IETF Logo Mail Archive

Re: I-D Action: draft-gont-6man-flowlabel-security-02.txt

Fernando Gont <fgont@si6networks.com> Tue, 24 January 2012 02:49 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id BDE5021F85B8 for <ipv6@ietfa.amsl.com>; Mon, 23 Jan 2012 18:49:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.983
X-Spam-Level:
X-Spam-Status: No, score=-0.983 tagged_above=-999 required=5 tests=[AWL=0.416, BAYES_00=-2.599, J_CHICKENPOX_14=0.6, J_CHICKENPOX_16=0.6]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id DjdYTleqr8Lp for <ipv6@ietfa.amsl.com>; Mon, 23 Jan 2012 18:49:40 -0800 (PST)
Received: from srv01.bbserve.nl (unknown [IPv6:2a02:27f8:1025:18::232]) by ietfa.amsl.com (Postfix) with ESMTP id 3FBC421F85AF for <ipv6@ietf.org>; Mon, 23 Jan 2012 18:49:40 -0800 (PST)
Received: from [190.48.228.56] (helo=[192.168.0.45]) by srv01.bbserve.nl with esmtpsa (TLSv1:AES256-SHA:256) (Exim 4.77) (envelope-from <fgont@si6networks.com>) id 1RpWRy-0004ju-Mu; Tue, 24 Jan 2012 03:49:35 +0100
Message-ID: <4F1E1C38.1070901@si6networks.com>
Date: Mon, 23 Jan 2012 23:49:28 -0300
From: Fernando Gont <fgont@si6networks.com>
Organization: SI6 Networks
User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.2.24) Gecko/20111108 Thunderbird/3.1.16
MIME-Version: 1.0
To: Brian E Carpenter <brian.e.carpenter@gmail.com>
Subject: Re: I-D Action: draft-gont-6man-flowlabel-security-02.txt
References: <20120113130238.26417.24991.idtracker@ietfa.amsl.com> <4F1E06DF.2090307@gmail.com>
In-Reply-To: <4F1E06DF.2090307@gmail.com>
X-Enigmail-Version: 1.1.2
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: 6man <ipv6@ietf.org>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 24 Jan 2012 02:49:40 -0000

Hi, Brian,

On 01/23/2012 10:18 PM, Brian E Carpenter wrote:
> I really don't like the use of the counter in Fernando's proposed algorithm:
> 
>  Flow Label = counter + F(Source Address, Destination Address, Secret Key)
> 
> It seems to me that it introduces significant predictability for a malicious
> observer of the packets leaving a given source.

As noted off-list, I personally think that rather than proposing a
single algorithm, we should describe a set of algorithms, a la RFC 6056
-- as there a number of tradeoffs-


> Effectively the equivalent algorithm in RFC 6437 is
> 
>  Flow Label = F(Srce Addr, Dest Addr, Protocol #, Srce Port, Dest Port, Secret Key)
> 
> which is less predictable, even if the port number is not randomized.

If the attacker can predict the algorithm in
draft-gont-6man-flowlabel-security-02.txt, he knows the IPv6 addresses
of the two endpoints, and the secret key. So I don't see what'd be the
real improvement of this variant.

That said, it also seems technically incorrect: If you expect the
resulting (src ip, dst ip, flow label) to be unique, then introducing
the port numbers in F() could lead to unnecessary collisions.

Yes, now that the requirement of uniqueness has been relaxed, collisions
are less important... but I don't see what's the "gain" of the modified
expression you suggest above.

Thanks!

Best regards,
-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email