IETF Logo Mail Archive

Re: [6tisch] ASN replay attack -- proposed text

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 30 July 2019 09:55 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: 6tisch@ietfa.amsl.com
Delivered-To: 6tisch@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id A38CB1203C4 for <6tisch@ietfa.amsl.com>; Tue, 30 Jul 2019 02:55:36 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.5
X-Spam-Level:
X-Spam-Status: No, score=-14.5 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, URIBL_BLOCKED=0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=Mr2Ztano; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=NS8zwaWs
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id P8cos3YhOm4g for <6tisch@ietfa.amsl.com>; Tue, 30 Jul 2019 02:55:32 -0700 (PDT)
Received: from alln-iport-5.cisco.com (alln-iport-5.cisco.com [173.37.142.92]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 014471200CD for <6tisch@ietf.org>; Tue, 30 Jul 2019 02:55:31 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=3186; q=dns/txt; s=iport; t=1564480532; x=1565690132; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=ZMf6fYp/hAGsQvMg/DJkDAhoYOMEIFn3QK+0o70HBWk=; b=Mr2ZtanooQopGxeSY7KC3sWHzYPbJm60xFtVdehgMSMy4MvlZHwVN78u lEUgJ7uj8mWYrkToSy/ugwe3ZyDVxC9P6iUqihY/QJgW5bghhehxHUjTQ s1Uxz2eZjdoDWxi4I8gtaS/+g/u/snNsZZSMKaachY09x5IfhINLfHN0U E=;
IronPort-PHdr: 9a23:u0fx0R3SXI6BQxOKsmDT+zVfbzU7u7jyIg8e44YmjLQLaKm44pD+JxKGt+51ggrPWoPWo7JfhuzavrqoeFRI4I3J8RVgOIdJSwdDjMwXmwI6B8vQEVH7MfTndTASF8VZX1gj9Ha+YgBY
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AIAADVEkBd/4kNJK1mGgEBAQEBAgEBAQEHAgEBAQGBUwUBAQEBCwGBQ1ADbVUgBAsqhB6DRwOEUogxgluXVIEuFIEQA1QJAQEBDAEBGAsKAgEBg3pGAheCKiM0CQ4BAwEBBAEBAgEGbYUeDIVKAQEBBAEBEBERDAEBLAsBCwQCAQgRBAEBAQICJgICAiULFQgIAgQOBQgTBAODAYFqAx0BAgyhPwKBOIhgcYEygnoBAQWBMgGDWBiCEwMGgQwoAYkWgkkXgUA/gVeCTD6CYQEBgSk6gwkygiaOfpwDCQKCGoZbjVaCLocljj6EFYVHiyyQDwIEAgQFAg4BAQWBUDiBWHAVO4JsgkKDcYUUhT9ygSmKTSuCJQEB
X-IronPort-AV: E=Sophos;i="5.64,326,1559520000"; d="scan'208";a="302274428"
Received: from alln-core-4.cisco.com ([173.36.13.137]) by alln-iport-5.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 30 Jul 2019 09:55:31 +0000
Received: from XCH-ALN-007.cisco.com (xch-aln-007.cisco.com [173.36.7.17]) by alln-core-4.cisco.com (8.15.2/8.15.2) with ESMTPS id x6U9tU16021731 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 30 Jul 2019 09:55:30 GMT
Received: from xhs-rtp-002.cisco.com (64.101.210.229) by XCH-ALN-007.cisco.com (173.36.7.17) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 30 Jul 2019 04:55:30 -0500
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by xhs-rtp-002.cisco.com (64.101.210.229) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 30 Jul 2019 05:55:29 -0400
Received: from NAM05-DM3-obe.outbound.protection.outlook.com (72.163.14.9) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 30 Jul 2019 04:55:29 -0500
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=g13F7HuM4iboIwuc/yyIuIZ1HVbPSVLODjDTocFtETNHfKBKOJEQAhyE8lCIJHynOvuWVRjAtjITwj2LRcK/wFAFgPVLUgvXb50WLasSFXRiisZoF4+8M7xbdj9xn/LgfVKXR3wYA2DjZiZk1qkKNiMJARpNOEoVoP3V/rFmpYX3mLaFogdPfuGnnD0N/6PiAothWDeIV0cpw5GJJ7aYJlq/dpC4p5CGeSRpF5zB6dT2oYkenTAxlRWKI809HURcUojock0fw08KHHuqnowOAOUIE6xylUp0QXnu7P9zOOW1YWcjY1ft4WBmm/6D5KNq140qInZVI7692quU8iko1Q==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZMf6fYp/hAGsQvMg/DJkDAhoYOMEIFn3QK+0o70HBWk=; b=Je2IvLKsdATygHnvdZRvUOsVr3zKUvJihWpt1brEnz6Z7rzIMx1fBQBw3JBry/U1pxRbIgClnw7TWd3cY5kF9C0Ewc7XJgLnkVIDUSVDVkgDYOh2Leka3FPIJH0oXO86buwT7yUdDJW2/TvEFvijjbLCw3TY8tdmRS70f6qmgdKrxiEFzz8gUn09WtkUh+6eFbq60v78oprUe/OtaLaAIOcG/QV9u/O4m/hg2OQ6ScNXDK5Obh5GUuf0ylw+KE1WWhqY0naW8/IS5LHuPX+kYuahjReSMwQynjxk3WH0ZRgcM3Ml8wcfbwP4eki2SJzpFlCEps5m5xAMoUcdxQe6Dg==
