Re: [perpass] TCP Stealth (Was: I-D Action: draft-kirsch-ietf-tcp-stealth-00.txt
Hagen Paul Pfeifer <hagen@jauu.net> Mon, 18 August 2014 13:56 UTC
Return-Path: <hagen@jauu.net>
X-Original-To: perpass@ietfa.amsl.com
Delivered-To: perpass@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2CA281A037A for <perpass@ietfa.amsl.com>; Mon, 18 Aug 2014 06:56:08 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.978
X-Spam-Level:
X-Spam-Status: No, score=-1.978 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_LOW=-0.7] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id hUgjJlxqqH6Y for <perpass@ietfa.amsl.com>; Mon, 18 Aug 2014 06:56:06 -0700 (PDT)
Received: from mail-lb0-f173.google.com (mail-lb0-f173.google.com [209.85.217.173]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id BFD4E1A0351 for <perpass@ietf.org>; Mon, 18 Aug 2014 06:56:05 -0700 (PDT)
Received: by mail-lb0-f173.google.com with SMTP id u10so4167006lbd.18 for <perpass@ietf.org>; Mon, 18 Aug 2014 06:56:03 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=M/ZwKlGBOnf1+/mNQZ/JvixccOse6vINUSxDNvV8R+I=; b=DURP8ZRvvLYly2dUXtgzdeIKQG5RRYYo6f+7IbyrCMvx+e5mwdQph1r7d6EyBdc3Rw p/nfMUFAwr+Nr1p/msRqvHOmUsOEYxGXKmNjyVCu+UqoD+MknVOg+9ag5uR72D4L9wOO PtQoSn87SFqeYvaHcbXgfrzAfvHVbh7YQ19NUzQgZ06J0R8/YDN8DVxCl7mAkZtcdPJs k2QXAekfB1lUyRXh4xMwZTn1HJDsghkRSNyIoqA7vLIB5NzKQzvIblGtu8XoJZUDYRto sHhdro9Yga8XcHm7DjsmJlOhuUcJIii/JAjOhJ596bc+AkZH6W0HKw4MRohmBdk7EJNb avBw==
X-Gm-Message-State: ALoCoQmqlA3OSEYKyxoM9tJuxaiqXb85KSNuUYXCtWgITFw5OzzALm22AOfyjI3E2yHc9Itp0ctp
MIME-Version: 1.0
X-Received: by 10.152.87.82 with SMTP id v18mr29685564laz.17.1408370163422; Mon, 18 Aug 2014 06:56:03 -0700 (PDT)
Received: by 10.152.242.42 with HTTP; Mon, 18 Aug 2014 06:56:03 -0700 (PDT)
X-Originating-IP: [80.246.32.33]
In-Reply-To: <53F2045B.3090602@gnunet.org>
References: <20140815064106.17646.23281.idtracker@ietfa.amsl.com> <20140818131512.GA26987@nic.fr> <53F2045B.3090602@gnunet.org>
Date: Mon, 18 Aug 2014 15:56:03 +0200
Message-ID: <CAPh34menSG8A-fjm6hSEm2QkPNjGtjNOu5Je8xFQiGiq=r4gXQ@mail.gmail.com>
From: Hagen Paul Pfeifer <hagen@jauu.net>
To: Christian Grothoff <grothoff@gnunet.org>
Content-Type: text/plain; charset="UTF-8"
Archived-At: http://mailarchive.ietf.org/arch/msg/perpass/aYPVLTygzreodlb5iFXIAQSmQsg
Cc: draft-kirsch-ietf-tcp-stealth@tools.ietf.org, perpass@ietf.org, Stephane Bortzmeyer <bortzmeyer@nic.fr>
Subject: Re: [perpass] TCP Stealth (Was: I-D Action: draft-kirsch-ietf-tcp-stealth-00.txt
X-BeenThere: perpass@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "The perpass list is for IETF discussion of pervasive monitoring. " <perpass.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/perpass>, <mailto:perpass-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/perpass/>
List-Post: <mailto:perpass@ietf.org>
List-Help: <mailto:perpass-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/perpass>, <mailto:perpass-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 18 Aug 2014 13:56:08 -0000
