Re: [IPsec] IKE fragmentation
Yaron Sheffer <yaronf.ietf@gmail.com> Wed, 13 March 2013 13:43 UTC
Return-Path: <yaronf.ietf@gmail.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1EDB721F87F9 for <ipsec@ietfa.amsl.com>; Wed, 13 Mar 2013 06:43:47 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -99.064
X-Spam-Level:
X-Spam-Status: No, score=-99.064 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, RCVD_IN_PBL=0.905, RCVD_IN_SORBS_DUL=0.877, RDNS_DYNAMIC=0.1, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Uf9QGIm2lSyt for <ipsec@ietfa.amsl.com>; Wed, 13 Mar 2013 06:43:46 -0700 (PDT)
Received: from mail-bk0-x232.google.com (mail-bk0-x232.google.com [IPv6:2a00:1450:4008:c01::232]) by ietfa.amsl.com (Postfix) with ESMTP id 5ADC021F87AC for <ipsec@ietf.org>; Wed, 13 Mar 2013 06:43:46 -0700 (PDT)
Received: by mail-bk0-f50.google.com with SMTP id jg9so465914bkc.37 for <ipsec@ietf.org>; Wed, 13 Mar 2013 06:43:45 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=x-received:message-id:date:from:user-agent:mime-version:to:cc :subject:references:in-reply-to:content-type :content-transfer-encoding; bh=ZN7CTI2Fpqq5SR9iJKt12a2CBTeEJBh5lNLwNtySRiY=; b=Qs7t8G7u4FtYW4M7YL+isqDYr+84wZLtJrXh9XetFuboqSqDLeyH0xcyGgRqmZmS7M Acyi+FMOagSgXf7uvR5idL0Qi5BbQkK3O7n2/VFTe2BAhKBBtHNrCSxwwgP2/ttEDEqL knhJl6pNjCJP8yOh1HBGS31w1lYfh+ecXnoiiIB5r8l/I16YM9SbmshLSzAOLIUfVd/v MOxQt8Eq0CZfxVV+Akew8Gu5Zrjo81x7epv0m9K/tkggH55At54N/Lo5nY7Lq7ROJp1p Tw2cuBjeBVjR5N4u03XJqRHII5oBKgXMlajw5jyrJNQaa8OizVx/k2AU+NqXrcdXmgXg M3PQ==
X-Received: by 10.205.120.133 with SMTP id fy5mr7664992bkc.87.1363182225466; Wed, 13 Mar 2013 06:43:45 -0700 (PDT)
Received: from [10.0.0.14] (89-139-62-92.bb.netvision.net.il. [89.139.62.92]) by mx.google.com with ESMTPS id x18sm6034540bkw.4.2013.03.13.06.43.40 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Wed, 13 Mar 2013 06:43:44 -0700 (PDT)
Message-ID: <51408287.7080207@gmail.com>
Date: Wed, 13 Mar 2013 15:43:35 +0200
From: Yaron Sheffer <yaronf.ietf@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130221 Thunderbird/17.0.3
MIME-Version: 1.0
To: Valery Smyslov <svanru@gmail.com>
References: <20799.34490.611737.922474@fireball.kivinen.iki.fi> <294A12724CB849D2A33F7F80CC82426A@buildpc>
In-Reply-To: <294A12724CB849D2A33F7F80CC82426A@buildpc>
Content-Type: text/plain; charset="windows-1255"; format="flowed"
Content-Transfer-Encoding: 7bit
Cc: ipsec@ietf.org, Tero Kivinen <kivinen@iki.fi>
Subject: Re: [IPsec] IKE fragmentation
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 13 Mar 2013 13:43:47 -0000
Hi Valery, I believe the DoS argument is incorrect, because the message we are most worried about (most likely to get fragmented) is IKE_AUTH, and at this point both peers are not yet authenticated, of course. So fragments and messages can be encrypted but cannot be authenticated. Thus, an attacker can send any number of seemingly valid fragments. Let me know if I'm missing anything. Thanks, Yaron On 03/13/2013 03:22 PM, Valery Smyslov wrote: > Hi, > >> Anyways, if there is already more implementations doing IKE >> framentation, it might be good idea to think whether we should >> standardize that. On the other hand I am not sure if they are well >> enough documented so that different implementations actually talk each >> other... > > We support IKEv1 fragmentation based on documentation found at > msdn.microsoft.com. > We are able to interoperate with both Microsoft and Cisco. > >> Anyways we should most likely act fastly if we want to get this fixed >> for IKEv2. > > As for IKEv2, I don't know how Cisco is doing fragmentation in this case > (it seems to have support for it), but if it is done similarly to IKEv1, > than I prefer our own solution - draft-smyslov-ipsecme-ikev2-fragmentation. > The main difference is that in Microsoft/Cisco solution (for IKEv1) > the whole encrypted ISAKMP message is fragmented, > leaving each fragment unauthanticated untill message get reassembled > and its authentity could be verivied. This opens door for > a very simple DoS attack on receiver. > > In our proposal each fragment is encrypted and authenticated > individually, that allows receiver to distinguish valid fragments > from bogus, thus preventing from abovementioned DoS attack. > > And, of course, we have implemented this solution in our products. > > And, of course, we are intersted in doing IKEv2 fragmentation > in standard, interoperable way (based either on our proposal or > smth else). > > Regards, > Valery Smyslov. > >> -- >> kivinen@iki.fi >> _______________________________________________ >> IPsec mailing list >> IPsec@ietf.org >> https://www.ietf.org/mailman/listinfo/ipsec > > _______________________________________________ > IPsec mailing list > IPsec@ietf.org > https://www.ietf.org/mailman/listinfo/ipsec
- [IPsec] IKE fragmentation Tero Kivinen
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Yaron Sheffer
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Derek Atkins
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Yoav Nir
- [IPsec] Informal poll on IKEv2 { over TCP | fragm… Paul Hoffman
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Yoav Nir
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Valery Smyslov
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Tero Kivinen
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Yoav Nir
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Paul Wouters
- Re: [IPsec] IKE fragmentation Valery Smyslov
- Re: [IPsec] IKE fragmentation Tero Kivinen
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Paul_Koning
- Re: [IPsec] IKE fragmentation Yaron Sheffer
- [IPsec] Informal poll on IKEv2 { over TCP | fragm… Tero Kivinen
- Re: [IPsec] Informal poll on IKEv2 { over TCP | f… Brian Weis