Re: [AVT] Re: [secdir] Review of draft-ietf-avt-profile-savpf-11
Magnus Westerlund <magnus.westerlund@ericsson.com> Wed, 17 October 2007 09:35 UTC
Return-path: <avt-bounces@ietf.org>
Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ii5JZ-000791-A7; Wed, 17 Oct 2007 05:35:45 -0400
Received: from [10.90.34.44] (helo=chiedprmail1.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1Ii5JY-00076Q-0l for avt@ietf.org; Wed, 17 Oct 2007 05:35:44 -0400
Received: from mailgw4.ericsson.se ([193.180.251.62]) by chiedprmail1.ietf.org with esmtp (Exim 4.43) id 1Ii5JT-0004xv-5j for avt@ietf.org; Wed, 17 Oct 2007 05:35:39 -0400
Received: from mailgw4.ericsson.se (unknown [127.0.0.1]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id 8D912200D4; Wed, 17 Oct 2007 11:35:38 +0200 (CEST)
X-AuditID: c1b4fb3e-b2038bb0000007e1-2b-4715d76a3374
Received: from esealmw126.eemea.ericsson.se (unknown [153.88.254.123]) by mailgw4.ericsson.se (Symantec Mail Security) with ESMTP id 73F5420798; Wed, 17 Oct 2007 11:35:38 +0200 (CEST)
Received: from esealmw126.eemea.ericsson.se ([153.88.254.174]) by esealmw126.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Wed, 17 Oct 2007 11:35:37 +0200
Received: from [147.214.30.247] ([147.214.30.247]) by esealmw126.eemea.ericsson.se with Microsoft SMTPSVC(6.0.3790.1830); Wed, 17 Oct 2007 11:35:37 +0200
Message-ID: <4715D769.9010203@ericsson.com>
Date: Wed, 17 Oct 2007 11:35:37 +0200
From: Magnus Westerlund <magnus.westerlund@ericsson.com>
User-Agent: Thunderbird 2.0.0.6 (Windows/20070728)
MIME-Version: 1.0
To: Tim Polk <tim.polk@nist.gov>
Subject: Re: [AVT] Re: [secdir] Review of draft-ietf-avt-profile-savpf-11
References: <Pine.LNX.4.64.0708021745120.8357@mint.samweiler.com> <Pine.LNX.4.64.0708210159390.17654@mint.samweiler.com> <Pine.LNX.4.64.0708232010510.8278@mint.samweiler.com> <Pine.LNX.4.64.0708301201550.5061@mint.samweiler.com> <Pine.LNX.4.64.0709061211040.10092@mint.samweiler.com> <Pine.LNX.4.64.0709131247260.3729@mint.samweiler.com> <Pine.LNX.4.64.0709201704090.3780@mint.samweiler.com> <Pine.LNX.4.64.0709290153220.4521@mint.samweiler.com> <Pine.LNX.4.64.0710041500580.10395@mint.samweiler.com> <Pine.LNX.4.64.0710111657330.14378@mint.samweiler.com> <20071011225618.GD24532@Sun.COM> <77093CA5-A161-49FF-B3B8-E5E8E3D5A0A7@nist.gov>
In-Reply-To: <77093CA5-A161-49FF-B3B8-E5E8E3D5A0A7@nist.gov>
X-Enigmail-Version: 0.95.3
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-OriginalArrivalTime: 17 Oct 2007 09:35:37.0603 (UTC) FILETIME=[1315BD30:01C810A1]
X-Brightmail-Tracker: AAAAAA==
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 3002fc2e661cd7f114cb6bae92fe88f1
Cc: fluffy@cisco.com, secdir-secretary@mit.edu, jon.peterson@neustar.biz, carrara@kth.se, secdir@mit.edu, avt@ietf.org, Nicolas Williams <Nicolas.Williams@sun.com>
X-BeenThere: avt@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Audio/Video Transport Working Group <avt.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:avt@ietf.org>
List-Help: <mailto:avt-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/avt>, <mailto:avt-request@ietf.org?subject=subscribe>
Errors-To: avt-bounces@ietf.org
Tim Polk skrev: > Nico, > > Thanks for highlighting this in your review. I believe that all the > critical information > is in RFC 4756, "Key Management Extensions for Session Description Protocol > (SDP) and Real Time Streaming Protocol (RTSP)", but I am not sure the > linkage > is clear enough in profile-savpf-11. > > The key management attribute (a=key-mgmt) is defined in RFC 4756. > According > to the applicability statement: > >> In contrast, this specification expects endpoints to have >> preconfigured keys or common security infrastructure. It provides >> its own security and is independent of the protection of signaling >> (if any). As a result, it can be applied in environments where >> signaling protection