IETF Logo Mail Archive

Re: Giving up security & privacy when manually configuring addresses - rfc4291bis text (Re: draft-bourbaki-6man-classless-ipv6-00)

Fernando Gont <fgont@si6networks.com> Fri, 09 June 2017 00:36 UTC

Return-Path: <fgont@si6networks.com>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id D0EE5129B6D for <ipv6@ietfa.amsl.com>; Thu, 8 Jun 2017 17:36:26 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id LOzeqxOZ2ZAN for <ipv6@ietfa.amsl.com>; Thu, 8 Jun 2017 17:36:24 -0700 (PDT)
Received: from fgont.go6lab.si (fgont.go6lab.si [91.239.96.14]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 8C79812751F for <ipv6@ietf.org>; Thu, 8 Jun 2017 17:36:24 -0700 (PDT)
Received: from [192.168.0.185] (unknown [105.50.131.146]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by fgont.go6lab.si (Postfix) with ESMTPSA id E1DA582681; Fri, 9 Jun 2017 02:36:37 +0200 (CEST)
Subject: Re: Giving up security & privacy when manually configuring addresses - rfc4291bis text (Re: draft-bourbaki-6man-classless-ipv6-00)
To: Lorenzo Colitti <lorenzo@google.com>
Cc: Mark Smith <markzzzsmith@gmail.com>, Job Snijders <job@instituut.net>, Erik Kline <ek@google.com>, 6man WG <ipv6@ietf.org>
References: <CAO42Z2ziUZnK+n2f9N_Xvb5TZBppApXgNSmDsRLxaT1_taLvFw@mail.gmail.com> <4a6969ba-4cd3-ba30-2f3b-9ec4cc3fcf60@si6networks.com> <CAKD1Yr2x_EevJ37NnOg59Xk5+r3YYHmHEQKg_YCCSycuPpBzwA@mail.gmail.com> <bb3abd49-5ddc-076c-64a4-fe5f7dcd47d1@si6networks.com> <CAKD1Yr2ay5Hn_vdc14jJ7WQbgJzMZ_SE+n1S0ZpYMQ5CoPQ0sg@mail.gmail.com>
From: Fernando Gont <fgont@si6networks.com>
Message-ID: <089d5e62-360a-9daf-339e-397ab0f4361f@si6networks.com>
Date: Fri, 09 Jun 2017 03:35:52 +0300
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.1.1
MIME-Version: 1.0
In-Reply-To: <CAKD1Yr2ay5Hn_vdc14jJ7WQbgJzMZ_SE+n1S0ZpYMQ5CoPQ0sg@mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/ipv6/sbM3ePf0a77Rp6hc2r-7B-Emt5E>
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.22
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 09 Jun 2017 00:36:27 -0000

On 06/09/2017 03:20 AM, Lorenzo Colitti wrote:
> On Fri, Jun 9, 2017 at 2:17 AM, Fernando Gont <fgont@si6networks.com
> <mailto:fgont@si6networks.com>> wrote:
> 
>     > I don't think you have measurements that prove this. You almost
>     > certainly can make a statement that there are a number of low-entropy
>     > addresses where the top bytes are all zeros, and that those are *likely*
>     > statically configured.
> 
>     Are you assuming that such low-byte addresses are the result of
>     automatic configuration? How come?
> 
> 
> No, what I'm saying is: I don't think you can prove that high-entropy
> addresses are *not* the result of manual configuration or DHCPv6 address
> assignment.

Look at the percentage of addresses with high entropy in the
measurements in RFC7707: they are marginal.



>     That's the point: there are not a lot of high-entropy addresses. See the
>     measurements in RFC7707.
> 
>  
> Oh, I see. You're talking about publicly-accessible servers, not clients. 

Exactly. I doubt clients do manual configuration.



>     we have similar measurements in RFC7707. However, using the low-order 32
>     bits in such way is equivalent to simply setting the low byte of the
>     addresses.
> 
> 
> Equivalent in what way? It provides 4 times more nonzero bits, does it not?

Equivalent in terms of entropy. If you do low-byte addresses, th entropy
is 8-16 bits. If you embed IPv4 addresses in the IID, and the IPv4
prefix is known or guessable, you get roughly the same number of bits of
entropy. In both cases, you'd have got the same entropy if you ha been
using a /120 prefix or the like.




>     The point is that when employing manual configuration, addresses always
>     have small entropy. Hence employing a lot of bits doesn't buy much,
>     because folks simply do not use them for additional entropy.

> But they could. If the server had a /64 prefix, then it could store
> useful information in the 64 bits. For example, SNI (which sends
> information in the clear) might not be necessary any more.

We're talking about entropy here. If you want entropy, randomize your
IPv6 address (RFC7217), rather than set it manually.



-- 
Fernando Gont
SI6 Networks
e-mail: fgont@si6networks.com
PGP Fingerprint: 6666 31C6 D484 63B2 8FB1 E3C4 AE25 0D55 1D4E 7492

v2.23.0 | Report a Bug | By Email