IETF Logo Mail Archive

Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)

Juliusz Chroboczek <jch@irif.fr> Thu, 08 August 2019 17:16 UTC

Return-Path: <jch@irif.fr>
X-Original-To: babel@ietfa.amsl.com
Delivered-To: babel@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 763241200C5; Thu, 8 Aug 2019 10:16:28 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id MVNXqRbS4dMS; Thu, 8 Aug 2019 10:16:26 -0700 (PDT)
Received: from korolev.univ-paris7.fr (korolev.univ-paris7.fr [IPv6:2001:660:3301:8000::1:2]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 3E50312006D; Thu, 8 Aug 2019 10:16:26 -0700 (PDT)
Received: from mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [81.194.30.253]) by korolev.univ-paris7.fr (8.14.4/8.14.4/relay1/82085) with ESMTP id x78HGK6a003800; Thu, 8 Aug 2019 19:16:20 +0200
Received: from mailhub.math.univ-paris-diderot.fr (localhost [127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTP id 0E8C02FB06; Thu, 8 Aug 2019 19:16:24 +0200 (CEST)
X-Virus-Scanned: amavisd-new at math.univ-paris-diderot.fr
Received: from mailhub.math.univ-paris-diderot.fr ([127.0.0.1]) by mailhub.math.univ-paris-diderot.fr (mailhub.math.univ-paris-diderot.fr [127.0.0.1]) (amavisd-new, port 10023) with ESMTP id FryxoWft-j5U; Thu, 8 Aug 2019 19:16:23 +0200 (CEST)
Received: from pirx.irif.fr (unknown [78.194.40.74]) (Authenticated sender: jch) by mailhub.math.univ-paris-diderot.fr (Postfix) with ESMTPSA id 571282FB04; Thu, 8 Aug 2019 19:16:21 +0200 (CEST)
Date: Thu, 08 Aug 2019 19:16:21 +0200
Message-ID: <87mugjo9wa.wl-jch@irif.fr>
From: Juliusz Chroboczek <jch@irif.fr>
To: Mirja Kuehlewind <ietf@kuehlewind.net>
Cc: babel-chairs <babel-chairs@ietf.org>, Babel at IETF <babel@ietf.org>, Donald Eastlake <d3e3e3@gmail.com>, The IESG <iesg@ietf.org>, David Schinazi <dschinazi.ietf@gmail.com>, draft-ietf-babel-dtls@ietf.org
In-Reply-To: <110AD4FB-186C-4C87-8BAF-7D8F4A04BC6F@kuehlewind.net>
References: <156518163926.8337.14198016212015161206.idtracker@ietfa.amsl.com> <CAPDSy+5mjQOj7qvvW+L-tYiP=Oet-QKf=FqjxzgxFw7YgabgtA@mail.gmail.com> <A9C9E93D-BBE1-4307-A47D-0E90006B3EC9@kuehlewind.net> <87a7cjq53f.wl-jch@irif.fr> <110AD4FB-186C-4C87-8BAF-7D8F4A04BC6F@kuehlewind.net>
User-Agent: Wanderlust/2.15.9
MIME-Version: 1.0 (generated by SEMI-EPG 1.14.7 - "Harue")
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 8bit
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.2.7 (korolev.univ-paris7.fr [194.254.61.138]); Thu, 08 Aug 2019 19:16:20 +0200 (CEST)
X-Miltered: at korolev with ID 5D4C58E4.000 by Joe's j-chkmail (http : // j-chkmail dot ensmp dot fr)!
X-j-chkmail-Enveloppe: 5D4C58E4.000 from mailhub.math.univ-paris-diderot.fr/mailhub.math.univ-paris-diderot.fr/null/mailhub.math.univ-paris-diderot.fr/<jch@irif.fr>
X-j-chkmail-Score: MSGID : 5D4C58E4.000 on korolev.univ-paris7.fr : j-chkmail score : . : R=. U=. O=. B=0.000 -> S=0.000
X-j-chkmail-Status: Ham
Archived-At: <https://mailarchive.ietf.org/arch/msg/babel/OM8ACLc8GuQ-CQT87LeqNrZdW24>
Subject: Re: [babel] Mirja Kühlewind's Discuss on draft-ietf-babel-dtls-07: (with DISCUSS and COMMENT)
X-BeenThere: babel@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "A list for discussion of the Babel Routing Protocol." <babel.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/babel>, <mailto:babel-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/babel/>
List-Post: <mailto:babel@ietf.org>
List-Help: <mailto:babel-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/babel>, <mailto:babel-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 08 Aug 2019 17:16:29 -0000

>> Could you please explain what happens if an attacker sends out 65535
>> spoofed multicast Hellos indicating 65535 distinct ports?

> You maybe rate limit DTLS connection attempts…?

That's not the issue I had in mind.  What I'm concerned about is that
you're suggesting to use an unauthentifed TLV to negotiate DTLS connection
parameters.  That cannot go well.

Let A and B be honest nodes, and C an attacker.  In the current protocol:

    A -> multicast: Hello
    C spoofing A -> multicast: Hello
    B -> A(well-known port): DTLS ClientHello

The DTLS connection succeeds even though C spoofed a Hello from A --
a Hello is a Hello, even if it was spoofed.  In your suggested protocol:

    A -> multicast: Hello, port=1234
    C spoofing A -> multicast: Hello, port = 1235
    C spoofing A -> multicast: Hello, port = 1236
    C spoofing A -> multicast: Hello, port = 1237
    ...
    B -> A(which port?)

Since B has received a bunch of Hellos ostensiby from A announcing
different ports, it cannot reliably locate the one that's correct.  An
on-link attacker can trivially DoS any node of its choosing.

What is more:

  - You can no longer identify Babel traffic -- it's just encrypted DTLS
    with random ports.  What does that mean from a management point of view?

  - An attacker can cause any Babel node to send a DTLS ClientHello to an
    arbitrary IP and port.  What consequences does that have for the
    security and DoS-resistance of unrelated protocols?

Mirja, in the light of the above, you'll doubtless understand that we feel
little motivation to spend time implementing your suggested protocol and
experimenting with it.  (And this working group has been following the
policy of implementing everythig and listening to implementation experience,
a policy that we like and do not wish to change.)

-- Juliusz

v2.23.0 | Report a Bug | By Email