Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
Mirja Kuehlewind <ietf@kuehlewind.net> Wed, 14 August 2019 14:52 UTC
Return-Path: <ietf@kuehlewind.net>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AA58E120922; Wed, 14 Aug 2019 07:52:34 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.897
X-Spam-Level:
X-Spam-Status: No, score=-1.897 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_NONE=0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BDmL9rXgccTv; Wed, 14 Aug 2019 07:52:32 -0700 (PDT)
Received: from wp513.webpack.hosteurope.de (wp513.webpack.hosteurope.de [IPv6:2a01:488:42:1000:50ed:8223::]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 6406012091D; Wed, 14 Aug 2019 07:52:32 -0700 (PDT)
Received: from [129.192.10.3] (helo=[10.149.1.218]); authenticated by wp513.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) id 1hxudW-0001cK-S3; Wed, 14 Aug 2019 16:52:26 +0200
Content-Type: text/plain; charset="utf-8"
Mime-Version: 1.0 (Mac OS X Mail 12.4 \(3445.104.11\))
From: Mirja Kuehlewind <ietf@kuehlewind.net>
In-Reply-To: <87mugjo9wa.wl-jch@irif.fr>
Date: Wed, 14 Aug 2019 16:52:25 +0200
Cc: babel-chairs <babel-chairs@ietf.org>, Babel at IETF <babel@ietf.org>, Donald Eastlake <d3e3e3@gmail.com>, The IESG <iesg@ietf.org>, David Schinazi <dschinazi.ietf@gmail.com>, draft-ietf-babel-dtls@ietf.org
Content-Transfer-Encoding: quoted-printable
Message-Id: <13919FCC-9655-4B31-BC87-D33C963C82C4@kuehlewind.net>
References: <156518163926.8337.14198016212015161206.idtracker@ietfa.amsl.com> <CAPDSy+5mjQOj7qvvW+L-tYiP=Oet-QKf=FqjxzgxFw7YgabgtA@mail.gmail.com> <A9C9E93D-BBE1-4307-A47D-0E90006B3EC9@kuehlewind.net> <87a7cjq53f.wl-jch@irif.fr> <110AD4FB-186C-4C87-8BAF-7D8F4A04BC6F@kuehlewind.net> <87mugjo9wa.wl-jch@irif.fr>
To: Juliusz Chroboczek <jch@irif.fr>
X-Mailer: Apple Mail (2.3445.104.11)
X-bounce-key: webpack.hosteurope.de;ietf@kuehlewind.net;1565794352;becd471c;
X-HE-SMSGID: 1hxudW-0001cK-S3
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/GgugMcFjh_9TSf7JMzIyEc5CIRk>
Subject: Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 14 Aug 2019 14:52:35 -0000
Hi Juliusz, hi David, (Only replying to this mail because it, I think, also covers a reply to David’s last mail.) Thanks for the detailed explanation. I believe the underlying problem is that in this approach the Hello is not authenticated. However, I understand that changing this part, even though it could be desirable, is much more complex and using a fixed port might indeed be the simplest solution right now. I will clear my discuss now, however, I would after all appreciate to have more documentation in the draft why this solution was select and, more important, what limitations other approach have. Mirja > On 8. Aug 2019, at 19:16, Juliusz Chroboczek <jch@irif.fr> wrote: > >>> Could you please explain what happens if an attacker sends out 65535 >>> spoofed multicast Hellos indicating 65535 distinct ports? > >> You maybe rate limit DTLS connection attempts…? > > That's not the issue I had in mind. What I'm concerned about is that > you're suggesting to use an unauthentifed TLV to negotiate DTLS connection > parameters. That cannot go well. > > Let A and B be honest nodes, and C an attacker. In the current protocol: > > A -> multicast: Hello > C spoofing A -> multicast: Hello > B -> A(well-known port): DTLS ClientHello > > The DTLS connection succeeds even though C spoofed a Hello from A -- > a Hello is a Hello, even if it was spoofed. In your suggested protocol: > > A -> multicast: Hello, port=1234 > C spoofing A -> multicast: Hello, port = 1235 > C spoofing A -> multicast: Hello, port = 1236 > C spoofing A -> multicast: Hello, port = 1237 > ... > B -> A(which port?) > > Since B has received a bunch of Hellos ostensiby from A announcing > different ports, it cannot reliably locate the one that's correct. An > on-link attacker can trivially DoS any node of its choosing. > > What is more: > > - You can no longer identify Babel traffic -- it's just encrypted DTLS > with random ports. What does that mean from a management point of view? > > - An attacker can cause any Babel node to send a DTLS ClientHello to an > arbitrary IP and port. What consequences does that have for the > security and DoS-resistance of unrelated protocols? > > Mirja, in the light of the above, you'll doubtless understand that we feel > little motivation to spend time implementing your suggested protocol and > experimenting with it. (And this working group has been following the > policy of implementing everythig and listening to implementation experience, > a policy that we like and do not wish to change.) > > -- Juliusz >
- [babel] Mirja Kühlewind's Discuss on draft-ietf-b… Mirja Kühlewind via Datatracker
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… David Schinazi
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… David Schinazi
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Mirja Kuehlewind
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Juliusz Chroboczek
- Re: [babel] Mirja Kühlewind's Discuss on draft-ie… Benjamin Kaduk