ARC-Authentication-Results: i=1; mx.microsoft.com 1;spf=pass smtp.mailfrom=cisco.com;dmarc=pass action=none header.from=cisco.com;dkim=pass header.d=cisco.com;arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=ZMf6fYp/hAGsQvMg/DJkDAhoYOMEIFn3QK+0o70HBWk=; b=NS8zwaWsogRXsEUPDiU9lvmqyJbJodIIGf7TrOe0jXPD31GaUUHsE+neILDtfKThmpX+EsSzMpxfacsvzVrz+XXYnincaoyKgC8k7xVHcGnvxxHP3qbdFbm7eTKUoYKfzgsl3g/JOdaOUGzNPsBgadirKc+eJX/MBHqZ93R6uHw=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4304.namprd11.prod.outlook.com (52.135.36.139) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2115.13; Tue, 30 Jul 2019 09:55:28 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a%6]) with mapi id 15.20.2094.017; Tue, 30 Jul 2019 09:55:28 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Mališa Vučinić <malisa.vucinic@inria.fr>
CC: Thomas Watteyne <thomas.watteyne@inria.fr>, 6tisch <6tisch@ietf.org>
Thread-Topic: ASN replay attack -- proposed text
Thread-Index: AQHVQ/ZDPhTP/HbZakCn+WnGbvjBvqbdZ0LAgAWBuACAAAhc8A==
Date: Tue, 30 Jul 2019 09:54:59 +0000
Deferred-Delivery: Tue, 30 Jul 2019 09:54:43 +0000
Message-ID: <MN2PR11MB35651CFFEFD2D0E23C859842D8DC0@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <187B5557-C49C-44A3-AD16-C4CFF00FB91B@inria.fr> <08DADD63-7A1D-4D17-93E5-CCAC9ED7ED97@inria.fr> <MN2PR11MB35655639497685D38075B1EFD8C00@MN2PR11MB3565.namprd11.prod.outlook.com> <0DB5145D-2773-4DF0-8808-B5D248C21D26@inria.fr>
In-Reply-To: <0DB5145D-2773-4DF0-8808-B5D248C21D26@inria.fr>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:44f3:1300:e0e5:db44:51c1:b69]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 9915282c-7761-4d87-0dcf-08d714d40d41
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB4304;
x-ms-traffictypediagnostic: MN2PR11MB4304:
x-ms-exchange-purlcount: 2
x-microsoft-antispam-prvs: <MN2PR11MB43046F6268B9DF26215469ADD8DC0@MN2PR11MB4304.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:8882;
x-forefront-prvs: 0114FF88F6
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(4636009)(396003)(39860400002)(346002)(376002)(366004)(136003)(13464003)(189003)(199004)(316002)(229853002)(5660300002)(102836004)(476003)(6916009)(305945005)(71200400001)(99286004)(86362001)(6666004)(71190400001)(6436002)(11346002)(66446008)(46003)(486006)(7696005)(68736007)(54906003)(14454004)(186003)(76116006)(25786009)(7736002)(478600001)(76176011)(446003)(66574012)(966005)(66476007)(66946007)(74316002)(64756008)(66556008)(2906002)(81166006)(81156014)(9686003)(33656002)(6116002)(8676002)(8936002)(256004)(5024004)(6306002)(53936002)(4326008)(14444005)(52536014)(53546011)(6246003)(6506007)(55016002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4304; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: Sqfq5UGObrBy3PyifrtHBq/eA2Gfn3EF/y/vZJxJfRzD9bMpnj7LziaTJJa9rmK3b1wkJx+H3fl1t3f05fLohfy8wuUM8pbnrRYvQVT9AUQDwGXwXN/AkDYq2FOLgb0Nl0MV1oIv1DDQnHI7P0aRupycVfvBkiDZ5vi7hbX8oIc0rjv06OGtRVjE2wgCNCSHYJLTGHIFzdf4wSfzcZ/Srzyng/smTSyO7O/nU7U+8WKGoNhHkZgpnEdRCSrpX+8IEtibnvSb9y3nTF3Y0lPOqc7549k5WaOSya63dM4iaoHBAhW37VUMwWoDznDllKIDyggNOCqpnxqKRdEv7CuBcsxCahPwuItX2Zj8JAI+tXuIFDnl7EfVJftSrZisNAc07mtJxt+SbFp1YuMLQSBSrZFpfVGoT4UVS46BS1SkExI=
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: base64
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 9915282c-7761-4d87-0dcf-08d714d40d41
X-MS-Exchange-CrossTenant-originalarrivaltime: 30 Jul 2019 09:55:28.3254 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pthubert@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4304
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.36.7.17, xch-aln-007.cisco.com
X-Outbound-Node: alln-core-4.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/6tisch/5u8Q1JKx2orLjMTaQLD1CCs7qtE>
Subject: Re: [6tisch] ASN replay attack -- proposed text
X-BeenThere: 6tisch@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "Discuss link layer model for Deterministic IPv6 over the TSCH mode of IEEE 802.15.4e, and impacts on RPL and 6LoWPAN such as resource allocation" <6tisch.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/6tisch>, <mailto:6tisch-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/6tisch/>
List-Post: <mailto:6tisch@ietf.org>
List-Help: <mailto:6tisch-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/6tisch>, <mailto:6tisch-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 30 Jul 2019 09:55:37 -0000

