Re: Security aspects with S-BFD
Glen Kent <glen.kent@gmail.com> Fri, 08 November 2013 17:23 UTC
Return-Path: <glen.kent@gmail.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 4ACC221E8138 for <rtg-bfd@ietfa.amsl.com>; Fri, 8 Nov 2013 09:23:54 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, HTML_MESSAGE=0.001, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 98ky-ecPJGjs for <rtg-bfd@ietfa.amsl.com>; Fri, 8 Nov 2013 09:23:53 -0800 (PST)
Received: from mail-ob0-x232.google.com (mail-ob0-x232.google.com [IPv6:2607:f8b0:4003:c01::232]) by ietfa.amsl.com (Postfix) with ESMTP id 7B42F11E80DC for <rtg-bfd@ietf.org>; Fri, 8 Nov 2013 09:23:53 -0800 (PST)
Received: by mail-ob0-f178.google.com with SMTP id va2so1782760obc.9 for <rtg-bfd@ietf.org>; Fri, 08 Nov 2013 09:23:53 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=7vePI1oFtWMYXia1RbwTjImEHfzkIq/es5n79/TB3yU=; b=D04tVB3hRJsx6Tr/uUeLuHCvkYnAW3r80ZsDxot0HKc56ubvqg45/2aNKA5NVVkpo7 kiLymySUiQWMq+xahfYgn0RQzmiuT8/lAWfNA+VkVNrCMtosSSrxhKPqxfCT8/zzpB3V oZDTNihWbwfOFAeGaIFkRsyiX8PmotZlXDwytJZ61b8Hw3bEw2z29NWcyNmDrT9tXhrk 52UG8ZHwukPr/Laj+yaiSBV1lwgpPkPZk2tk7Kddpl0PSEogljm9kfQBpINCxHYPPAww CytB5Ah+ZG6yGjk33d4aLHMDmRV4/PqQWz6wHknwFrmYbyTIgEGDPnBr2jvnJT4X91of yr/A==
MIME-Version: 1.0
X-Received: by 10.182.18.102 with SMTP id v6mr889240obd.71.1383931432929; Fri, 08 Nov 2013 09:23:52 -0800 (PST)
Received: by 10.182.23.36 with HTTP; Fri, 8 Nov 2013 09:23:52 -0800 (PST)
In-Reply-To: <20211F91F544D247976D84C5D778A4C32E4FACB1@SG70YWXCHMBA05.zap.alcatel-lucent.com>
References: <20211F91F544D247976D84C5D778A4C32E4FACB1@SG70YWXCHMBA05.zap.alcatel-lucent.com>
Date: Fri, 08 Nov 2013 22:53:52 +0530
Message-ID: <CAPLq3UMV4es_NMZdeB=QEEWyJ0bBQq86hpos-hFbkOtGn_C6-g@mail.gmail.com>
Subject: Re: Security aspects with S-BFD
From: Glen Kent <glen.kent@gmail.com>
To: "Bhatia, Manav (Manav)" <manav.bhatia@alcatel-lucent.com>
Content-Type: multipart/alternative; boundary="001a11c339e6740d3c04eaada547"
Cc: "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-bfd>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 08 Nov 2013 17:23:54 -0000
This is akin to saying that sequence numbers will not be used for authenticating S-BFD packets, right? If thats how it is, then cant we simply set this to 0, and ignore it on receipt. Glen On Thu, Nov 7, 2013 at 10:18 PM, Bhatia, Manav (Manav) < manav.bhatia@alcatel-lucent.com> wrote: > Hi, > > S-BFD describes the reflector sessions which raises interesting security > considerations. > > Since the reflector sessions are stateless (that's one of the biggest > advantages) it's impossible for the reflector to keep track of the sequence > number that its heard from its peers. This means, that the reflector is > susceptible to both inter-session and intra-session replay attacks. We had > a discussion internally amongst the co-authors and had the following > proposal that we wanted to vet before the WG members. > > Would like to hear the WGs opinion on this. > > 1. The Initiator picks up a crypto sequence number depending upon the > authentication mode that its using (meticulous or non meticulous). It sends > a packet to the Reflector with this seq num. > > 2. The reflector maintains no session state and hence does not look at the > crypto sequence number before accepting the packet. It looks at the Key ID > (draft-ietf-bfd-generic-crypto-auth-05) in the incoming packet (or it can > do it based on its own database where it maps the neighbor to the key iD) > and verifies the authentication data. If everything looks good, it > processes the packet. > > 3. When responding the Reflector needs to compute the Authentication data. > It uses the same sequence number that it received in the S-BFD packet that > it is responding to. It knows the Key ID, and thus the SA. It computes the > authentication data and sends the S-BFD packet out. > > 4. The Initiator receives the response from the Reflector. It only accepts > the S-BFD packet if it either comes with the same sequence number as it had > sent or its within the window that it finds acceptable (described in detail > in Sec 3.4 of draft-ietf-bfd-generic-crypto-auth-05) > > Benefits of this scheme. > > 1. Reflectors continue to remain stateless despite using security. > > 2. Reflectors are not susceptible to replay attacks as they always respond > to S-BFD packets irrespective of the sequence number carried. > > 3. An attacker cannot forge packets from the Reflector since the Initiator > will only accept S-BFD packets that come with the sequence number that it > had originally used when sending the S-BFD packet. > > Drawbacks of this scheme. > > 1. Reflectors are susceptible to DoS attacks since they respond to all > incoming S-BFD packets. This gets worse when cryptography is used as the > work load drastically increases as security is employed. > > Cheers, Manav > > >
- Security aspects with S-BFD Bhatia, Manav (Manav)
- Re: Security aspects with S-BFD Glen Kent
- RE: Security aspects with S-BFD Santosh P K
- Re: Security aspects with S-BFD Jeffrey Haas
- RE: Security aspects with S-BFD Nobo Akiya (nobo)
- Re: Security aspects with S-BFD MALLIK MUDIGONDA (mmudigon)
- RE: Security aspects with S-BFD Nobo Akiya (nobo)
- RE: Security aspects with S-BFD Bhatia, Manav (Manav)
- RE: Security aspects with S-BFD Nobo Akiya (nobo)