IETF Logo Mail Archive

Re: [core] I-D Action: draft-ietf-core-attacks-on-coap-01.txt

Achim Kraus <achimkraus@gmx.net> Fri, 11 November 2022 06:39 UTC

Return-Path: <achimkraus@gmx.net>
X-Original-To: core@ietfa.amsl.com
Delivered-To: core@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F2FABC14CF03; Thu, 10 Nov 2022 22:39:26 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.107
X-Spam-Level:
X-Spam-Status: No, score=-2.107 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, NICE_REPLY_A=-0.001, RCVD_IN_MSPIKE_H2=-0.001, RCVD_IN_ZEN_BLOCKED_OPENDNS=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, T_SCC_BODY_TEXT_LINE=-0.01, URIBL_BLOCKED=0.001, URIBL_DBL_BLOCKED_OPENDNS=0.001, URIBL_ZEN_BLOCKED_OPENDNS=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmx.net
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id rRxs-bJl-KJB; Thu, 10 Nov 2022 22:39:23 -0800 (PST)
Received: from mout.gmx.net (mout.gmx.net [212.227.15.18]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange ECDHE (P-256) server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id A6EE4C14CF02; Thu, 10 Nov 2022 22:39:22 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=s31663417; t=1668148759; bh=gzszVJMp1Vzpa0jRECm3r3GVT9mPQARdgSDRE1X8JvA=; h=X-UI-Sender-Class:Date:Subject:To:References:From:In-Reply-To; b=B4uFCplw9SuVzySVjgV5Dzy/k73dQYjDiqfhmJTJF9Od3ct9vQQtG3ghyIoh3xJR5 Yu3i5qnx3DFcNOaVKqXIUN/O36CSzPmAm50cAg3aNSkjuPMOZYMc70++4GRTMEWUZX vYpE+mJUeKvr6mOFVuvyoPz6f4I/jQhPUPxHWSEXr/DkmjRv5qbze+343QBSPdAU1n IbyjPE48mOC57ZCQXXv/RlBRZX7dl+OwWUNlFWj5mn3Ad4kdH3DSO4hHWePji4c9RV 9ZjXGanYR/GvujThA2oXTcKGoacF0LZyu540EKMk8lz7McrKRM7oa113qv8UWPW3xY KwNGSpMI0GMnw==
X-UI-Sender-Class: 724b4f7f-cbec-4199-ad4e-598c01a50d3a
Received: from [192.168.178.10] ([88.152.184.228]) by mail.gmx.net (mrgmx005 [212.227.17.190]) with ESMTPSA (Nemesis) id 1MJVHe-1oZVOh12YC-00Jo8A; Fri, 11 Nov 2022 07:39:19 +0100
Message-ID: <78504616-efd1-927d-f22d-cac06f0d4f4b@gmx.net>
Date: Fri, 11 Nov 2022 07:39:18 +0100
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:102.0) Gecko/20100101 Thunderbird/102.2.2
To: core@ietf.org, John Mattsson <john.mattsson=40ericsson.com@dmarc.ietf.org>
References: <166807759799.8377.8307043275662656195@ietfa.amsl.com> <HE1PR0701MB3050A78DE4E8CFCD55EAE47D89019@HE1PR0701MB3050.eurprd07.prod.outlook.com>
