Re: [IPsec] Avoiding Authentication Header (AH)
Nico Williams <nico@cryptonector.com> Tue, 03 January 2012 01:06 UTC
Return-Path: <nico@cryptonector.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 03EA321F8575 for <ipsec@ietfa.amsl.com>; Mon, 2 Jan 2012 17:06:20 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.914
X-Spam-Level:
X-Spam-Status: No, score=-1.914 tagged_above=-999 required=5 tests=[AWL=0.064, BAYES_00=-2.599, FM_FORGED_GMAIL=0.622]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iGutbEvBBRgY for <ipsec@ietfa.amsl.com>; Mon, 2 Jan 2012 17:06:19 -0800 (PST)
Received: from homiemail-a88.g.dreamhost.com (caiajhbdccah.dreamhost.com [208.97.132.207]) by ietfa.amsl.com (Postfix) with ESMTP id 3A29F21F856E for <ipsec@ietf.org>; Mon, 2 Jan 2012 17:06:19 -0800 (PST)
Received: from homiemail-a88.g.dreamhost.com (localhost [127.0.0.1]) by homiemail-a88.g.dreamhost.com (Postfix) with ESMTP id DE78E26406C for <ipsec@ietf.org>; Mon, 2 Jan 2012 17:06:18 -0800 (PST)
DomainKey-Signature: a=rsa-sha1; c=nofws; d=cryptonector.com; h=mime-version :in-reply-to:references:date:message-id:subject:from:to:cc :content-type:content-transfer-encoding; q=dns; s= cryptonector.com; b=fIz5SWtec1dm97Y42P6NAsaQB+cPy5ObApfaTgkvOUfk lovygy3Z/iI6FHFLGdhJCxUAJqznmJYvXzaEY6MN9o8S+6ybtV0cKOtNsaWEyYhi jqHmWqzhzhkZzfaqSIGLcHMPkR6MLK/Qr9LxXa4Y/YGTMOxRwBLPtqC0nwKaC/k=
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=cryptonector.com; h= mime-version:in-reply-to:references:date:message-id:subject:from :to:cc:content-type:content-transfer-encoding; s= cryptonector.com; bh=w9+ibiG0khUX4v3M3drXIQRv3Ns=; b=pQBquW0cDL3 wceAoQkOhkwQwtoQGIYu4C2AGac0ti5K7NwrZkfRAAVJcsPuswA0O16/If7WPLm8 QsXupNel8H/5bm1SF/g4KQjkOCyMDZL0wGx77xxU2kTZYahC054JDlsYvoWOQ+7I Rqx3fmJ3l/ecMKEtRPgFmYxX7culnH3I=
Received: from mail-pz0-f44.google.com (mail-pz0-f44.google.com [209.85.210.44]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: nico@cryptonector.com) by homiemail-a88.g.dreamhost.com (Postfix) with ESMTPSA id C15CC26406A for <ipsec@ietf.org>; Mon, 2 Jan 2012 17:06:18 -0800 (PST)
Received: by dajz8 with SMTP id z8so15206298daj.31 for <ipsec@ietf.org>; Mon, 02 Jan 2012 17:06:18 -0800 (PST)
MIME-Version: 1.0
Received: by 10.68.211.161 with SMTP id nd1mr7363537pbc.50.1325552778486; Mon, 02 Jan 2012 17:06:18 -0800 (PST)
Received: by 10.68.10.234 with HTTP; Mon, 2 Jan 2012 17:06:18 -0800 (PST)
In-Reply-To: <31DFE5C9-2DE0-4A1B-A216-AE8F47E75109@gmail.com>
References: <12533D04-6B3F-490F-935B-4F1FA612C938@gmail.com> <7C362EEF9C7896468B36C9B79200D8350D027BB46F@INBANSXCHMBSA1.in.alcatel-lucent.com> <F1B15794-3291-4E71-BE26-A3559F408B01@gmail.com> <CAK3OfOh6uCm_Zyt0HTx3TAYPVuJeVrJmEWcGBujGRx=m90NNTQ@mail.gmail.com> <31DFE5C9-2DE0-4A1B-A216-AE8F47E75109@gmail.com>
Date: Mon, 02 Jan 2012 19:06:18 -0600
Message-ID: <CAK3OfOik9o6+PJYrXCgJqiG=Ys2GL_u4n8HZzSt=-qhJBjJxgg@mail.gmail.com>
From: Nico Williams <nico@cryptonector.com>
To: RJ Atkinson <rja.lists@gmail.com>
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Cc: IPsec ME WG List <ipsec@ietf.org>
Subject: Re: [IPsec] Avoiding Authentication Header (AH)
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipsec>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 03 Jan 2012 01:06:20 -0000
