IETF Logo Mail Archive

Re: [dhcwg] Eric Rescorla's Discuss on draft-ietf-dhc-dhcp4o6-saddr-opt-06: (with DISCUSS and COMMENT)

Eric Rescorla <ekr@rtfm.com> Fri, 12 October 2018 13:54 UTC

Return-Path: <ekr@rtfm.com>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 358CC127148 for <dhcwg@ietfa.amsl.com>; Fri, 12 Oct 2018 06:54:52 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=rtfm-com.20150623.gappssmtp.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id BLrJjtLyyIxd for <dhcwg@ietfa.amsl.com>; Fri, 12 Oct 2018 06:54:49 -0700 (PDT)
Received: from mail-lf1-x12b.google.com (mail-lf1-x12b.google.com [IPv6:2a00:1450:4864:20::12b]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 94E6E130E21 for <dhcwg@ietf.org>; Fri, 12 Oct 2018 06:54:45 -0700 (PDT)
Received: by mail-lf1-x12b.google.com with SMTP id g89-v6so9402410lfl.5 for <dhcwg@ietf.org>; Fri, 12 Oct 2018 06:54:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=rtfm-com.20150623.gappssmtp.com; s=20150623; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=85EXhTsLjcJDUohuyMjJvbvWfQJPbDdUocQKs+otpPA=; b=RftqvZLYt+Dk7EDityWEz+QpKb6OICgVY96Yr57UTsODlcPbcKjspfkknu+Gc5p4B8 hhQBMcLr5HIvsora9cCGqXDD2nlU77NfW5cJUjfgqg0TpGQDZNyYHKa/zZId6CNOL3ij iMncGS+00QPV69ECP1oOKtaU97XVxt5e9KGFDc3G+NfJLAm8GoOGUdRnDdvCbvM1+NXX b8wLHhyLLY1lvyB5RGokZXyr0MMMTlDvumZfcHKzzyDLMgtr4oGaehkV3Ov7HzCQmqfI i/Rqws0gN3OcfNclOAfkMIQ1Hv6JQT85FbDvTGNjXs6PEXzhDnAr38XF7irPISKCiQZS TWlw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=85EXhTsLjcJDUohuyMjJvbvWfQJPbDdUocQKs+otpPA=; b=I7f3cYRoB2qVNjf1U1fbBIFOptEDpoAvYTUvvCgw4TEYn1jolGTT2uaGm/3HYnRI/x WyzTFZ35Un2wfyggiJNfjpi/B9KN8fJGoE23nOeO07v47ORpVAYArZ5UNPz8F73M/ObH E5FkpdXAlTs9mg4z+Ce09gp3EGmvdLpgrUnjaY/UWJAZbwtkaIGVOA8R8HIiQ+ahqA71 fLe0jnw2ZLKlilvmK2pwtcCt6oiA/Otg0Swu5ni02pRGAEEi049/3YFNXlxrr6/UhDNI nTROVU0UgZi00Nk/I7PlyRkTE1i9ewkzz4KBEXoVy2ECSkRBNptxq+6VXn4VDlJqMdWQ sUaA==
X-Gm-Message-State: ABuFfohZ2d3+5qKblastlx834gh/sVhFnxZWB5IpkMaqsV38Diub8Lpn Lc198an8oCeDDtTCbFkA57S4c8l18QqXAcBdRZ6CHg==
X-Google-Smtp-Source: ACcGV62r9vmFU3XlpGwObVyuBrCbwUnPpipa0aJ1nC/Nvi1x6+UAo99HOuvLE250qnv7QPqcVlt1byKAwW+Yy/gHDcc=
X-Received: by 2002:a19:910c:: with SMTP id t12-v6mr3855237lfd.98.1539352483610; Fri, 12 Oct 2018 06:54:43 -0700 (PDT)
MIME-Version: 1.0
References: <153922397672.5804.489295934152877724.idtracker@ietfa.amsl.com> <1B1F17D2-5FAE-4FEC-93CE-F1D9CEFC08C4@telekom.de>
In-Reply-To: <1B1F17D2-5FAE-4FEC-93CE-F1D9CEFC08C4@telekom.de>
From: Eric Rescorla <ekr@rtfm.com>
Date: Fri, 12 Oct 2018 06:54:06 -0700
Message-ID: <CABcZeBPeAfEVuLVTRbNjLYmKhNQJf9uyVEFSkn8ACKAo-RTMhw@mail.gmail.com>
To: ian.farrer@telekom.de
Cc: IESG <iesg@ietf.org>, draft-ietf-dhc-dhcp4o6-saddr-opt@ietf.org, dhc-chairs@ietf.org, "Bernie Volz (volz)" <volz@cisco.com>, dhcwg@ietf.org
Content-Type: multipart/alternative; boundary="000000000000f857a00578086dbc"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/_lttZGUdgV9BbyPx6gtQlotRONQ>
Subject: Re: [dhcwg] Eric Rescorla's Discuss on draft-ietf-dhc-dhcp4o6-saddr-opt-06: (with DISCUSS and COMMENT)
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 12 Oct 2018 13:54:52 -0000

