IETF Logo Mail Archive

Re: [IPsec] [Last-Call] Secdir last call review of draft-ietf-ipsecme-rfc8229bis-06

"touch@strayalpha.com" <touch@strayalpha.com> Mon, 30 May 2022 16:00 UTC

Return-Path: <touch@strayalpha.com>
X-Original-To: ipsec@ietfa.amsl.com
Delivered-To: ipsec@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 06E26C15AAD4; Mon, 30 May 2022 09:00:17 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.096
X-Spam-Level:
X-Spam-Status: No, score=-2.096 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_HELO_NONE=0.001, T_SCC_BODY_TEXT_LINE=-0.01, T_SPF_TEMPERROR=0.01, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=strayalpha.com
Received: from mail.ietf.org ([50.223.129.194]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 6rQM3f_U55yB; Mon, 30 May 2022 09:00:12 -0700 (PDT)
Received: from server217-1.web-hosting.com (server217-1.web-hosting.com [198.54.114.226]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id C14ABC15AAD3; Mon, 30 May 2022 09:00:12 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=strayalpha.com; s=default; h=To:References:Message-Id:Cc:Date:In-Reply-To: From:Subject:Mime-Version:Content-Type:Sender:Reply-To: Content-Transfer-Encoding:Content-ID:Content-Description:Resent-Date: Resent-From:Resent-Sender:Resent-To:Resent-Cc:Resent-Message-ID:List-Id: List-Help:List-Unsubscribe:List-Subscribe:List-Post:List-Owner:List-Archive; bh=9lcL0B2AuSN0ZWcNduqEoRneSHMs64VSZtCjnXFcd3o=; b=pU/GIflADMYl5sXHNqDfiNmrSk b3ULhOQkNDaVMuXO3D348Xh9rTEbiBX07JrN5UgLqtxZxHiR+RUFcBQ38TEhW+dkDhd0rHKZSUrtV 2vTBjwwEs3+g66r92iOumoPlFA8iOxwK/UBdNvPmVQGut/wYSmwW4jdU7BfvtroOVzZvFqhlDQa3n +LM2eJyrqsIuosQYZkTecd22439vTdx/WH9nESxIj9AsNG3Hoyh6vwIn8zKNIgOxqwidr4CKyYqcG 1VJxHYF8IAtY7GYzW8akUQ1LKSGQt3tXl1rtZk52pppdIyWx2ywSxBpXxkhCaYaXo75my4jZuWSUg Rk0yqQyA==;
Received: from cpe-172-114-237-88.socal.res.rr.com ([172.114.237.88]:52788 helo=smtpclient.apple) by server217.web-hosting.com with esmtpsa (TLS1.2) tls TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 (Exim 4.95) (envelope-from <touch@strayalpha.com>) id 1nvhoN-00Df7o-TL; Mon, 30 May 2022 12:00:12 -0400
Content-Type: multipart/alternative; boundary="Apple-Mail=_6BEFB38E-A1ED-41AE-8A6B-5AEDCFFBA3C4"
Mime-Version: 1.0 (Mac OS X Mail 16.0 \(3696.100.31\))
From: "touch@strayalpha.com" <touch@strayalpha.com>
In-Reply-To: <07de01d87439$d8889fe0$8999dfa0$@elvis.ru>
Date: Mon, 30 May 2022 09:00:06 -0700
Cc: Christian Huitema <huitema@huitema.net>, secdir@ietf.org, draft-ietf-ipsecme-rfc8229bis.all@ietf.org, ipsec@ietf.org, last-call@ietf.org
Message-Id: <63F2C9A3-AB50-4447-853B-AAA2899CFA56@strayalpha.com>
References: <165377251630.6282.16767658545384357479@ietfa.amsl.com> <077301d8741b$c0fe9b40$42fbd1c0$@elvis.ru> <9d37d517-b6ff-6965-40a2-67f5c2a3e476@huitema.net> <183D552C-A06A-4DD4-92B9-6FEF7B9DCED1@strayalpha.com> <07de01d87439$d8889fe0$8999dfa0$@elvis.ru>
To: Valery Smyslov <svan@elvis.ru>
X-Mailer: Apple Mail (2.3696.100.31)
X-AntiAbuse: This header was added to track abuse, please include it with any abuse report
X-AntiAbuse: Primary Hostname - server217.web-hosting.com
X-AntiAbuse: Original Domain - ietf.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - strayalpha.com
X-Get-Message-Sender-Via: server217.web-hosting.com: authenticated_id: touch@strayalpha.com
X-Authenticated-Sender: server217.web-hosting.com: touch@strayalpha.com
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipsec/eYX8mDnmrMEMrPiSABjviKpkXDM>
Subject: Re: [IPsec] [Last-Call] Secdir last call review of draft-ietf-ipsecme-rfc8229bis-06
X-BeenThere: ipsec@ietf.org
X-Mailman-Version: 2.1.34
Precedence: list
List-Id: Discussion of IPsec protocols <ipsec.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipsec>, <mailto:ipsec-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipsec/>
List-Post: <mailto:ipsec@ietf.org>
List-Help: <mailto:ipsec-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipsec>, <mailto:ipsec-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 30 May 2022 16:00:17 -0000