tcpinc is probably another candiate to discuss this ID. On 18 August 2014 15:49, Christian Grothoff <grothoff@gnunet.org> wrote: > On 08/18/2014 03:15 PM, Stephane Bortzmeyer wrote: >> [The I-D does not indicate, apparently, a mailing list for discussion >> of the idea. Trying on perpass. Suggestions of a better venue are >> welcome.] >> >> On Thu, Aug 14, 2014 at 11:41:06PM -0700, >> internet-drafts@ietf.org <internet-drafts@ietf.org> wrote >> a message of 49 lines which said: >> >>> Title : TCP Stealth >>> Authors : Julian Kirsch >>> Christian Grothoff >>> Jacob Appelbaum >>> Holger Kenn >>> Filename : draft-kirsch-ietf-tcp-stealth-00.txt >> >> IMHO, very good idea for an important problem. I would like this >> work to move forward (an independant RFC with status Experimental, may >> be?) >> >> A few suggestions/remarks: >> >> * May be a remark about the fact that it is intended for small groups >> (the use of a shared secret limits the scalability). > > That is of course correct. > >> * "If the token is incorrect, the operating system pretends that the >> port is closed." If the port is closed, the server will reply with a >> RST. Not very stealth. You meant "If the token is incorrect, the >> operating system won't reply at all"? > > We intend the OS to react in the same way as it does for all other ports > where no service is listening. If the OS policy is to send a RST, it > should also send a RST if the authentication fails If the OS policy is > to drop, it should also drop if the authentication fails. Stealth here > is about being as indistinguishable as possible from an "ordinary" > closed port. > >> * May be a security analysis comparing it to port knocking? > > Eh, this is a port knocking scheme. > >> If I'm >> correct, TCP stealth provides min(32, N) bits of secret (32 being the >> size of the ISN and N the number of bits in the shared secret) while >> port knocking provides 16*N bits (N being the number of ports to >> knock). > > That depends on the type of port knocking scheme deployed. You could in > theory implement a knock with a 512 byte UDP packet and have a huge > shared secret. Naturally, if you talk about a knock where just the > destination port is derived from the knock secret, then your analysis is > correct. But again, there are many ways to implement knocking in general. > >> * May be a mention of SPA <http://www.cipherdyne.org/fwknop/>, which >> is closer from TCP Stealth than port-knocking? (The biggest difference >> is that SPA is not stealth, Eve knows you're using SPA.) > > There are other differences; for a more detailed analysis I would > suggest you use Julian's Master's thesis, not the RFC. The MS thesis is > freely available at https://gnunet.org/kirsch2014knock > >> * Why MD5? I assume that TCP Stealth has no cryptographic agility >> since there is no room to indicate the crypto algorithm (while staying >> stealth) but why MD5, despite RFC 6151? > > As (I hope) the thesis explains, MD5 is used for ISN calculations > already, from ISN to SYN flooding protections. And once reduced to 32 > bits, there is no real security advantage of other hash functions, but > there is a speed (and maybe indistinguishability advantage) for MD5. > >> * "6. Integraton with Applications" should be Integration > > Ack. Fixed in Git, thanks! > > -Christian > > > _______________________________________________ > perpass mailing list > perpass@ietf.org > https://www.ietf.org/mailman/listinfo/perpass >
- [perpass] TCP Stealth (Was: I-D Action: draft-kir… Stephane Bortzmeyer
- Re: [perpass] TCP Stealth (Was: I-D Action: draft… Stephen Farrell
- Re: [perpass] TCP Stealth (Was: I-D Action: draft… Christian Grothoff
- Re: [perpass] TCP Stealth (Was: I-D Action: draft… Hagen Paul Pfeifer
- Re: [perpass] TCP Stealth (Was: I-D Action: draft… Stephane Bortzmeyer