RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14
"Eduardo Cardona" <e.cardona@CableLabs.com> Tue, 05 October 2004 21:28 UTC
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA13862 for <ipcdn-archive@ietf.org>; Tue, 5 Oct 2004 17:28:57 -0400 (EDT)
Received: from megatron.ietf.org ([132.151.6.71]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CEx16-0008WU-Ef for ipcdn-archive@ietf.org; Tue, 05 Oct 2004 17:38:40 -0400
Received: from localhost.localdomain ([127.0.0.1] helo=megatron.ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CEwq8-0003v8-Ry; Tue, 05 Oct 2004 17:27:20 -0400
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by megatron.ietf.org with esmtp (Exim 4.32) id 1CEwjK-00038G-DW for ipcdn@megatron.ietf.org; Tue, 05 Oct 2004 17:20:18 -0400
Received: from ietf-mx.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA13430 for <ipcdn@ietf.org>; Tue, 5 Oct 2004 17:20:16 -0400 (EDT)
Received: from ondar.cablelabs.com ([192.160.73.61]) by ietf-mx.ietf.org with esmtp (Exim 4.33) id 1CEwsg-0007Cm-2W for ipcdn@ietf.org; Tue, 05 Oct 2004 17:29:59 -0400
Received: from srvxchg.cablelabs.com (srvxchg.cablelabs.com [10.5.0.20]) by ondar.cablelabs.com (8.12.10/8.12.10) with ESMTP id i95LJekH023336; Tue, 5 Oct 2004 15:19:41 -0600 (MDT)
X-MimeOLE: Produced By Microsoft Exchange V6.0.6249.0
content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Subject: RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14
Date: Tue, 05 Oct 2004 15:19:40 -0600
Message-ID: <5259D0D7419C6149B347837A2E64F46F03E97E@srvxchg.cablelabs.com>
Thread-Topic: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14
Thread-Index: AcSrGjdqfn9mYsXqQ++EwKAmjJAQuAABjbig
From: Eduardo Cardona <e.cardona@CableLabs.com>
To: "Steven M. Bellovin" <smb@research.att.com>, Jean-Francois Mule <jf.mule@CableLabs.com>
X-Approved: ondar
X-Spam-Score: 0.0 (/)
X-Scan-Signature: cab78e1e39c4b328567edb48482b6a69
Content-Transfer-Encoding: quoted-printable
Cc: ipcdn@ietf.org, Greg White <g.white@CableLabs.com>, bwijnen@lucent.com, Oscar Marcia <o.marcia@CableLabs.com>, Russ Housley <housley@vigilsec.com>, "Richard Woundy @ Comcast" <Richard_woundy@cable.comcast.com>, Eric Rosenfeld <e.rosenfeld@CableLabs.com>
X-BeenThere: ipcdn@ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: IP over Cable Data Network <ipcdn.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=unsubscribe>
List-Post: <mailto:ipcdn@ietf.org>
List-Help: <mailto:ipcdn-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/ipcdn>, <mailto:ipcdn-request@ietf.org?subject=subscribe>
Sender: ipcdn-bounces@ietf.org
Errors-To: ipcdn-bounces@ietf.org
X-Spam-Score: 0.0 (/)
X-Scan-Signature: 0ddefe323dd869ab027dbfff7eff0465
Content-Transfer-Encoding: quoted-printable
Thanks Steve, we will scope the text showing the lack of robustness for targeted attacks as you pointed, or even removing it on favor or a more encouraging text for stronger encryption. Thanks Eduardo -----Original Message----- From: Steven M. Bellovin [mailto:smb@research.att.com] Sent: Tuesday, October 05, 2004 12:49 PM To: Jean-Francois Mule Cc: Russ Housley; bwijnen@lucent.com; ipcdn@ietf.org; Eduardo Cardona; Richard Woundy @ Comcast; Eric Rosenfeld; Oscar Marcia; Greg White Subject: Re: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib-14 That address most of my concerns. But I also said this: The Security Considerations section says The time to crack DES could be additionally mitigated by a compromised value for the TEK lifetime and Grace Time (up to a minimum of 30 minutes for the TEK lifetime, see Appendix A [1]). That's only partially correct. These keys are confidentiality keys; they're still valuable even after they're no longer in active use, because they can be used to decrypt old traffic. (By contrast, old authentication keys are useless to an attacker.) You need to strengthen your text; while frequent key changes help, an attacker can often select what to attack. For example, email checking is generally timer-driven; someone monitoring the link can easily spot an eamil session by noticing the periodicity. For example, in the middle of the night, when there's little email traffic (except, of course, for the daily spam load), there will be a set of very similar (in length and timing) packets in each direction, every N minutes, where N is probably in the range 5-15 minutes. Select the confidentiality key for this period, attack it, and recover the user's email password. For that attack, a key lifetime of 30 minutes or 30 days is the same -- it's a targeted attack. _______________________________________________ IPCDN mailing list IPCDN@ietf.org https://www1.ietf.org/mailman/listinfo/ipcdn
- [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus-mib… Wijnen, Bert (Bert)
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Eduardo Cardona
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Eduardo Cardona
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Jean-Francois Mule
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Russ Housley
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Eduardo Cardona
- Re: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Steven M. Bellovin
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Jean-Francois Mule
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Russ Housley
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Jean-Francois Mule
- RE: [ipcdn] FW: DISCUSS: draft-ietf-ipcdn-bpiplus… Russ Housley