Re: [CGA-EXT] Possible DoS attack to DAD in SEND ?

Alberto García <alberto@it.uc3m.es> Fri, 27 November 2009 10:36 UTC

Return-Path: <alberto@it.uc3m.es>
X-Original-To: cga-ext@core3.amsl.com
Delivered-To: cga-ext@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id A580B3A6810 for <cga-ext@core3.amsl.com>; Fri, 27 Nov 2009 02:36:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.091
X-Spam-Level:
X-Spam-Status: No, score=-5.091 tagged_above=-999 required=5 tests=[AWL=1.208, BAYES_00=-2.599, MIME_8BIT_HEADER=0.3, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id av64W9OdZfgV for <cga-ext@core3.amsl.com>; Fri, 27 Nov 2009 02:36:19 -0800 (PST)
Received: from smtp02.uc3m.es (smtp02.uc3m.es [163.117.176.132]) by core3.amsl.com (Postfix) with ESMTP id 6C22F3A6A0C for <cga-ext@ietf.org>; Fri, 27 Nov 2009 02:36:19 -0800 (PST)
X-uc3m-safe: yes
Received: from bombo (bombo.it.uc3m.es [163.117.139.125]) (using TLSv1 with cipher RC4-MD5 (128/128 bits)) (No client certificate requested) by smtp02.uc3m.es (Postfix) with ESMTP id 274AE6C2C99; Fri, 27 Nov 2009 11:36:12 +0100 (CET)
From: =?ISO-8859-15?Q?Alberto_Garc=EDa?= <alberto@it.uc3m.es>
To: "'Tony Cheneau'" <tony.cheneau@it-sudparis.eu>
References: <BA2095E910AB454F9408A7EF7B249BD9@bombo> <alpine.LNX.2.00.0911262254210.11124@localhost.localdomain>
Date: Fri, 27 Nov 2009 11:36:10 +0100
Message-ID: <A0A0A57B32404C99887B1820AF5242DA@bombo>
MIME-Version: 1.0
Content-Type: text/plain; charset="ISO-8859-15"
Content-Transfer-Encoding: quoted-printable
X-Mailer: Microsoft Office Outlook 11
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
Thread-Index: Acpu6jhVvRhwOn7JRHKGNTrnskBINwAXt8lw
In-Reply-To: <alpine.LNX.2.00.0911262254210.11124@localhost.localdomain>
X-TM-AS-Product-Ver: IMSS-7.0.0.3116-6.0.0.1038-17034.006
Cc: cga-ext@ietf.org
Subject: Re: [CGA-EXT] Possible DoS attack to DAD in SEND ?
X-BeenThere: cga-ext@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: CGA and SeND Extensions <cga-ext.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/cga-ext>
List-Post: <mailto:cga-ext@ietf.org>
List-Help: <mailto:cga-ext-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/cga-ext>, <mailto:cga-ext-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Nov 2009 10:36:20 -0000

Thanks, Tony

|  -----Mensaje original-----
|  De: Tony Cheneau [mailto:tony.cheneau@it-sudparis.eu]
|  Enviado el: jueves, 26 de noviembre de 2009 23:46
|  Para: Alberto García
|  CC: cga-ext@ietf.org
|  Asunto: Re: [CGA-EXT] Possible DoS attack to DAD in SEND ?
|  
|  Hello Alberto,
|  
|  > I was wondering if the following is really an issue for SEND hosts
doing
|  > DAD, and if it is worth to be protected (this arose when defining SAVI
|  > operation for SEND):
|  
|  This is the attack I described to the list in this mail:
|  http://www.ietf.org/mail-archive/web/cga-ext/current/msg00057.html
|  And then a thread (providing some other solutions):
|  http://www.ietf.org/mail-archive/web/cga-ext/current/msg00075.html
|  
|  > I don't see in RFC 3971 any countermeasure to this. Am I right?
|  The spec does not say how to counter this. However, in a current
|  implementations, adding a fix seems pretty straightforward.
|  
|  >
|  > Do you think this is a problem? If so, do you think it needs to be
fixed?
|  
|  IMHO, RFC 3971-bis should explicitly provide a solution to counter this
|  attack.
|  

Right 

|  
|  
|  > A simple solution would be for the possible victim to discard received
DAD
|  > NSOLs for the same address that it has in tentative state that have
equal
|  > <public key, nonce, timestamp> than the DAD NSOL that it had sent
before.
|  > (The probability of a legitimate collision in which another host that
|  > generates a DAD NSOL with the same public address, nonce and timestamp
|  > should be really low).
|  Just comparing the nonce value should suffice.
|  
|  
|  > For ND (unsecured), this case is also a problem, but for ND you can't
decide
|  > by looking to a received DAD NSOL when it is an attack or just a real
|  > collision (and this could be also an incentive to use SEND, of course).
|  Plain ND is not secure anyway.
|  Some scenario are using a network setup where each nodes are on a
|  different port of a switch. If the switch was to support Multicast
|  Listener Discovery, the attacker will never get to receive the DAD NS
|  message to begin with. As stated in:
|  http://www.ietf.org/mail-archive/web/cga-ext/current/msg00077.html
|  Hence, it will preclude the attack. Am I wrong ?

I agree with you that MLD-snooping does protect from this problem, but I
don't think it is realistic to assume that this feature is available in all
switches. In addition, there are some broadcast scenarios in which a bad guy
could circumvent this assumption.
I think a solution in the SEND domain (not depending on other deployment
issues) would still be nice.

Regards,
Alberto
|  
|  Regards,
|   	Tony