt
> > SCSI & Fibre Channel Architect, Tape Firmware
> > MS 6TYA, 9000 S. Rita Rd., Tucson, AZ 85744
> > Tel: 520-799-5280
> > Fax: 520-799-2723 (T/L:321)
> > Email address: kdbutt at us.ibm.com
> > http://www-03.ibm.com/servers/storage/
>
> *
> * For T10 Reflector information, send a message with
> * 'info t10' (no quotes) in the message body to majordomo at t10.org
>
>
*
* For T10 Reflector information, send a message with
* 'info t10' (no quotes) in the message body to majordomo at t10.org



More information about the T10 mailing list