Thanks for your note

First, let me apologize: I somehow forgot to include that I think Ben's
point is
correct: there seems to be an amplification attack in which I rebind my
IPv4 address to some victim's IPv6 address with the result that they
get a pile of traffic. Do you agree with that?


On Fri, Oct 12, 2018 at 3:45 AM <ian.farrer@telekom.de> wrote:

>
>
> On 11.10.18, 04:13, "dhcwg on behalf of Eric Rescorla" <
> dhcwg-bounces@ietf.org on behalf of ekr@rtfm.com> wrote:
>
>     Eric Rescorla has entered the following ballot position for
>     draft-ietf-dhc-dhcp4o6-saddr-opt-06: Discuss
>
>     When responding, please keep the subject line intact and reply to all
>     email addresses included in the To and CC lines. (Feel free to cut this
>     introductory paragraph, however.)
>
>
>     Please refer to
> https://www.ietf.org/iesg/statement/discuss-criteria.html
>     for more information about IESG DISCUSS and COMMENT positions.
>
>
>     The document, along with other ballot positions, can be found here:
>     https://datatracker.ietf.org/doc/draft-ietf-dhc-dhcp4o6-saddr-opt/
>
>
>
>     ----------------------------------------------------------------------
>     DISCUSS:
>     ----------------------------------------------------------------------
>
>     Rich version of this review at:
>     https://mozphab-ietf.devsvcdev.mozaws.net/D5110
>
>
>     I believe there are security issues as detailed in this review.
>
>     DETAIL
>     S 9.
>     >      For such an attack to be effective, the attacker would need to
> know
>     >      both the client identifier and active IPv4 address lease
> currently in
>     >      use by another client.  The risk of this can be reduced by
> using a
>     >      client identifier format which is not easily guessable, e.g., by
>     >      including a time component for when the client identifier was
>     >      generated (see [I-D.ietf-dhc-rfc3315bis] Section 11.2).
>
>     This doesn't seem like a very strong defense. At minimum you need an
>     analysis of the level of entropy.
>
>     I note that an on-path attacker (as RFC 3552 requires us to consider)
>     will have no real problem with this attack. This seems fairly serious.
>
>
>       A rogue client could attempt to use the mechanism described
>       in Section 4.2.1 to redirect IPv4 traffic
>       intended for another client to itself. This would be performed by
>       sending a DHCPREQUEST message for another client's active IPv4
>       lease containing the attacker's softwire IPv6 address in
>       OPTION_DHCP4O6_S46_SADDR.
>
>       For such an attack to be effective, the attacker would
>       need to know both the client identifier and active IPv4
>       address lease currently in use by another client. This could
>       be attempted in three ways:
>
>       1, One customer learning the active IPv4 address lease
>          and client identifier of another customer via snooping
>          the DHCP4o6 message flow between the client
>          and server. The mechanism described in this document is
>          intended for use in a typical ISP network topology with
>          a dedicated layer-2 access network per-client,
>          meaning that snooping of another client's traffic is
>          not possible. If the access network is a shared
>          medium then it provisioning softwire clients using
>          dynamic DHCP4o6 as described here is
>          not recommended.
>

You probably want to use NOT RECOMMENDED.



>       2, Learning the active IPv4 address lease and client identifier
>          via snooping the DHCP4o6 message flow between the client
>          and server in the aggregation or core ISP network.
>          In this case, the attacker requires a level
>          of access to the ISP's infrastructure that means they can already
>          intercept or interfer with traffic flows to the client.
>

This is true, but generally we consider cheap traffic redirection attacks as
a problem.



>       3, An attacker could attempt to brute-force guessing the IPv4
>          lease address and client identifier tuple. The risk of
>          this can be reduced by using a client identifier format
>          which is not easily guessable, e.g., by using a UUID
>          based client identifier (see [I-D.ietf-dhc-rfc3315bis]
>          Section 11.5).
>

Is that really the most unguessable? I would have thought the random
one was best....


>     ]
>
>     ----------------------------------------------------------------------
>     COMMENT:
>     ----------------------------------------------------------------------
>
>     S 1.
>     >      A dynamic provisioning model, such as using DHCPv4 over DHCPv6
>     >      [RFC7341] (DHCP 4o6) allows much more flexibility in the
> location of
>     >      the IPv4-over-IPv6 softwire source address.  In this model, the
> IPv6
>     >      address is dynamically communicated back to the service provider
>     >      allowing the corresponding softwire configuration to be created
> in
>     >      the border router (BR).
>
>     I'm sure this is obvious to the informed, but it would have helped me
>     to have explained that the setting here is that the client has v6-only
>     service and is going to get a v4 address and tunnel that over v6.
>
>
> [if - The abstract tries to cover this, but it could be made more clear.
> How
> about:
>
> OLD:
> DHCPv4 over DHCPv6 (RFC7341) is a mechanism for dynamically
>         configuring IPv4 over an IPv6-only network. For DHCPv4 over DHCPv6
> NEW:
>  DHCPv4 over DHCPv6 (RFC7341) is a mechanism for dynamically
>         configuring IPv4 for use as an over-the-top service in a IPv6-only
>         network. Softwires are an example of such a service. For DHCPv4
> over
>         DHCPv6.....
>

LGTM.

]
>
>     S 5.
>     >              OPTION_DHCP4O6_S46_SADDR (TBD2) with the IPv6 address
> which
>     >              the client will use as its softwire source address.
>     >
>     >      Step 4  The server sends a DHCPv6 'DHCPV4-RESPONSE (21)'
> message.
>     >              OPTION_DHCPV4_MSG contains a DHCPv4 DHCPACK message.
>     >              OPTION_DHCP4O6_S46_SADDR with the client's softwire
> source
>
>     Which of these messages contains the client's assigned IPv4 address?
>     It's the DHCPOFFER, right?
>
> [if - DHCPOFFER contains an address proposal for the client, but the actual
> allocation is not made until the client sends the DHCPREQUEST for the
> address and the server responds with the DHCPACK saying that that the
> allocation request has been successful.
>
> Would it be helpful to add a pointer here to Section 3.1 "Client-server
> interaction
> - allocating a network address" of RFC2131?]
>

Yes, but i think it would be best to annotate diagram with it.

-Ekr


>
>     _______________________________________________
>     dhcwg mailing list
>     dhcwg@ietf.org
>     https://www.ietf.org/mailman/listinfo/dhcwg
>
>
>

v2.23.0 | Report a Bug | By Email