Re: Predictable IP protocol values

"Joel M. Halpern" <jmh@joelhalpern.com> Sat, 28 April 2012 20:27 UTC

Return-Path: <jmh@joelhalpern.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 974E021F8630 for <ipv6@ietfa.amsl.com>; Sat, 28 Apr 2012 13:27:40 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.218
X-Spam-Level:
X-Spam-Status: No, score=-102.218 tagged_above=-999 required=5 tests=[AWL=-0.253, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, MIME_8BIT_HEADER=0.3, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 1XLoiVq9a5ft for <ipv6@ietfa.amsl.com>; Sat, 28 Apr 2012 13:27:40 -0700 (PDT)
Received: from morbo.mail.tigertech.net (morbo.mail.tigertech.net [67.131.251.54]) by ietfa.amsl.com (Postfix) with ESMTP id E927921F862B for <ipv6@ietf.org>; Sat, 28 Apr 2012 13:27:39 -0700 (PDT)
Received: from mailc2.tigertech.net (mailc2.tigertech.net [208.80.4.156]) by morbo.tigertech.net (Postfix) with ESMTP id B628FA3A49 for <ipv6@ietf.org>; Sat, 28 Apr 2012 13:27:39 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mailc2.tigertech.net (Postfix) with ESMTP id 510801BD1FC8; Sat, 28 Apr 2012 13:27:39 -0700 (PDT)
X-Virus-Scanned: Debian amavisd-new at c2.tigertech.net
Received: from [10.10.10.100] (pool-71-161-51-182.clppva.btas.verizon.net [71.161.51.182]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mailc2.tigertech.net (Postfix) with ESMTPSA id 434CA1BD1FC7; Sat, 28 Apr 2012 13:27:38 -0700 (PDT)
Message-ID: <4F9C52EF.2080401@joelhalpern.com>
Date: Sat, 28 Apr 2012 16:28:31 -0400
From: "Joel M. Halpern" <jmh@joelhalpern.com>
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20120420 Thunderbird/12.0
MIME-Version: 1.0
To: =?ISO-8859-1?Q?Ole_Tr=F8an?= <otroan@employees.org>
Subject: Re: Predictable IP protocol values
References: <401EA98A-C229-4ED3-8CBE-3C6CAE5D37B7@gmail.com> <4F87BBD6.8090809@si6networks.com> <5858DFD5-7A62-478E-8F13-B62CB02D3EE7@employees.org> <4F99B5C8.1010108@si6networks.com> <5E6FD71A-0A84-4B20-AF5A-16DCBCD7ED76@employees.org>
In-Reply-To: <5E6FD71A-0A84-4B20-AF5A-16DCBCD7ED76@employees.org>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
Cc: Fernando Gont <fgont@si6networks.com>, "ipv6@ietf.org Mailing List" <ipv6@ietf.org>, Bob Hinden <bob.hinden@gmail.com>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sat, 28 Apr 2012 20:27:40 -0000

It seems to me that the proposed document is a partial fix to a marginal 
problem.
Yes, I take it as given that if I followed the references I wind find 
descriptions of the attacks.  I do see how one could force fragmented 
packets if one knew that A was talking to B at the current moment.

However, it seems to me that in the vast majority of cases, if the 
attacker knows that A is talking to B, he can probably observe the 
packets between A and B (and it must be a conversation of many round 
trips to allow for observation, triggered behavior, and useful attack.) 
  As such, none of the specified solutions would seem to help much.

Hence, I am left concluding that the right answer is not to publish any 
recommendations in this space.

Yours,
Joel

On 4/27/2012 4:21 AM, Ole Trøan wrote:
> working group,
>
> [changed subject]
>
> in the context of http://tools.ietf.org/html/draft-gont-6man-predictable-fragment-id-02
> any opinion on how to proceed?
>
> - document covering predictable values in IETF protocols in general
> - document predictable IP ID fields in both IPv4 and IPv6
> - fix the predictable fragment ID problem in IPv6
> - do nothing?
>
> cheers,
> Ole
>
>
> On Apr 26, 2012, at 22:53 , Fernando Gont wrote:
>
>> Hi, Ole,
>>
>> On 04/26/2012 08:50 AM, Ole Trøan wrote:
>>>> I think that draft-gont-6man-predictable-fragment-id is also ready
>>>> for wg call for adoption as wg document -- I've rev'ed the
>>>> document since IETF 83 in response to the feedback received during
>>>> my presentation (i.e., just require the Frag ID to be
>>>> unpredictable, without mandating any particular algorithm).
>>>
>>> the chairs have an action item on taking this to the mailing list.
>>> there was an issue that I believe Bob raised, if we were going to
>>> have publish RFCs on every field in TCP/IP protocols that should
>>> have unpredictable values, or if we should have a generic
>>> recommendation applying to protocol design in general.
>>
>> I believe that a generic document about protocol design that discusses
>> this issue would be valuable, such that *new* protocols and protocol
>> implementations do not incur into this problem. However, in this
>> particular case (Fragment ID), the IPv6 standard itself is suggesting
>> to use a counter, and hence the spec should be fixed.
>>
>> That aside, different fields have different requirements. For example,
>> the constraints for randomizing the transport protocol ports are
>> different from those of producing unpredictable IDs, and different from
>> those of say, randomizing the TCP sequence numbers, or randomizing the
>> IPv6 Flow Label. The consequences of the particular approach that you
>> follow vary quite a bit in each case.
>>
>> Thanks,
>> --
>> Fernando Gont
>> SI6 Networks
>> e-mail: fgont@si6networks.com
>> PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492
>>
>>
>>
>
> --------------------------------------------------------------------
> IETF IPv6 working group mailing list
> ipv6@ietf.org
> Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6
> --------------------------------------------------------------------
>