IETF Logo Mail Archive

I-D Action: draft-bhargav-l3vpn-inter-provider-optcsec-00.txt

internet-drafts@ietf.org Mon, 27 February 2012 07:31 UTC

Return-Path: <internet-drafts@ietf.org>
X-Original-To: i-d-announce@ietfa.amsl.com
Delivered-To: i-d-announce@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id DDEF321F8540 for <i-d-announce@ietfa.amsl.com>; Sun, 26 Feb 2012 23:31:51 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -101.743
X-Spam-Level:
X-Spam-Status: No, score=-101.743 tagged_above=-999 required=5 tests=[AWL=0.856, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id z2H1SObS+9Xf for <i-d-announce@ietfa.amsl.com>; Sun, 26 Feb 2012 23:31:51 -0800 (PST)
Received: from ietfa.amsl.com (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 65FCB21F8528 for <i-d-announce@ietf.org>; Sun, 26 Feb 2012 23:31:31 -0800 (PST)
MIME-Version: 1.0
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable
From: internet-drafts@ietf.org
To: i-d-announce@ietf.org
Subject: I-D Action: draft-bhargav-l3vpn-inter-provider-optcsec-00.txt
X-Test-IDTracker: no
X-IETF-IDTracker: 4.00
Message-ID: <20120227073131.2007.87455.idtracker@ietfa.amsl.com>
Date: Sun, 26 Feb 2012 23:31:31 -0800
X-BeenThere: i-d-announce@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
Reply-To: internet-drafts@ietf.org
List-Id: Internet Draft Announcements only <i-d-announce.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/i-d-announce>
List-Post: <mailto:i-d-announce@ietf.org>
List-Help: <mailto:i-d-announce-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/i-d-announce>, <mailto:i-d-announce-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 27 Feb 2012 07:31:52 -0000

A New Internet-Draft is available from the on-line Internet-Drafts directories.

	Title           : Preventing spoofing attacks in BGP-MPLS-VPN Inter-Provider Model-C
	Author(s)       : Bhargav Bhikkaji
                          Balaji Venkat Venkataswami
	Filename        : draft-bhargav-l3vpn-inter-provider-optcsec-00.txt
	Pages           : 15
	Date            : 2012-02-26

   In certain models of inter-provider Multi-Protocol-Label-Switching
   based Virtual Private Networks (MPLS-VPNs), spoofing attacks against
   VPN sites is a key concern. Unidirectional attacks towards VPN sites
   can compromise servers at the VPN sites and cause Denial-of-Service
   (DoS) situations. Currently, the inner labels associated with VPN
   sites are not encrypted during transmission. The Provider Edge (PE)
   router at the end to which the VPN customer is attached accepts any
   data packet with a valid label. This enables a man-in-the-middle
   attacker to spoof a packet to a specific site of a VPN. In this
   paper, we propose some secure techniques which provide security
   against such label-spoofing. These techniques ensure that an attacker
   would not be able to spoof labeled data packets. In order to make the
   proposed scheme robust, some additional steps are proposed over and
   above the initial steps specified. This makes the attacker to spend
   non-linear time to guess the right label for his unidirectional
   attacks to succeed. Our proposed technique can be applied to a
   specific type of inter-provider Border Gateway Protocol(BGP) based
   MPLS VPN and other existing variant where Multi-Protocol exterior-
   BGP (MP-eBGP) multi-hop is used. In future, if any other variant is
   proposed to use MP-eBGP multi-hop, our scheme can be used to protect
   against spoofing attacks.





A URL for this Internet-Draft is:
http://www.ietf.org/internet-drafts/draft-bhargav-l3vpn-inter-provider-optcsec-00.txt

Internet-Drafts are also available by anonymous FTP at:
ftp://ftp.ietf.org/internet-drafts/

This Internet-Draft can be retrieved at:
ftp://ftp.ietf.org/internet-drafts/draft-bhargav-l3vpn-inter-provider-optcsec-00.txt

v2.23.0 | Report a Bug | By Email