On Mon, Jan 2, 2012 at 6:45 PM, RJ Atkinson <rja.lists@gmail.com> wrote: > On 02 Jan 2012, at 19:28 , Nico Williams wrote: >> On Mon, Jan 2, 2012 at 3:11 PM, RJ Atkinson <rja.lists@gmail.com> wrote: >>> I gave a list earlier of a number of different scenarios where >>> and reasons why AH is used. A subset of that list: >>> - ESP null does not protect options/optional headers. >> >> ESP in tunnel mode is supposed to be the replacement for AH, >> and gets you this. > > Sadly, it cannot do so. > > Tunnel-mode isn't especially helpful here -- particularly > for options or optional headers that are intended to be > read/seen and their contents considered when forwarding > transit IP packets. With tunnel mode you effectively repeat the options inside and outside the tunnel. Routers can't validate the integrity protection regardless of whether AH or ESP-NULL in tunnel mode is used, but assuming that an attacker can only modify options at one place in the path then the recipient can see that options were modified. This is applies to both, IPv4 and v6. >>> - ESP null cannot reliably be parsed past. >> >> WESP is supposed to provide this. > > Sadly, at present there is still no 100% reliable > method for parsing past an ESP header with NULL encryption. > There are various documents describing methods which > have various success probabilities, but none that is > 100% reliable. Sure, this is necessarily true until any replacement for AH is universally deployed and that indicates that only integrity protection is provided. Nico --
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) Paul Hoffman
- Re: [IPsec] Avoiding Authentication Header (AH) Venkatesh Sriram
- Re: [IPsec] Avoiding Authentication Header (AH) Jack Kohn
- Re: [IPsec] Avoiding Authentication Header (AH) Jack Kohn
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) Dan Harkins
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) Jack Kohn
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) Jack Kohn
- Re: [IPsec] Avoiding Authentication Header (AH) Jack Kohn
- Re: [IPsec] Avoiding Authentication Header (AH) Nico Williams
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) Nico Williams
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) Michael Richardson
- Re: [IPsec] Avoiding Authentication Header (AH) Michael Richardson
- Re: [IPsec] Avoiding Authentication Header (AH) Michael Richardson
- Re: [IPsec] Avoiding Authentication Header (AH) Nico Williams
- Re: [IPsec] Avoiding Authentication Header (AH) Jack Kohn
- Re: [IPsec] Avoiding Authentication Header (AH) Nico Williams
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- Re: [IPsec] Avoiding Authentication Header (AH) Michael Richardson
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) RJ Atkinson
- [IPsec] WESP and reliability Paul Hoffman
- Re: [IPsec] WESP and reliability RJ Atkinson
- Re: [IPsec] WESP and reliability Paul Hoffman
- Re: [IPsec] Avoiding Authentication Header (AH) Dan Harkins
- Re: [IPsec] WESP and reliability Yaron Sheffer
- Re: [IPsec] Avoiding Authentication Header (AH) Nico Williams
- Re: [IPsec] WESP and reliability Bhatia, Manav (Manav)
- Re: [IPsec] WESP and reliability Jack Kohn
- Re: [IPsec] Avoiding Authentication Header (AH) Sean Turner
- Re: [IPsec] WESP and reliability Yaron Sheffer
- Re: [IPsec] Avoiding Authentication Header (AH) Yaron Sheffer
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) Tero Kivinen
- Re: [IPsec] Avoiding Authentication Header (AH) Tero Kivinen
- Re: [IPsec] Avoiding Authentication Header (AH) Markku Savela
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) Tero Kivinen
- Re: [IPsec] Avoiding Authentication Header (AH) Yoav Nir
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) Bhatia, Manav (Manav)
- Re: [IPsec] Avoiding Authentication Header (AH) Panos Kampanakis