Re: [CGA-EXT] Possible DoS attack to DAD in SEND ?

"Laganier, Julien" <julienl@qualcomm.com> Mon, 30 November 2009 19:33 UTC

Return-Path: <julienl@qualcomm.com>
X-Original-To: cga-ext@core3.amsl.com
Delivered-To: cga-ext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id 989D53A6976 for <cga-ext@core3.amsl.com>; Mon, 30 Nov 2009 11:33:58 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -105.578
X-Spam-Level:
X-Spam-Status: No, score=-105.578 tagged_above=-999 required=5 tests=[AWL=0.721, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ZUPwUkpn80Ic for <cga-ext@core3.amsl.com>; Mon, 30 Nov 2009 11:33:57 -0800 (PST)
Received: from wolverine01.qualcomm.com (wolverine01.qualcomm.com [199.106.114.254]) by core3.amsl.com (Postfix) with ESMTP id A6F563A6973 for <cga-ext@ietf.org>; Mon, 30 Nov 2009 11:33:57 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=simple/simple; d=qualcomm.com; i=julienl@qualcomm.com; q=dns/txt; s=qcdkim; t=1259609631; x=1291145631; h=from:to:cc:date:subject:thread-topic:thread-index: message-id:references:in-reply-to:accept-language: content-language:x-ms-has-attach:x-ms-tnef-correlator: acceptlanguage:content-type:content-transfer-encoding: mime-version:x-ironport-av; z=From:=20"Laganier,=20Julien"=20<julienl@qualcomm.com> |To:=20Tony=20Cheneau=20<tony.cheneau@it-sudparis.eu>,=0D =0A=20=20=20=20=20=20=20=20=3D?iso-8859-1?Q?Alberto_Garc =3DEDa?=3D=20<alberto@it.uc3m.es>|CC:=20"cga-ext@ietf.org "=20<cga-ext@ietf.org>|Date:=20Mon,=2030=20Nov=202009=201 1:33:47=20-0800|Subject:=20RE:=20[CGA-EXT]=20Possible=20D oS=20attack=20to=20DAD=20in=20SEND=20?|Thread-Topic:=20[C GA-EXT]=20Possible=20DoS=20attack=20to=20DAD=20in=20SEND =20?|Thread-Index:=20Acpu6j3PbXcFbXTjS5qJRvJvNvy6OwDCKRNw |Message-ID:=20<BF345F63074F8040B58C00A186FCA57F1C65FB2AB A@NALASEXMB04.na.qualcomm.com>|References:=20<BA2095E910A B454F9408A7EF7B249BD9@bombo>=0D=0A=20<alpine.LNX.2.00.091 1262254210.11124@localhost.localdomain>|In-Reply-To:=20<a lpine.LNX.2.00.0911262254210.11124@localhost.localdomain> |Accept-Language:=20en-US|Content-Language:=20en-US |X-MS-Has-Attach:|X-MS-TNEF-Correlator:|acceptlanguage: =20en-US|Content-Type:=20text/plain=3B=20charset=3D"iso-8 859-1"|Content-Transfer-Encoding:=20quoted-printable |MIME-Version:=201.0|X-IronPort-AV:=20E=3DMcAfee=3Bi=3D"5 400,1158,5818"=3B=20a=3D"28724299"; bh=FOIEfJccxW1SHmIQHApIYGX4rimI7zSxJs13SFvsXFY=; b=RWK3i0LqnepuXWE/NJhmaqZkeiyUP7mZiLj34+x4AtHdjX8jKQCBBvzZ kFECnwMNeqotmyzQQHMjS8pJGAx7/HLAL11I/txg8ilntcr7HH0I9rbzS itoAZqnaGHgdi6Z9lJsE0N6o79+/P23AUJcbgzEDGBiKWEc0mi+aii1xx U=;
X-IronPort-AV: E=McAfee;i="5400,1158,5818"; a="28724299"
Received: from pdmz-ns-mip.qualcomm.com (HELO ithilien.qualcomm.com) ([199.106.114.10]) by wolverine01.qualcomm.com with ESMTP; 30 Nov 2009 11:33:50 -0800
Received: from msgtransport06.qualcomm.com (msgtransport06.qualcomm.com [129.46.61.149]) by ithilien.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id nAUJXoQP026160 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=FAIL); Mon, 30 Nov 2009 11:33:50 -0800
