IETF Logo Mail Archive

Re: [manet] AB#1 Comments for WGLC draft-ietf-manet-nhdp-sec-threats-02

Ulrich Herberg <ulrich@herberg.name> Tue, 09 April 2013 19:10 UTC

Return-Path: <ulrich@herberg.name>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 67DFA21F98BF for <manet@ietfa.amsl.com>; Tue, 9 Apr 2013 12:10:43 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Fa+7TFOi2uAS for <manet@ietfa.amsl.com>; Tue, 9 Apr 2013 12:10:42 -0700 (PDT)
Received: from mail-vb0-x229.google.com (mail-vb0-x229.google.com [IPv6:2607:f8b0:400c:c02::229]) by ietfa.amsl.com (Postfix) with ESMTP id 42DB221F98BC for <manet@ietf.org>; Tue, 9 Apr 2013 12:10:42 -0700 (PDT)
Received: by mail-vb0-f41.google.com with SMTP id f13so4950171vbg.14 for <manet@ietf.org>; Tue, 09 Apr 2013 12:10:41 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=herberg.name; s=dkim; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding; bh=ix9tOeEWgiOk6F3vy76VnRes/iLppJYsas0U5Rw3lME=; b=y3QtMAxN2VDULblUmAZoXq29sPWcKGebw/ZsdeHHrCKx4x2+FlL+fSSJKp/LcJ2ETS UT2jHdlSAhO8p8VMMccgAh78kc3ZL3YcLThdTp5MxrTotaVtJkONSei02QsZ54tSb442 MafbpPHhGTrEJZ+mFVug18DmKaE1lMxaB3MJ4=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:x-received:in-reply-to:references:date:message-id :subject:from:to:cc:content-type:content-transfer-encoding :x-gm-message-state; bh=ix9tOeEWgiOk6F3vy76VnRes/iLppJYsas0U5Rw3lME=; b=V7UN4IlaDBqf3oAr7EMrSfApGzO4QGTR3wtBJYRUA65edE1OtszEAi7pprWIp2Dfxw gq7pTyJZqag3kiMu8aAzIzJT1W5MXahGMw5rBP034E30i1Lwn0EP8M9y6a4Jl0BTu6L7 n4B4srmxFBIcOlNyuzldRFu714ZUbHquvds+Rt2qS4gBtZDS+Ir8G93yjSlrfEqbA7P+ 2cWn9nUK14y434l6JhdD4e9KgO55kfjSHXhHQZjeNG2Cata0YDq3jFsEs9by31eHS6Br EvH1X/qvCpQ2/O26cUbG97Mpuw3JQ3cei58ttHEp2K/NK1QiOMYW0uuN0RDXwpfixK0t l+iQ==
MIME-Version: 1.0
X-Received: by 10.52.94.174 with SMTP id dd14mr1052432vdb.14.1365534641482; Tue, 09 Apr 2013 12:10:41 -0700 (PDT)
Received: by 10.220.88.13 with HTTP; Tue, 9 Apr 2013 12:10:41 -0700 (PDT)
In-Reply-To: <CADnDZ8-CO7Y0Lo2hVg5ZE+icRLAdSOL=zNPEWn+eTV8pGQ1Ncw@mail.gmail.com>
References: <CADnDZ8_JzCupDar=0CORuAOenw3VYBG4eTVh1Z=cEtdBOsJ7jQ@mail.gmail.com> <CAK=bVC8V_U5G9+2OhUZbMO+q_nsqs07UAsTVNyaAyGjHusWV6Q@mail.gmail.com> <CADnDZ8-CO7Y0Lo2hVg5ZE+icRLAdSOL=zNPEWn+eTV8pGQ1Ncw@mail.gmail.com>
Date: Tue, 09 Apr 2013 12:10:41 -0700
Message-ID: <CAK=bVC-uFCW4Dm-SZz1ocAbgfj4BBHUhLt5aQqZ6U25_05-Q8w@mail.gmail.com>
From: Ulrich Herberg <ulrich@herberg.name>
To: Abdussalam Baryun <abdussalambaryun@gmail.com>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
X-Gm-Message-State: ALoCoQnLvv3NybznmhyUlWJW+dHA9m7igcnsVOXb7uBcMDbzosTNPqZr6kVxTBV5OIveVukxEFPf
Cc: manet <manet@ietf.org>
Subject: Re: [manet] AB#1 Comments for WGLC draft-ietf-manet-nhdp-sec-threats-02
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2013 19:10:43 -0000

AB,

On Mon, Apr 8, 2013 at 9:33 PM, Abdussalam Baryun
<abdussalambaryun@gmail.com> wrote:
[...]
>>> [I-D] Abstract:
>>> [I-D] This document analyses common security threats of the Neighborhood
>>> Discovery Protocol (NHDP), and describes their potential impacts on
>>> MANET routing protocols using NHDP.
>>>
>>> AB>question> What is the meaning of *common* security threats?
>>> Mentioned in the abstract,
>>
>> I think the word is fairly clear. See
>> http://dictionary.reference.com/browse/common
>> (definition 4/5)
>
> I mean why common why not ALL threats, or the explaining the *Exploits
> Allowed by the NHDP* as per the reference [2] I gave in my AB#2
> message.


