IETF Logo Mail Archive

Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - Respond by March 29th

Sten Carlsen <stenc@s-carlsen.dk> Thu, 30 March 2017 15:21 UTC

Return-Path: <stenc@s-carlsen.dk>
X-Original-To: dhcwg@ietfa.amsl.com
Delivered-To: dhcwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B3F88127419 for <dhcwg@ietfa.amsl.com>; Thu, 30 Mar 2017 08:21:13 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2
X-Spam-Level:
X-Spam-Status: No, score=-2 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=s-carlsen.dk
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Vw81eudKu1Sw for <dhcwg@ietfa.amsl.com>; Thu, 30 Mar 2017 08:21:11 -0700 (PDT)
Received: from mail2.s-carlsen.dk (xd93ddd80.cust.hiper.dk [217.61.221.128]) by ietfa.amsl.com (Postfix) with ESMTP id E0EBA1242EA for <dhcwg@ietf.org>; Thu, 30 Mar 2017 08:21:10 -0700 (PDT)
Received: from mail3.s-carlsen.dk (think.s-carlsen.dk [192.168.16.20]) by mail2.s-carlsen.dk (Postfix) with ESMTP id 30CC4400BC for <dhcwg@ietf.org>; Thu, 30 Mar 2017 17:20:57 +0200 (CEST)
Received: from silver4.local (unknown [192.168.16.241]) by mail3.s-carlsen.dk (Postfix) with ESMTPA id 042CBC1FE097 for <dhcwg@ietf.org>; Thu, 30 Mar 2017 17:21:07 +0200 (CEST)
DKIM-Filter: OpenDKIM Filter v2.11.0 mail3.s-carlsen.dk 042CBC1FE097
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=s-carlsen.dk; s=20170103-s-dk; t=1490887268; bh=Rmvermdvahf8wVvDB1gzTfifmWcODuovshyco4lyYyQ=; h=Subject:To:References:From:Date:In-Reply-To:From; b=ktOvDIwQM024RkGhYMORmpRxrNUniSeauK5zn384FyTtDmJRnZw3W+zRpibzD0xKA WnuprbO4u9eFIfa+p1cEd1P40ZlddHAYFqXzxwblCsbFJPm+j3c18zRGiPL0SVDLf0 e8As/FzXK+yI4FA9yolOfDPVMKUaTcSbUa5oeEYQ=
To: dhcwg@ietf.org
References: <e08be0f6-f1b4-4f57-6cdf-ddd546f8b793@gmail.com> <7db55e6f55e34408a1816887c22e28d3@XCH-ALN-003.cisco.com> <CAJ3w4NdN2jqJpQCeSgHLtHFkK3CLatN+BYFVGaFY=s5Qd_y6Gg@mail.gmail.com> <369C97B6-B6E7-46CE-B42E-18559BFB1E78@cisco.com> <CAJ3w4Nf_gVtiO2KeCPaNT=b30mK8uQ0Tri2=0Nq5m_WLRU1aoQ@mail.gmail.com> <FBDB0F68-0087-4488-863F-E5F0D45281BF@cisco.com>
From: Sten Carlsen <stenc@s-carlsen.dk>
Message-ID: <6c0c02df-209a-bdd2-fa45-0e9f448821e4@s-carlsen.dk>
Date: Thu, 30 Mar 2017 17:21:30 +0200
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.12; rv:45.0) Gecko/20100101 Thunderbird/45.8.0
MIME-Version: 1.0
In-Reply-To: <FBDB0F68-0087-4488-863F-E5F0D45281BF@cisco.com>
Content-Type: multipart/alternative; boundary="------------357134120EE4D8B32128C965"
Archived-At: <https://mailarchive.ietf.org/arch/msg/dhcwg/qIlEhxIQ1_PLjqYIOLARhu8xA-c>
Subject: Re: [dhcwg] WGLC on draft-ietf-dhc-sedhcpv6-21 - Respond by March 29th
X-BeenThere: dhcwg@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: <dhcwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/dhcwg/>
List-Post: <mailto:dhcwg@ietf.org>
List-Help: <mailto:dhcwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/dhcwg>, <mailto:dhcwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 30 Mar 2017 15:21:14 -0000

Sorry for late comment but this just caught my attention.

>>     BV> Re Security Considerations - A new comment from a
>>     conversation with Tomek (Tomek will hopefully comment more). I
>>     mentioned that I was concerned with the possibility of clients
>>     and servers getting “junk” is a security concern as someone could
>>     generate bad packets with encrypted data and send them to clients
>>     and servers in the hope to crash the either when they try to
>>     decrypt and then process junk. Tomek suggested we might want to
>>     think about whether to add some magic value to the first few
>>     bytes of a message before encrypting it and then the decrypter
>>     can check those first few bytes to see if they are value and
>>     discard the message if not. Perhaps the encoding from RFC5652
>>     would accomplish this if we are using more than just the
>>     encryptedContent? Anyway, something to think about.
>>
>> [LS]: Agree. Perhaps the encoding from RFC5652 solves this problem. 
>> I think that it may be a general problem for all encryption protocol. 
If someone deliberately wants to make bad packets with the purpose of
causing problems, they would be smart enough to add the same magic
number? Knowing the encryption algorithms would allow more deliberate
attempts to cause overflow etc.

I don't see any other method than careful programming and careful
testing with deliberate intent to find weak spots.

If we talk about noise or other non-intentional bad/random packet, then
a magic number will help.

-- 
Best regards

Sten Carlsen

No improvements come from shouting:

       "MALE BOVINE MANURE!!!"

v2.23.0 | Report a Bug | By Email