All good, I expected it and wanted confirm : )

All the best,

Pascal

> -----Original Message-----
> From: Mališa Vučinić <malisa.vucinic@inria.fr>
> Sent: mardi 30 juillet 2019 05:24
> To: Pascal Thubert (pthubert) <pthubert@cisco.com>
> Cc: Thomas Watteyne <thomas.watteyne@inria.fr>; 6tisch <6tisch@ietf.org>
> Subject: Re: ASN replay attack -- proposed text
> 
> Pascal,
> 
> As Tero outlined, this information is typically available as the metadata to the
> frame being received. It is up to the implementations to ensure that such
> information is available when processing the frame with a delay, otherwise
> things won’t really work..
> 
> Mališa
> 
> > On 26 Jul 2019, at 23:20, Pascal Thubert (pthubert) <pthubert@cisco.com>
> wrote:
> >
> > Agreed:
> >
> > I'm wondering about the delayed security processing. That processing may
> be delayed beyond the current ASN. Is the ASN of the receive time attached to
> the frame as a meta of sorts to enable the delayed validation?
> >
> > All the best,
> >
> > Pascal
> >
> >> -----Original Message-----
> >> From: 6tisch <6tisch-bounces@ietf.org> On Behalf Of Thomas Watteyne
> >> Sent: vendredi 26 juillet 2019 17:08
> >> To: Mališa Vučinić <malisa.vucinic@inria.fr>
> >> Cc: 6tisch <6tisch@ietf.org>
> >> Subject: Re: [6tisch] ASN replay attack -- proposed text
> >>
> >> Malisa,
> >> The text IMO explains both the problem and the solution very well,
> congrats.
> >> Thomas
> >>
> >>> On 26 Jul 2019, at 20:23, Mališa Vučinić <malisa.vucinic@inria.fr> wrote:
> >>>
> >>> Dear all,
> >>>
> >>> I worked on the initial version of the text describing the ASN replay attack
> >> and its resolution discussed during the Montreal meeting.
> >>>
> >>> The text can be found at:
> >>>
> >>> https://bitbucket.org/6tisch/draft-ietf-6tisch-minimal-
> >> security/commits/4ea5f58b1a3245a1e2a2b46f95f0fd48b2f4bb31
> >>>
> >>> Please let me know if you have any comments.
> >>>
> >>> Mališa
> >>> _______________________________________________
> >>> 6tisch mailing list
> >>> 6tisch@ietf.org
> >>> https://www.ietf.org/mailman/listinfo/6tisch
> >> _______________________________________________
> >> 6tisch mailing list
> >> 6tisch@ietf.org
> >> https://www.ietf.org/mailman/listinfo/6tisch

v2.23.0 | Report a Bug | By Email