is not turned on, or used hop-by-hop (i.e., >> scenarios where the SDP is not protected end-to-end). This >> specification will, independently of the signaling protection >> applied, ensure end-to-end security establishment for the media. >> > > However, the Security Considerations section highlights the need for > integrity protection. The immediate relevant excerpt is: > >> .... However, if the SDP messages >> are not sent >> integrity protected between the parties, it is possible for an active >> attacker to change attributes without being detected. As the key >> management protocol may (indirectly) rely on some of the session >> information from SDP (e.g., address information), an attack on SDP >> may have indirect consequences on the key management. Even if the >> key management protocol does not rely on parameters of SDP and will >> not be affected by manipulation of these, different denial-of-service >> (DoS) attacks aimed at SDP may lead to undesired interruption in the >> setup. See also the attacks described at the end of this section. >> >> The only integrity-protected attribute of the media stream is, in the >> framework proposed here, the set of key management protocols. For >> instance, it is possible to (1) swap key management offers across SDP >> messages, or (2) inject a previous key management offer into a new >> SDP message. Making the (necessary) assumption that all involved key >> management protocols are secure, the second attack will be detected >> by replay protection mechanisms of the key management protocol(s). >> Making the further assumption that, according to normal best current >> practice, the production of each key management offer is done with >> independent (pseudo)random choices (for session keys and other >> parameters), the first attack will either be detected in the >> Responder's (now incorrect) verification reply message (if such is >> used) or be a pure DoS attack, resulting in Initiator and Responder >> using different keys. > > After reviewing this, it appears that a couple of simple changes could > address > integrity protection in profile-savpf-11. First, it would be nice if > Example 1 > noted that an integrity protected channel was required to support the > security > negotiations. (Examples 3-5 share that requirement, but I would hope that > careful wording in Example 1 could keep us from repeating ourselves.) > More importantly, the security considerations section really needs an > explicit > pointer to the security considerations in RFC 4576. > To my knowledge MIKEY when used in SDP according to RFC 4567 it will integrity protect the most important SDP parts also to prevent bid-down attacks. So it is not guaranteed that full integrity protection of the SDP is needed. However, it is of course advisable to protect against other attacks on the SDP. Cheers Magnus Westerlund IETF Transport Area Director & TSVWG Chair ---------------------------------------------------------------------- Multimedia Technologies, Ericsson Research EAB/TVM/M ---------------------------------------------------------------------- Ericsson AB | Phone +46 8 4048287 Torshamsgatan 23 | Fax +46 8 7575550 S-164 80 Stockholm, Sweden | mailto: magnus.westerlund@ericsson.com ---------------------------------------------------------------------- _______________________________________________ Audio/Video Transport Working Group avt@ietf.org https://www1.ietf.org/mailman/listinfo/avt
- [AVT] Review of draft-ietf-avt-profile-savpf-11 Nicolas Williams
- [AVT] Re: Review of draft-ietf-avt-profile-savpf-… Cullen Jennings
- [AVT] Re: [secdir] Review of draft-ietf-avt-profi… Nicolas Williams
- [AVT] Re: [secdir] Review of draft-ietf-avt-profi… Russ Housley
- [AVT] Re: [secdir] Review of draft-ietf-avt-profi… Tim Polk
- Re: [AVT] Re: [secdir] Review of draft-ietf-avt-p… Magnus Westerlund