Content-Language: de-AT-frami, en-US
From: Achim Kraus <achimkraus@gmx.net>
In-Reply-To: <HE1PR0701MB3050A78DE4E8CFCD55EAE47D89019@HE1PR0701MB3050.eurprd07.prod.outlook.com>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: quoted-printable
X-Provags-ID: V03:K1:ui/s/CVjsKS/t+v+aIgzomqQ7WfY7+Nneu//8+bPM2uhnEqakuv UbNoYaL6USczwnAZK5uQfbexBplLoagL6CO+VEvmDo0fBaU++sMAsX7PhRcMiY+bQNhkxTw Vc+y9/nLpTxvM8okxtnuQRB30DaS0BG1HCYQl8fsEkN55t2AdyNzuxDsExJR8rE3CWx7UA/ Bjwom/W5oiM82nryLPR9g==
UI-OutboundReport: notjunk:1;M01:P0:If54CGWD434=;bP9IPB2lJJeRS/rOx4ULApCLZP2 Tvch7jLLOfA4RI2Urmu9Ckvc9xbM+XoyBA8yeCsz0lvTvzSo89wod7IdXms8jkDlidj/mXU5a a55gwIoedo/ss8pTrKd3ZYd1H0HCChMYyTHJhDxFbpmKAGIajz7uceb0q6FgtRwz/mpOxFsvJ f4QxDc9nCKl769e960vsteEs74heRUVCSYgS1A9VZxgMDZps75NZ3m7/EwvGnaPkz03T+OpA7 fVhU4wbztWIx3l4P79CebyZwmHFWniP7yn+NtOsQqHQGwjp0Vd/nUK4toty5sjK4E4Vr8DqV0 OgeCg4AfhS6RVe1hR0uLvBWXsR/SGFVoyIDpPANg/xmzyZOZvCaTkpgBVR/BIubcZfYjWawmt 1X2p2sOESJStzB3/cKFG8kmt6GfvnMfVXgHjzEBSXKPVkwk7tQ5ZK3RatZCs2BY66TgJq5rXO WsnwV6zJN6WLLBY3rfBR/NBckKntdQWDJiWZicbL6kop4Ylf2TKF837S4fq0cNOzUBiXumrpi w3fUN3SxyVl2kKW5kmawJUP0GXMsyUciYxd530KpCEnpyleCkRVu+BeHETaa/jhlWXi3aQETP HNAzub1sK8g+hFrLutFz1kajmyg70+9utGjwJL2b0e5L2/VKsnQMBHNwG2CD6XqKfzhsbRBqN a6CnKx4GyUhVyZgGAkLAW7SBQIGY5c4ljTiP6PiiWhW04MevMIcS4gF5ccvwYCy63+OIaIe37 YgpgZRu2cIb69emt3mU2W4xhKQu0Et/I/wAYjrgdV/i6qVd8+/HhMPNzEqroO+NlV4ijmFRjn ywUHHpVpnYqhyG32Kb1a6PuWN1rWJCL/POD4tX460etTyN9lJ/2ii7y35Txr0m7TE36h7Klsp T4vMIoDvnvdL9ZcTsuYByygYJ8Bq/6jjeX5LaQXzWWwnbtJ7WbB/Z/gRaKuRTFZJT6gP+o1aN CLwQ6Dgbvg9Gzj9ONqdy3NeLe64=
Archived-At: <https://mailarchive.ietf.org/arch/msg/core/BOG6xkClHS29vlQqUYaQBwZkB58>
Subject: Re: [core] I-D Action: draft-ietf-core-attacks-on-coap-01.txt
X-BeenThere: core@ietf.org
X-Mailman-Version: 2.1.39
Precedence: list
List-Id: "Constrained RESTful Environments \(CoRE\) Working Group list" <core.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/core>, <mailto:core-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/core/>
List-Post: <mailto:core@ietf.org>
List-Help: <mailto:core-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/core>, <mailto:core-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 11 Nov 2022 06:39:27 -0000

