Re: FW: New Version Notification for draft-rafiee-6man-cga-attack-00.txt
Ray Hunter <v6ops@globis.net> Tue, 26 November 2013 16:22 UTC
Return-Path: <v6ops@globis.net>
X-Original-To: ipv6@ietfa.amsl.com
Delivered-To: ipv6@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id C95491ADDBF for <ipv6@ietfa.amsl.com>; Tue, 26 Nov 2013 08:22:36 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.121
X-Spam-Level:
X-Spam-Status: No, score=-1.121 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_NEUTRAL=0.779] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2IzaiF_8VZd7 for <ipv6@ietfa.amsl.com>; Tue, 26 Nov 2013 08:22:35 -0800 (PST)
Received: from globis01.globis.net (RayH-1-pt.tunnel.tserv11.ams1.ipv6.he.net [IPv6:2001:470:1f14:62e::2]) by ietfa.amsl.com (Postfix) with ESMTP id E84F81AC85E for <ipv6@ietf.org>; Tue, 26 Nov 2013 08:22:34 -0800 (PST)
Received: from localhost (localhost [127.0.0.1]) by globis01.globis.net (Postfix) with ESMTP id 631DE87007B; Tue, 26 Nov 2013 17:22:32 +0100 (CET)
Received: from globis01.globis.net ([127.0.0.1]) by localhost (mail.globis.net [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id WHD2spkNreRp; Tue, 26 Nov 2013 17:22:32 +0100 (CET)
Received: from Rays-iMac-2.local (unknown [192.168.0.3]) (Authenticated sender: Ray.Hunter@globis.net) by globis01.globis.net (Postfix) with ESMTPA id 3410B870077; Tue, 26 Nov 2013 17:22:32 +0100 (CET)
Message-ID: <5294CAC7.3060509@globis.net>
Date: Tue, 26 Nov 2013 17:22:31 +0100
From: Ray Hunter <v6ops@globis.net>
User-Agent: Postbox 3.0.8 (Macintosh/20130427)
MIME-Version: 1.0
To: Hosnieh Rafiee <ietf@rozanak.com>
Subject: Re: FW: New Version Notification for draft-rafiee-6man-cga-attack-00.txt
References: <20131125140405.14510.36261.idtracker@ietfa.amsl.com> <007701ceea31$05106260$0f312720$@rozanak.com>
In-Reply-To: <007701ceea31$05106260$0f312720$@rozanak.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: marcelo bagnulo braun <marcelo@it.uc3m.es>, Derek Atkins <DAtkins@mocana.com>, ipv6@ietf.org
X-BeenThere: ipv6@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "IPv6 Maintenance Working Group \(6man\)" <ipv6.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ipv6>, <mailto:ipv6-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ipv6/>
List-Post: <mailto:ipv6@ietf.org>
List-Help: <mailto:ipv6-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ipv6>, <mailto:ipv6-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Nov 2013 16:22:37 -0000
Hosnieh Rafiee wrote: > Here you go! Sorry for typos or bad organization since I wrote it so fast. The next versions will be better. > > BTW, as I explained in my previous message, you can bombard me with too many emails but please do not expect immediate answer for the next 3 upcoming days since I will have limited internet access. > > -----------smile---------- > Hosnieh > > > > A new version of I-D, draft-rafiee-6man-cga-attack-00.txt > has been successfully submitted by Hosnieh Rafiee and posted to the IETF repository. > > Filename: draft-rafiee-6man-cga-attack > Revision: 00 > Title: Possible Attack on Cryptographically Generated Addresses (CGA) > Creation date: 2013-11-25 > Group: Individual Submission > Number of pages: 7 > URL: http://www.ietf.org/internet-drafts/draft-rafiee-6man-cga-attack-00.txt > Status: http://datatracker.ietf.org/doc/draft-rafiee-6man-cga-attack > Htmlized: http://tools.ietf.org/html/draft-rafiee-6man-cga-attack-00 > > > Abstract: > This document describes the new vulnerabilities with the use of > Cryptographically Generated Addresses. > I have read this draft and RFC3972. I agree the CGA information will match in the case mentioned, and thus it is possible to make CGA verification succeed for two different hashes for two different values of sec (one with lower sec value being easier to generate than the other). But didn't we know that already? Does this have more to do with how/where CGA is applied or misapplied? Since the 3 bits of the sec level are copied from the IID, won't any mismatch in the sec value used to create the hash be picked up by a simple comparison of the received IID with the machines local IID in the case of DAD? i.e. if the attacker sets sec=0 (to allow them to perform a simple fast search to attack machines using sec =1 ) and the target machine has used sec =1, the CGA check will pass to step 7, but the source IPv6 address and the local interface address are different, so the machine knows not to "waive his rights" to it's own address as you put it, even if the address was still marked as tentative. If DAD had already completed, I don't see that this would have any effect. And the other way on, if the attacker sets sec=1 and the target machine has sec = 0, the CGA will pass, but finding a collision with sec =1 should be a harder problem to solve, and again the addresses will not match. So I have to say that I do not understand the novelty of the attack, unless this is an implementation specific issue, rather than a standards issue. > > > > > > > Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org. > > The IETF Secretariat > > -- Regards, RayH
- FW: New Version Notification for draft-rafiee-6ma… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Christian Huitema
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… George Michaelson
- RE: FW: New Version Notification for draft-rafiee… Christian Huitema
- RE: FW: New Version Notification for draft-rafiee… Christian Huitema
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… marcelo bagnulo braun
- Re: FW: New Version Notification for draft-rafiee… Dan Luedtke
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… marcelo bagnulo braun
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee
- Re: FW: New Version Notification for draft-rafiee… Tom Taylor
- RE: FW: New Version Notification for draft-rafiee… Greg Daley
- Re: FW: New Version Notification for draft-rafiee… Ray Hunter
- Re: FW: New Version Notification for draft-rafiee… Jean-Michel Combes
- RE: FW: New Version Notification for draft-rafiee… Hosnieh Rafiee