RSVP Cryptographic Authentication (RFC2747)
Original Publication Date: 2000-Jan-01
Included in the Prior Art Database: 2000-Sep-13
Internet Society Requests For Comment (RFCs)
F. Baker: AUTHOR [+3]
This document describes the format and use of RSVP's INTEGRITY object to provide hop-by-hop integrity and authentication of RSVP messages.
Network Working Group F. Baker
Request for Comments: 2747 Cisco
Category: Standards Track B. Lindell
RSVP Cryptographic Authentication
Status of this Memo
This document specifies an Internet standards track protocol for the
Internet community, and requests discussion and suggestions for
improvements. Please refer to the current edition of the "Internet
Official Protocol Standards" (STD 1) for the standardization state
and status of this protocol. Distribution of this memo is unlimited.
Copyright (C) The Internet Society (2000). All Rights Reserved.
This document describes the format and use of RSVP's INTEGRITY object
to provide hop-by-hop integrity and authentication of RSVP messages.
The Resource ReSerVation Protocol RSVP  is a protocol for setting
up distributed state in routers and hosts, and in particular for
reserving resources to implement integrated service. RSVP allows
particular users to obtain preferential access to network resources,
under the control of an admission control mechanism. Permission to
make a reservation will depend both upon the availability of the
requested resources along the path of the data, and upon satisfaction
of policy rules.
To ensure the integrity of this admission control mechanism, RSVP
requires the ability to protect its messages against corruption and
spoofing. This document defines a mechanism to protect RSVP message
integrity hop-by-hop. The proposed scheme transmits an
authenticating digest of the message, computed using a secret
Authentication Key and a keyed-hash algorithm. This scheme provides
protection against forgery or message modification. The INTEGRITY
object of each RSVP message is tagged with a one-time-use sequence
number. This allows the message receiver to identify playbacks and
hence to thwart replay attacks. The proposed mechanism does not
afford confidentiality, since messages stay in the clear; however,
the mechanism is also exportable from most countries, which would be
impossible were a privacy algorithm to be used. Note: this document
uses the terms "sender" and "receiver" differently from . They
are used here to refer to systems that face each other across an RSVP
hop, the "sender" being the system generating RSVP messages.
The message replay prevention algorithm is quite simple. The sender
generates packets with monotonically increasing sequence numbers. In
turn, the receiver only accepts packets that have a larger sequence
number than th...