Re: FW: New Version Notification for draft-rafiee-6man-cga-attack-00.txt
Jean-Michel Combes <jeanmichel.combes@gmail.com> Fri, 06 December 2013 12:47 UTC
Return-Path: <jeanmichel.combes@gmail.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C16D1ADF90 for <ipv6@ietfa.amsl.com>; Fri, 6 Dec 2013 04:47:50 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.999
X-Spam-Level:
X-Spam-Status: No, score=-1.999 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dLedT62FfE25 for <ipv6@ietfa.amsl.com>; Fri, 6 Dec 2013 04:47:48 -0800 (PST)
Received: from mail-we0-x233.google.com (mail-we0-x233.google.com [IPv6:2a00:1450:400c:c03::233]) by ietfa.amsl.com (Postfix) with ESMTP id ABEC51ADF8D for <ipv6@ietf.org>; Fri, 6 Dec 2013 04:47:47 -0800 (PST)
Received: by mail-we0-f179.google.com with SMTP id q59so602508wes.10 for <ipv6@ietf.org>; Fri, 06 Dec 2013 04:47:43 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Il+cL3oyok6YhFmSGfvpa3J4DAzPFsAPPqjbJyxMOXw=; b=xoLbTd0nuqhqrVMPDGrqDiVvvgkPQ06yQO9XnjWZo9VhlXjIJiM4tNI2bGIBHjDdJt x0drJh5GJx5ZCqlvmB589MLGqGxiRpzGz61Xgggc1kGoQOmY0lXXH1QLiVH37rJ04c3V ZaBeaEJY/AukW6p4B/f4n1f8YfZUy7xjsQHcpRAwuUBECghofyuO7D3VaK3aX1f/t65f MIbCVWQHkk8MrpLt8StoZJI8xo2ckjYKQeaPOasmgorCbriFxveS6fQSKyqxZvru3Kh5 oftEleqrN2s6pvffltIaGm3/0mOsBNuUDf/3YXQBmj6vUlLoSbPVBSXEOxETyi96dhCG 2yJw==
MIME-Version: 1.0
X-Received: by 10.194.48.115 with SMTP id k19mr22426493wjn.47.1386334063515; Fri, 06 Dec 2013 04:47:43 -0800 (PST)
Received: by 10.217.107.129 with HTTP; Fri, 6 Dec 2013 04:47:43 -0800 (PST)
In-Reply-To: <007701ceea31$05106260$0f312720$@rozanak.com>
References: <20131125140405.14510.36261.idtracker@ietfa.amsl.com> <007701ceea31$05106260$0f312720$@rozanak.com>
Date: Fri, 06 Dec 2013 13:47:43 +0100
Message-ID: <CAA7e52r8zPnEDyGfbz+LKjxVAqfoYd+W0e6SU6Sv=chA07LQgg@mail.gmail.com>
Subject: Re: FW: New Version Notification for draft-rafiee-6man-cga-attack-00.txt
From: Jean-Michel Combes <jeanmichel.combes@gmail.com>
To: Hosnieh Rafiee <ietf@rozanak.com>
Content-Type: multipart/alternative; boundary="047d7ba977e4655ed604ecdd0d5b"
Cc: marcelo bagnulo braun <marcelo@it.uc3m.es>, Derek Atkins <DAtkins@mocana.com>, 6man Mailing List <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Dec 2013 12:47:50 -0000
Hi, I've quickly read the draft and here are my comments: o No comparison of source address with target address This argument is not valid because, when SEND is used the "Target Address in Neighbor Advertisement is required to be equal to the source address of the packet" (cf. RFC 3971, Section 7.4) o Ignoring Sec Value during DAD I agree with Christian: the check is done over the complete target address (i.e., including Prefix, Sec value, u/g bits) Indeed, DAD fails, when receiving a NA message, "if the target address is tentative", meaning "the tentative address is not unique" (cf. RFC 4862, Section 5.4.4). So, IMHO, your argument is not valid. o Collision vs. Pre-image attack IMHO, you assume that attack is a real-time one: when a victim node generates a CGA (in fact, an IID), with your attack, the malicious node wants to generate the same _given_ CGA (in fact, the same IID). So, I agree with Marcelo: this is a pre-image attack ...or a second pre-image attack (as the malicious node knows the CGA parameters). o RSA private/public keys One point I don't understand in your attack is that, even if you find a collision, meaning you "find" a potential value for the public key, how did you get the associated private key needed to generate the RSA Signature option and providing the CGA's proof of ownership? Thanks in advance for your reply. Best regards, JMC. 2013/11/25 Hosnieh Rafiee <ietf@rozanak.com> > Here you go! Sorry for typos or bad organization since I wrote it so fast. > The next versions will be better. > > BTW, as I explained in my previous message, you can bombard me with too > many emails but please do not expect immediate answer for the next 3 > upcoming days since I will have limited internet access. > > -----------smile---------- > Hosnieh > > > > A new version of I-D, draft-rafiee-6man-cga-attack-00.txt > has been successfully submitted by Hosnieh Rafiee and posted to the IETF > repository. > > Filename: draft-rafiee-6man-cga-attack > Revision: 00 > Title: Possible Attack on Cryptographically Generated Addresses > (CGA) > Creation date: 2013-11-25 > Group: Individual Submission > Number of pages: 7 > URL: > http://www.ietf.org/internet-drafts/draft-rafiee-6man-cga-attack-00.txt > Status: > http://datatracker.ietf.org/doc/draft-rafiee-6man-cga-attack > Htmlized: > http://tools.ietf.org/html/draft-rafiee-6man-cga-attack-00 > > > Abstract: > This document describes the new vulnerabilities with the use of > Cryptographically Generated Addresses. > > > > > > > > > Please note that it may take a couple of minutes from the time of > submission until the htmlized version and diff are available at > tools.ietf.org. > > The IETF Secretariat > > -------------------------------------------------------------------- > IETF IPv6 working group mailing list > ipv6@ietf.org > Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 > -------------------------------------------------------------------- >
- FW: New Version Notification for draft-rafiee-6ma… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Christian Huitema
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… George Michaelson
- RE: FW: New Version Notification for draft-rafiee… Christian Huitema
- RE: FW: New Version Notification for draft-rafiee… Christian Huitema
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… marcelo bagnulo braun
- Re: FW: New Version Notification for draft-rafiee… Dan Luedtke
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… marcelo bagnulo braun
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Tom Taylor
- RE: FW: New Version Notification for draft-rafiee… Greg Daley
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- Re: FW: New Version Notification for draft-rafiee… Jean-Michel Combes
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee