IETF Logo Mail Archive

RE: [RPSEC] Re: draft-convery-bgpattack-00

Iljitsch van Beijnum <iljitsch@muada.com> Wed, 06 November 2002 16:39 UTC

Received: from www1.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA00793 for <rpsec-archive@odin.ietf.org>; Wed, 6 Nov 2002 11:39:27 -0500 (EST)
Received: (from mailnull@localhost) by www1.ietf.org (8.11.6/8.11.6) id gA6GfTe26878 for rpsec-archive@odin.ietf.org; Wed, 6 Nov 2002 11:41:29 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id gA6GfTv26875 for <rpsec-web-archive@optimus.ietf.org>; Wed, 6 Nov 2002 11:41:29 -0500
Received: from www1.ietf.org (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA00785 for <rpsec-web-archive@ietf.org>; Wed, 6 Nov 2002 11:38:56 -0500 (EST)
Received: from www1.ietf.org (localhost.localdomain [127.0.0.1]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id gA6Gf6v26831; Wed, 6 Nov 2002 11:41:06 -0500
Received: from ietf.org (odin.ietf.org [132.151.1.176]) by www1.ietf.org (8.11.6/8.11.6) with ESMTP id gA6GdWv26664 for <rpsec@optimus.ietf.org>; Wed, 6 Nov 2002 11:39:32 -0500
Received: from sequoia.muada.com (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA00659 for <rpsec@ietf.org>; Wed, 6 Nov 2002 11:36:59 -0500 (EST)
Received: from localhost (iljitsch@localhost) by sequoia.muada.com (8.11.3/8.9.3) with ESMTP id gA6Gcxg58703; Wed, 6 Nov 2002 17:38:59 +0100 (CET) (envelope-from iljitsch@muada.com)
Date: Wed, 06 Nov 2002 17:38:59 +0100
From: Iljitsch van Beijnum <iljitsch@muada.com>
To: sandy@tislabs.com
cc: bgreene@cisco.com, rpsec@ietf.org
Subject: RE: [RPSEC] Re: draft-convery-bgpattack-00
In-Reply-To: <200211061542.gA6FgfF14354@raven.gw.tislabs.com>
Message-ID: <20021106171433.J58530-100000@sequoia.muada.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset="US-ASCII"
Sender: rpsec-admin@ietf.org
Errors-To: rpsec-admin@ietf.org
X-BeenThere: rpsec@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=unsubscribe>
List-Id: Routing Protocol Security Requirements <rpsec.ietf.org>
List-Post: <mailto:rpsec@ietf.org>
List-Help: <mailto:rpsec-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/rpsec>, <mailto:rpsec-request@ietf.org?subject=subscribe>

On Wed, 6 Nov 2002 sandy@tislabs.com wrote:

> >IMHO - "Security requirements" that force Internet capital spending and
> >network wide maintenance windows to deploy are not going to be adopted by
> >the operations community.

> Not a surprising development and reminiscent of the auto manufacturers'
> stance on seat belts, crash resistent bumpers, air bags, ...  Those whose
> focus is the bottom line always want to be shown a financial incentive.
> "How about 'survival'?" seems to be unpersuasive.

Routers are a lot like regular computers in many ways, but you can only
expect to sell a very small number compared to computers. I'm not a
router builder but I think that's the reason why router CPUs are so slow
compared to those of regular computers: the design costs to keep up with
the latest CPU technology would be too high.

As far as I can tell, verifying a signature takes in the order of a
millisecond on a decent CPU. So with 115,000 routes in the global
routing table, that's 2 minutes to initialize BGP, assuming one
signature must be checked per route. I don't think this is acceptable,
especially not considering router CPUs may be slower, there is other
processing to do as well and the expected growth of the global routing
table. This means routers must be equipped with crypto modules.

Then there is memory. There are still many routers in production that
are already in trouble memory-wise as their design allows only 32, 64 or
128 MB and a Cisco needs 256 MB to comfortably run BGP. I've tried to
add up all the extra fields but I couldn't be sure how much of what goes
where, but it looks like S-BGP will take at least twice the memory of
regular BGP.

This means some routers must be replaced completely and all others need
hardware upgrades. So expect resistance from the people who have to pay
the bill. Especially if there is so much of a byte wasted in your packet
formats, or there is a place where crypto is used when the same result
could be obtained without it.

Also note that the perceived need for more security in BGP can't be all
that high, as we can tell by the level of MD5 option deployment.

_______________________________________________
RPSEC mailing list
RPSEC@ietf.org
https://www1.ietf.org/mailman/listinfo/rpsec

v2.23.0 | Report a Bug | By Email