Hi John,
Hi List,

I appreciate the added statement about encryption in the abstract.
Does the

"Several of the discussed attacks can be mitigated with the solutions in
RFC 9175."

require the combination with encryption in order to mitigate the
attacks? I think so.

Overall, I'm wondering, if the preconditions of such attacks could be
documented clearer?

E.g. assuming an "on-path-attacker" RFC 9175 without encryption may be
in vain.

A couple of attacks assume, that tokens are reused frequently. In my
experience, that's not the case (except in cases, where someone stick to
(re-)use the empty token to save bandwidth, or reuse tokens for
testing/debugging). Different tokens and replay-windows are then
creating also protection in a couple of cases.

With a list of preconditions it would be easier to see,
if a system is affected by that attack or not.

You added "availability", but I miss the see an example, if there
is a specific risk using coap.

best regards
Achim

P.S.: about the "time shifting attacks" in general:
I'm not sure, if the core-wg did already consider to standardize some
aspects of "time"?
E.g. introduce coap-options to contain times for "now", "created", and
"last update" of the resources. I did recently a small experiment with
"now" and in my use-case that simplifies some cases.
I use a 0 to request times, and the millis since 1970-01-01 00:00:00
(java like :-) ) as values for the times. The devices starts requesting
the time from the server by sending "opt time: 0" and gets back the
server's time in the response also with "opt time: now in millis".
In follow up requests the device sends then the updated time in the
request "opt time: now" and the server only respond with a "time opt:"
if that time need to be adjusted. The requires some timers on the
device, but no RTC. If someone is interested, I may send a more
elaborated e-mail not to capture the topic of this one.


Am 10.11.22 um 12:04 schrieb John Mattsson:
> Hi,
>
> This update tries to address many but not all of the WGLC comments:
>
>   * “block attack” renamed “blocking attack”
>   * Added ”availability” to list of required properties
>   * Added that the freshness definition comes from RFC 9175
>   * Several changes to abstract and introduction based on Achim’s comment
>
> Left to do of WGLC comments:
>
>   * All the comments related to the Request Fragment Rearrangement Attack
>   * Maybe more changes based on Achim’s comment
>
> Cheers,
>
> John
>
> *From: *core <core-bounces@ietf.org> on behalf of
> internet-drafts@ietf.org <internet-drafts@ietf.org>
> *Date: *Thursday, 10 November 2022 at 10:54
> *To: *i-d-announce@ietf.org <i-d-announce@ietf.org>
> *Cc: *core@ietf.org <core@ietf.org>
> *Subject: *[core] I-D Action: draft-ietf-core-attacks-on-coap-01.txt
>
>
> A New Internet-Draft is available from the on-line Internet-Drafts
> directories.
> This draft is a work item of the Constrained RESTful Environments WG of
> the IETF.
>
>          Title           : Attacks on the Constrained Application
> Protocol (CoAP)
>          Authors         : John Preuß Mattsson
>                            John Fornehed
>                            Göran Selander
>                            Francesca Palombini
>                            Christian Amsüss
>    Filename        : draft-ietf-core-attacks-on-coap-01.txt
>    Pages           : 19
>    Date            : 2022-11-10
>
> Abstract:
>     Being able to securely read information from sensors, to securely
>     control actuators, and to not enable distributed denial-of-service
>     attacks are essential in a world of connected and networking things
>     interacting with the physical world.  Using a security protocol such
>     as DTLS, TLS, or OSCORE to protect CoAP is a requirement for secure
>     operation and protects against many attacks.  This document
>     summarizes a number of known attacks on CoAP deployments and show
>     that just using CoAP with a security protocol like DTLS, TLS, or
>     OSCORE is not enough for secure operation.  Several of the discussed
>     attacks can be mitigated with the solutions in RFC 9175.
>
>
> The IETF datatracker status page for this draft is:
> https://datatracker.ietf.org/doc/draft-ietf-core-attacks-on-coap/
> <https://datatracker.ietf.org/doc/draft-ietf-core-attacks-on-coap/>
>
> There is also an HTML version available at:
> https://www.ietf.org/archive/id/draft-ietf-core-attacks-on-coap-01.html
> <https://www.ietf.org/archive/id/draft-ietf-core-attacks-on-coap-01.html>
>
> A diff from the previous version is available at:
> https://www.ietf.org/rfcdiff?url2=draft-ietf-core-attacks-on-coap-01
> <https://www.ietf.org/rfcdiff?url2=draft-ietf-core-attacks-on-coap-01>
>
>
> Internet-Drafts are also available by rsync at
> rsync.ietf.org::internet-drafts
>
>
> _______________________________________________
> core mailing list
> core@ietf.org
> https://www.ietf.org/mailman/listinfo/core
> <https://www.ietf.org/mailman/listinfo/core>
>
>
> _______________________________________________
> core mailing list
> core@ietf.org
> https://www.ietf.org/mailman/listinfo/core

v2.23.0 | Report a Bug | By Email