It might be useful to add that most of those injection attacks are similar to the kind of attack possible when IPsec is carried inside IP tunnels or UDP tunnels when IPsec messages are split across tunnel messages. In those cases, the vulnerability depends on the predictability of the fragment identifier, which can be much smaller than the predictability of being within the TCP receive window sequence space, esp. for long-lived TCP connections.

Joe

—
Dr. Joe Touch, temporal epistemologist
www.strayalpha.com

> On May 30, 2022, at 8:28 AM, Valery Smyslov <svan@elvis.ru> wrote:
> 
> Hi Joe, Christian,
>  
> From: touch@strayalpha.com <mailto:touch@strayalpha.com> [mailto:touch@strayalpha.com <mailto:touch@strayalpha.com>] 
> Sent: Monday, May 30, 2022 6:21 PM
> To: Christian Huitema
> Cc: Valery Smyslov; secdir@ietf.org <mailto:secdir@ietf.org>; draft-ietf-ipsecme-rfc8229bis.all@ietf.org <mailto:draft-ietf-ipsecme-rfc8229bis.all@ietf.org>; ipsec@ietf.org <mailto:ipsec@ietf.org>; last-call@ietf.org <mailto:last-call@ietf.org>
> Subject: Re: [Last-Call] Secdir last call review of draft-ietf-ipsecme-rfc8229bis-06
>  
>> On May 30, 2022, at 8:00 AM, Christian Huitema <huitema@huitema.net <mailto:huitema@huitema.net>> wrote:
>>  
>> The bar against TCP injection attacks might be lower than you think. An attacker that sees the traffic can easily inject TCP packet with sequence number that fit in the flow control window and are ahead of what the actual sender produced. 
> 
>  
> It might be useful to be more specific about the issue. Data injection attacks on TCP connections interfere with the IPsec stream in a similar way to IP or UDP fragment attacks on IP or UDP tunnels that use fragmentation. 
>  
> In all three cases, attackers can corrupt in-transit packets via IP packet attacks, which is not possible with an unfragmented IPsec message.
>  
> In all three cases, this happens when an injection can overwrite a portion of an IPsec message.
>  
> Data isn’t injected to the user, though.
>  
>           I suggest we add the following text to the Security considerations:
>  
>  
>  
>    TCP data injection attacks have no effect on application data since
>    IPsec provides data integrity.  However, they can have some effect,
>    mostly as a DoS attack:
>  
>    o  if an attacker alters the content of the Length field that
>       separates packets, then the receiver will incorrectly identify the
>       margins of the following packets and will drop all of them or even
>       tear down the TCP connection if the content of the Length field
>       happens to be 0 or 1 (see Section 3)
>  
>    o  if the content of an IKE message is altered, then it will be
>       dropped by the receiver; if the dropped message is the IKE request
>       message, then the initiator will tear down the IKE SA after some
>       timeout, since in most cases the request message will not be
>       retransmitted (as advised in Section 6.2) and thus the response
>       will never be received
>  
>    o  if an attacker alters the non-ESP marker then IKE packets will be
>       dispatched to ESP and sometimes visa versa, those packets will be
>       dropped
>  
>    o  if an attacker modifies TCP-Encapsulated stream prefix or
>       unencrypted IKE messages before IKE SA is established, then in
>       most cases this will result in failure to establish IKE SA, often
>       with false "authentication failed" diagnostics
>  
>    An attacker capable of blocking UDP traffic can force peers to use
>    TCP encapsulation, thus degrading the performance and making the
>    connection more vulnerable to DoS attacks.  Note, that attacker
>    capable to modify packets on the wire or to block them can prevent
>    peers to communicate regardless of the transport being used.
>  
>  
>  
> (The text is still a draft, I’ve been waiting for Tommy to review it).
>  
> Regards,
> Valery.
>  
>  
> Joe
>  
>  
>  
>  
> -- 
> last-call mailing list
> last-call@ietf.org <mailto:last-call@ietf.org>
> https://www.ietf.org/mailman/listinfo/last-call <https://www.ietf.org/mailman/listinfo/last-call>

v2.23.0 | Report a Bug | By Email