Re: [OSPF] Working Group last Call on "Security Extension for OSPFv2 when using Manual Key Management" - draft-ietf-ospf-security-extension-manual-keying-07

Acee Lindem <acee.lindem@ericsson.com> Fri, 02 May 2014 01:11 UTC

Return-Path: <acee.lindem@ericsson.com>
X-Original-To: ospf@ietfa.amsl.com
Delivered-To: ospf@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 884981A0958 for <ospf@ietfa.amsl.com>; Thu, 1 May 2014 18:11:32 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.9
X-Spam-Level:
X-Spam-Status: No, score=-1.9 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_PASS=-0.001] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l4YpGl5WW3UV for <ospf@ietfa.amsl.com>; Thu, 1 May 2014 18:11:24 -0700 (PDT)
Received: from usevmg20.ericsson.net (usevmg20.ericsson.net [198.24.6.45]) by ietfa.amsl.com (Postfix) with ESMTP id 3461E1A066A for <ospf@ietf.org>; Thu, 1 May 2014 18:11:23 -0700 (PDT)
X-AuditID: c618062d-f79c96d000001cfc-1f-5362a1f6cc68
Received: from EUSAAHC008.ericsson.se (Unknown_Domain [147.117.188.96]) by usevmg20.ericsson.net (Symantec Mail Security) with SMTP id 8E.1A.07420.6F1A2635; Thu, 1 May 2014 21:35:19 +0200 (CEST)
Received: from EUSAAMB101.ericsson.se ([147.117.188.118]) by EUSAAHC008.ericsson.se ([147.117.188.96]) with mapi id 14.03.0174.001; Thu, 1 May 2014 21:11:11 -0400
From: Acee Lindem <acee.lindem@ericsson.com>
To: Gabi Nakibly <gnakibly@yahoo.com>
Thread-Topic: [OSPF] Working Group last Call on "Security Extension for OSPFv2 when using Manual Key Management" - draft-ietf-ospf-security-extension-manual-keying-07
Thread-Index: AQHPX4fmHHGQC+tyAEGkxngfSa1O6JsnatUAgAF0LQCAA+vLgA==
Date: Fri, 2 May 2014 01:11:11 +0000
Message-ID: <BF8C1679-8254-493F-9246-E9FC128B3DA2@ericsson.com>
References: <53478C07.1020006@cisco.com> <1398321540.26301.YahooMailNeo@web165005.mail.bf1.yahoo.com> <481A10B2-4F1F-478C-A7A9-DFA780005D7A@ericsson.com> <1398777508.12837.YahooMailNeo@web165006.mail.bf1.yahoo.com>
In-Reply-To: <1398777508.12837.YahooMailNeo@web165006.mail.bf1.yahoo.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [147.117.188.12]
Content-Type: multipart/alternative; boundary="_000_BF8C16798254493F9246E9FC128B3DA2ericssoncom_"
MIME-Version: 1.0
X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFprAIsWRmVeSWpSXmKPExsUyuXRPgu73hUnBBl/OyFgcPjiLzWLr0SmM Fi337rE7MHtM+b2R1WPJkp9MHrNmHWYKYI7isklJzcksSy3St0vgyljf942tYMYixoqGU/EN jAu6GLsYOTkkBEwkuh/eZIWwxSQu3FvP1sXIxSEkcJRRYuvpe0wQzjJGiYU/PoJVsQnoSDx/ 9I8ZxBYRUJWYPGcV0CQODmYBC4nWa9kg9cICKxkltnesZAdxRARWMUp0TNrACtHgJLHkyh+w 1SwCKhL/Go6xgTTzCthL7FtlDBIWErjDKLHqihSIzSngKXHo6j6wckag676fWsMEYjMLiEvc ejKfCeJqAYkle84zQ9iiEi8f/4P6RklizutrzBD1yRJ3Pi1gB7F5BQQlTs58wjKBUXQWklGz kJTNQlIGETeQeH9uPjOErS2xbOFrKFtfYuOXs4wQtrXEzHOXWZHVLGDkWMXIUVqcWpabbmSw iREYhcck2HR3MO55aXmIUYCDUYmHl3FZZLAQa2JZcWXuIUZpDhYlcd6CL7HBQgLpiSWp2amp BalF8UWlOanFhxiZODilGhhFr31/0v23ePGC4wrrvFRY/rRdXnRU309jo7haepLIhk+LnaMn WvE4Mlw0v5TQ9rum2Wnn3BxhuROTrEpcw65kcdTarDTpPznfbk/rOvPFmxfe9G/0kHwcm2Nw orFt9rTPCx5wm621fWbC6vthg0+6WSejkW8i0/a3aecDfR0XHihtX9iqkaXEUpyRaKjFXFSc CAD3+IXbowIAAA==
Archived-At: http://mailarchive.ietf.org/arch/msg/ospf/Wp9nTU80d7cWYraygHCUqIy3lpQ
Cc: OSPF List <ospf@ietf.org>
Subject: Re: [OSPF] Working Group last Call on "Security Extension for OSPFv2 when using Manual Key Management" - draft-ietf-ospf-security-extension-manual-keying-07
X-BeenThere: ospf@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: The Official IETF OSPG WG Mailing List <ospf.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/ospf>, <mailto:ospf-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/ospf/>
List-Post: <mailto:ospf@ietf.org>
List-Help: <mailto:ospf-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/ospf>, <mailto:ospf-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 02 May 2014 01:11:32 -0000