Because we cannot know if we listed ALL threats that could potentially
exist. It may be that we overlooked one, or that a future threat may
be thought of (I assume that when MD5 was standardized, they would
have loved to know about the threat that led to its obsoletion)




>
>>
>>
>>>
>>> AB>question> How can I define threats when I don’t know on which layer
>>> NHDP[RFC6130] is located in router, is it in L4 or L3. Please define
>>> that you concern with IP layer if it is the only you concern with.
>>
>> That is given by RFC6130, which is running on the IP layer. I think
>> this is not a task of NHDP-sec-threats to define.
>
> I don't find that defined, but if so, does IP threats affect the NHDP threats?

RFC6130 runs either on UDP or directly on IP (see section 5.1 of
RFC6130), and uses a multicast LL address (section 5.2). In multiple
occasions of the text in RFC6130 it is mentioned that either IPv4 or
IPv6 can be used. It is true that there is no sentence in the
beginning of RFC6130 "This is an IP protocol and all addresses used in
this specification are either IPv4 or IPv6 addresses". But whether or
not that would be a good idea to mention as clarification in RFC6130
is irrelevant because it's already completed.




[...]
>>
>> AODVv2 has no normative reference to RFC6130. In many cases of AODVv2
>> deployments, I don't think that RFC6130 would be used (whereas it must
>> be used for OLSRv2 and SMF). I am against adding a reference. Anyway,
>> the sentence just lists some example protocols ("such as...").
>>
>
> Just I prefered showing that NHDP explains all its threats when used
> by different MANET routings, if we explain one only then we don't
> explain all threats.


As said above, we cannot assure to discuss *all* threats. I also don't
see how the draft would improve by citing AODVv2 here, as in its
current form, it does not mandate to use RFC6130. And AODVv2 is only a
-00 draft, so there could be many changes to it yet, so we don't even
know what will be included in it (whereas SMF and OLSRv2 are
completed).


>
>>
>>>
>>> [I-D] As wireless radio waves can be captured as well as transmitted
>>> by any wireless
>>> device within radio range
>>>
>>> AB>confused> not true, different antennas have different
>>> waves/frequencies, please delete.
>>
>> I think that this is fairly clear; it's about contrasting
>> communication over cable vs wireless, where the access to the channel
>> is much easier, i.e., security threats can be exploited more easily
>> since there is no physical access protection (read: cable).
>>
>
> Please delete word *any* and change to *some*, because think it is not
> clear to me,


See the other email and suggestion from Stewart.


>
>>>
>>> [I-D] The document analyses possible attacks and mis-configurations on
>>> NHDP and outlines the consequences of such attacks/mis-configurations
>>> to the state
>>> maintained by NHDP in each router (and, thus, made available to
>>> protocols using this state).
>>>
>>> AB> I don’t think it makes full analyses for NHDP threats? Please see
>>> threat analysis by Tsao et al (2013) [1].
>>>
>>> AB> the doc should consider information exchanged attacks and network
>>> attacks as well.
>>
>>
>> I think that this is exactly what NHDP-sec-threats does; section 4
>> describes the possible exploits when using no protection of NHDP.
>> Section 5 outlines the consequences for protocols using NHDP.
>
> I need analysis which was mentioned but not done. I mean what is
> exploited by the NHDP messages and the NHDP IIB and NIB, don't see
> much explaining about those information and the exploitation. Yes in
> section 4 explains but in the point of view of the attacker, and no
> possibility of malfunctions or other issues,


I don't understand which attacks you would like to see in the draft.


>>
>>
>>>
>>> Section 2. Terminology:
>>>
>>> AB> you don’t define *Threat*, and *Attack*, please do same definition
>>> as threat analysis draft in ROLL WG (or refer to it).
>>
>> The words "threat" and "attack" are pretty well known; I don't see any
>> reason why they are ambiguous. I don't see any reason to cite the ROLL
>> draft; why is that related in any way to NHDP? It describes security
>> threats to a completely different protocol.
>
> In the I-D the titles of section make me feel that authors made;
> threats = attacks, so I need that to be answered in the doc.


I don't see how this would improve the draft. Anyone else thinking
this is a problem?


>
>>
>>
>>>
>>> [I-D] Compromised NHDP Router: An attacker, present in the network and
>>> which generates syntactically correct NHDP control messages.
>>> Control messages emitted by a Compromised NHDP router may contain
>>> additional information, or omit information, as compared to a
>>> control message generated by a non-compromized NHDP router located
>>> in the same topological position in the network.
>>>
>>> AB> you mention network position, or topological position, but why the
>>> document ignores the network domain(s) (just topology), could the NHDP
>>> threats affect the network domain policy/states? If not say so,
>>
>>
>> I don't understand your point. What do you mean?
>
> Is the NHDP threats affecting the network domains? as it was mentioned
> in the RFC6130 the different deployments and low-value  WSN. Does
> different deployments mean different NHDP threats.


The draft describes potential threats to NHDP; whether they are always
feasible for an attacker cannot be answered in this document, I think
(and also irrelevant).

Ulrich

v2.23.0 | Report a Bug | By Email