Received: from nasanexhub02.na.qualcomm.com (nasanexhub02.na.qualcomm.com [10.46.143.120]) by msgtransport06.qualcomm.com (8.14.2/8.14.2/1.0) with ESMTP id nAUJXnd3007208 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NOT); Mon, 30 Nov 2009 11:33:49 -0800
Received: from nasanex14h01.na.qualcomm.com (10.46.94.107) by nasanexhub02.na.qualcomm.com (10.46.143.120) with Microsoft SMTP Server (TLS) id 8.2.176.0; Mon, 30 Nov 2009 11:33:49 -0800
Received: from nalasexhub02.na.qualcomm.com (10.47.130.89) by nasanex14h01.na.qualcomm.com (10.46.94.107) with Microsoft SMTP Server (TLS) id 14.0.639.21; Mon, 30 Nov 2009 11:33:49 -0800
Received: from NALASEXMB04.na.qualcomm.com ([10.47.7.118]) by nalasexhub02.na.qualcomm.com ([10.47.130.89]) with mapi; Mon, 30 Nov 2009 11:33:49 -0800
From: "Laganier, Julien" <julienl@qualcomm.com>
To: Tony Cheneau <tony.cheneau@it-sudparis.eu>, =?iso-8859-1?Q?Alberto_Garc=EDa?= <alberto@it.uc3m.es>
Date: Mon, 30 Nov 2009 11:33:47 -0800
Thread-Topic: [CGA-EXT] Possible DoS attack to DAD in SEND ?
Thread-Index: Acpu6j3PbXcFbXTjS5qJRvJvNvy6OwDCKRNw
Message-ID: <BF345F63074F8040B58C00A186FCA57F1C65FB2ABA@NALASEXMB04.na.qualcomm.com>
References: <BA2095E910AB454F9408A7EF7B249BD9@bombo> <alpine.LNX.2.00.0911262254210.11124@localhost.localdomain>
In-Reply-To: <alpine.LNX.2.00.0911262254210.11124@localhost.localdomain>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
acceptlanguage: en-US
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Cc: "cga-ext@ietf.org" <cga-ext@ietf.org>
Subject: Re: [CGA-EXT] Possible DoS attack to DAD in SEND ?
X-BeenThere: cga-ext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: CGA and SeND Extensions <cga-ext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cga-ext>
List-Post: <mailto:cga-ext@ietf.org>
List-Help: <mailto:cga-ext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 Nov 2009 19:33:58 -0000

Tony Cheneau wrote:
> [...] 
> This is the attack I described to the list in this mail:
> http://www.ietf.org/mail-archive/web/cga-ext/current/msg00057.html
> And then a thread (providing some other solutions):
> http://www.ietf.org/mail-archive/web/cga-ext/current/msg00075.html
>
> > A simple solution would be for the possible victim to discard
> > received DAD NSOLs for the same address that it has in tentative
> > state that have equal <public key, nonce, timestamp> than the DAD
> > NSOL that it had sent before.
> > (The probability of a legitimate collision in which another host that
> > generates a DAD NSOL with the same public address, nonce and
> timestamp
> > should be really low).
> Just comparing the nonce value should suffice.

So I understand a node receiving a DAD NS after having sent out a DAD NS happens when two nodes are performing DAD simultaneously as per RFC 4862.

If so, are you Tony suggesting that incoming DAD NS's with nonce similar to a nonce included in an outgoing DAD NS be discarded?

The probability that two nodes ends up generating the same public-private key should be zero unless the public key scheme is broken, so I think when a node receives a SEND protected message where the public key is the same as its own, the node MUST assumes the message was sent by himself and MUST discard the message.
 
--julien