Hi Gabi,
Sorry for the delay - I agree that a replay could be accomplished in this scenario if it is captured on one interface and replayed on another before any other packets are sent. Interfaces having the same source address are limited to unnumbered links which are inherently P2P. At a minimum, we will document this case.
Thanks,
Acee

On Apr 29, 2014, at 9:18 AM, Gabi Nakibly <gnakibly@yahoo.com<mailto:gnakibly@yahoo.com>> wrote:

Hi Acee,
Thanks for the reply.
Just to clarify my thoughts, I believe that the use of a single sequence number space per router does not prevent the attack. Here is an example. Let's say a router is attached to two links (A and B) while using the same IP address. Let's say the attacker has recorded an Hello message the router just sent on link A. When the router sends this message its SN is higher than any other packet sent on any other link by that router. The attacker would now be able successfully replay the recorded Hello message on link B as long as it does so before the router sends another OSPF message on link B. Such an attack will probably bring down all adjacencies of the router on link B.

I think it would be good to document this type of attacks as many network operators configure the same key on different links. It would be good to bring to their attention the consequences of such configurations. If you wish, I can assist in writing this.

Gabi

________________________________
From: Acee Lindem <acee.lindem@ericsson.com<mailto:acee.lindem@ericsson.com>>
To: Gabi Nakibly <gnakibly@yahoo.com<mailto:gnakibly@yahoo.com>>
Cc: Abhay Roy <akr@cisco.com<mailto:akr@cisco.com>>; OSPF List <ospf@ietf.org<mailto:ospf@ietf.org>>
Sent: Monday, April 28, 2014 6:06 PM
Subject: Re: [OSPF] Working Group last Call on "Security Extension for OSPFv2 when using Manual Key Management" - draft-ietf-ospf-security-extension-manual-keying-07

Hi Gabi,
Thanks much for your review and comment.

On Apr 24, 2014, at 2:39 AM, Gabi Nakibly <gnakibly@yahoo.com<mailto:gnakibly@yahoo.com>> wrote:

Hi,
I think this document is a significant step forward for the security of OSPF. I do have one comment, though. It is concerned with the case in which the same key is configured on different links. If such a situation occurs then an attacker might be able to record an OSPF message on one link and replay it on another. This is particularly relevant for cases where one router uses the same source address in multiple links (e.g. a virtual link and a physical link). So the attacker can record a packet sent by that router on one of the links and replay it over the other as if it was sent by the router itself. This may allow an attacker to cause an adjacency to be brought down.

Note that in section 2 we are recommending one sequence number space for the OSPF router as opposed to one per interface. Hence, this would have to be a replayed packet received from another router with the same source address since the OSPF Router ID in the OSPF header would be protected by the authentication hash. I would consider this to be a misconfiguration.

Moreover, a recorded Hello message may be replayed on arbitrary links (even those that do not share a router using the same source address). If I am not mistaken, RFC2328 does not mandate to discard an Hello message having a source address that is not part of the subnet of the interface on which the message was received.

RFC 2328 does mandate source subnet checking on multi-access networks but not P2P networks. On P2P networks, this could be a problem but would require the attacker to have an active tap on both the P2P interface and another interface using the same key.  Again, this would have to be a replayed packet received from another router due to the OSPF router’s use a single sequence number space. There really isn’t a good solution for this problem on P2P links since the routers don’t share any common identifier for the P2P link. They have an ifIndex but this is a locally unique interface identifier. We can document the problem and recommend use of different keys if the possibility of active taps on P2P interfaces exists.

Thanks,
Acee

Therefore, the recipient of the replayed message would allocate a new neighbor entry, thus giving rise to a DoS attack.

I know that the OSPF standard allows to configure different keys for different links, nonetheless in most of the OSPF deployments I have seen the same key is configured for all links in the AS (or area). I do not know if this is representative of OSPF deployments worldwide, but it might be prudent to analyse the security of the proposed extensions in the context of such cases as well.

Gabi

________________________________
From: Abhay Roy <akr@cisco.com<mailto:akr@cisco.com>>
To: "ospf@ietf.org<mailto:ospf@ietf.org>" <ospf@ietf.org<mailto:ospf@ietf.org>>
Sent: Friday, April 11, 2014 9:30 AM
Subject: [OSPF] Working Group last Call on "Security Extension for OSPFv2 when using Manual Key Management" - draft-ietf-ospf-security-extension-manual-keying-07

All,

We are starting a WG LC on the subject document. Document has been
stable for a while, and Manav was kind enough to present it one last
time in IETF89 (London). LC will end at 9am PST on 25th April 2014.

Please review the document and send any final comments prior to the LC
deadline.

Regards,
-Abhay

_______________________________________________
OSPF mailing list
OSPF@ietf.org<mailto:OSPF@ietf.org>
https://www.ietf.org/mailman/listinfo/ospf


_______________________________________________
OSPF mailing list
OSPF@ietf.org<mailto:OSPF@ietf.org>
https://www.ietf.org/mailman/listinfo/ospf