IETF Logo Mail Archive

Re: [babel] Minor clarification to HMAC

Juliusz Chroboczek <jch@irif.fr> Sat, 29 June 2019 10:14 UTC

Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id CC4751200DB for <babel@ietfa.amsl.com>; Sat, 29 Jun 2019 03:14:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id JEArajf6LEHU for <babel@ietfa.amsl.com>; Sat, 29 Jun 2019 03:14:08 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 13112120111 for <babel@ietf.org>; Sat, 29 Jun 2019 03:14:07 -0700 (PDT)
Received: from potemkin.univ-paris7.fr (potemkin.univ-paris7.fr [IPv6:2001:660:3301:8000::1:1]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id x5TAE3JO013320 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sat, 29 Jun 2019 12:14:03 +0200
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by potemkin.univ-paris7.fr (8.14.4/8.14.4/relay2/82085) with ESMTP id x5TAE4HZ006435; Sat, 29 Jun 2019 12:14:04 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 3CC6A4C66E; Sat, 29 Jun 2019 12:14:06 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id T5eqqkmGAhFV; Sat, 29 Jun 2019 12:14:05 +0200 (CEST)
Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 32A634C66C; Sat, 29 Jun 2019 12:14:05 +0200 (CEST)
Date: Sat, 29 Jun 2019 12:14:05 +0200
Message-ID: <87a7e01yxe.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Markus Stenberg <markus.stenberg@iki.fi>
Cc: babel@ietf.org
In-Reply-To: <3CFB1069-5307-40F2-89DD-CA82CE2976A1@iki.fi>
References: <874l49j158.wl-jch@irif.fr> <6C3AA518-8EF8-493A-835D-DE096E75D07B@iki.fi> <87ef3c20fh.wl-jch@irif.fr> <3CFB1069-5307-40F2-89DD-CA82CE2976A1@iki.fi>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="US-ASCII"
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]); Sat, 29 Jun 2019 12:14:03 +0200 (CEST)
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (potemkin.univ-paris7.fr [194.254.61.141]); Sat, 29 Jun 2019 12:14:04 +0200 (CEST)
X-Miltered: at korolev with ID 5D1739EB.002 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-Miltered: at potemkin with ID 5D1739EC.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5D1739EB.002 from potemkin.univ-paris7.fr/potemkin.univ-paris7.fr/null/potemkin.univ-paris7.fr/<jch@irif.fr>
X-j-chkmail-Enveloppe: 5D1739EC.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5D1739EB.002 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Score: MSGID : 5D1739EC.000 on potemkin.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/6hSSOxU3yhLLI0GBNByECSn3ggQ>
Subject: Re: [babel] Minor clarification to HMAC
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 29 Jun 2019 10:14:10 -0000

> Is there some mechanism in place that prevents replay of historic
> packets? As the HMAC key itself does not change over time, storing
> (large amounts of) historic payloads with valid HMAC is not hard.
> Tthe value is bit questionable GIVEN router ID is stable, but if it is
> not, there is actually potential attack vector here..

It's not the router ID, it's the link-local IP address.  In order to
create /n/ neighbour entries, an attacker needs to have captured correctly
signed packets with /n/ distinct source IPs.  (That's per interface.  If
an attacker is able to spoof packets on multiple interfaces, then the
situation becomes worse.)

(I'm tempted to follow Mahesh's advice, and rewrite the last two
paragraphs of the Security Considerations section with reference to
RFC 4987.  Advice?)

-- Juliusz

v2.23.0 | Report a Bug | By Email