RE: Security aspects with S-BFD
"Nobo Akiya (nobo)" <nobo@cisco.com> Mon, 10 March 2014 12:54 UTC
Return-Path: <nobo@cisco.com>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id B7D711A042D for <rtg-bfd@ietfa.amsl.com>; Mon, 10 Mar 2014 05:54:56 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -15.048
X-Spam-Level:
X-Spam-Status: No, score=-15.048 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, RP_MATCHES_RCVD=-0.547, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7gNqZWLxjgvb for <rtg-bfd@ietfa.amsl.com>; Mon, 10 Mar 2014 05:54:54 -0700 (PDT)
Received: from rcdn-iport-3.cisco.com (rcdn-iport-3.cisco.com [173.37.86.74]) by ietfa.amsl.com (Postfix) with ESMTP id 636531A0027 for <rtg-bfd@ietf.org>; Mon, 10 Mar 2014 05:54:54 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=5263; q=dns/txt; s=iport; t=1394456089; x=1395665689; h=from:to:subject:date:message-id:references:in-reply-to: content-transfer-encoding:mime-version; bh=UsdExXSZciTb43m+FV0ujhpiUqlEBs7lAOCJhSsh/yc=; b=GPxH261BcHlnnEUTmFeU/eygt3zezgekWu1yavsPJEoq/NMPrtM6NXO6 m1/ngoPqMYQ8953ulfUheTwuSuBUqJLAx+nmL6YL3ueajFXvQigoTjBf1 Cu6kWv+Oc1+YWaoYEdGuFqdp5gLho7jnctqTdAXr1DLl0KSS+tO4AgAV1 8=;
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: AgQFABa1HVOtJV2b/2dsb2JhbABagmUhgRLBPIEaFnSCJQEBAQMBZwQaBAIBCBEDAQEBCx0HMhQJCAEBBAESCIdpCAHPXxeNeDIGMgaDHoEUBIkZoVmDLYIr
X-IronPort-AV: E=Sophos;i="4.97,623,1389744000"; d="scan'208";a="309236584"
Received: from rcdn-core-4.cisco.com ([173.37.93.155]) by rcdn-iport-3.cisco.com with ESMTP; 10 Mar 2014 12:54:48 +0000
Received: from xhc-aln-x14.cisco.com (xhc-aln-x14.cisco.com [173.36.12.88]) by rcdn-core-4.cisco.com (8.14.5/8.14.5) with ESMTP id s2ACsm44015611 (version=TLSv1/SSLv3 cipher=AES128-SHA bits=128 verify=FAIL); Mon, 10 Mar 2014 12:54:48 GMT
Received: from xmb-aln-x01.cisco.com ([fe80::747b:83e1:9755:d453]) by xhc-aln-x14.cisco.com ([173.36.12.88]) with mapi id 14.03.0123.003; Mon, 10 Mar 2014 07:54:48 -0500
From: "Nobo Akiya (nobo)" <nobo@cisco.com>
To: "Bhatia, Manav (Manav)" <manav.bhatia@alcatel-lucent.com>, "MALLIK MUDIGONDA (mmudigon)" <mmudigon@cisco.com>, "rtg-bfd@ietf.org" <rtg-bfd@ietf.org>
Subject: RE: Security aspects with S-BFD
Thread-Topic: Security aspects with S-BFD
Thread-Index: Ac7b2ToBrFn7tnaZR4yTSVGAJsb+GxeiW4sAABDK0AAAUoFLIAAbxZxA
Date: Mon, 10 Mar 2014 12:54:47 +0000
Message-ID: <CECE764681BE964CBE1DFF78F3CDD3941E08B915@xmb-aln-x01.cisco.com>
References: <20211F91F544D247976D84C5D778A4C32E4FACB1@SG70YWXCHMBA05.zap.alcatel-lucent.com> <CF3FB9DE.1C21C%mmudigon@cisco.com> <CECE764681BE964CBE1DFF78F3CDD3941E089F97@xmb-aln-x01.cisco.com> <20211F91F544D247976D84C5D778A4C32E5A7AC9@SG70YWXCHMBA05.zap.alcatel-lucent.com>
In-Reply-To: <20211F91F544D247976D84C5D778A4C32E5A7AC9@SG70YWXCHMBA05.zap.alcatel-lucent.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
x-originating-ip: [161.44.212.61]
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
Archived-At: http://mailarchive.ietf.org/arch/msg/rtg-bfd/gCoK5T0B9NakjJ-0d_aCV5Nf3Vo
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 10 Mar 2014 12:54:57 -0000
Hi Manav, > -----Original Message----- > From: Bhatia, Manav (Manav) [mailto:manav.bhatia@alcatel-lucent.com] > Sent: Sunday, March 09, 2014 7:35 PM > To: Nobo Akiya (nobo); MALLIK MUDIGONDA (mmudigon); rtg-bfd@ietf.org > Subject: RE: Security aspects with S-BFD > > I agree with Nobo here. I don't think binding BFD with a timing protocol is a > good idea. Glad to hear that! > > > I think this is a general topic (i.e. applicable to both BFD and S-BFD) that > > should continue to be discussed, and certainly would like to hear more > from BFD and KARP experts. > > And pray what is that? What would you like to hear more about? I was hoping to see more on discussions around suggestions made by section 6 of draft-ietf-karp-bfd-analysis-01 (for BFD and/or S-BFD), particularly usage of time in place of sequence number. That will be beneficial for one to make a call on embracing the suggestions. -Nobo > > Cheers, Manav > > From: Rtg-bfd [mailto:rtg-bfd-bounces@ietf.org] On Behalf Of Nobo Akiya > (nobo) > Sent: Friday, March 07, 2014 9:46 PM > To: MALLIK MUDIGONDA (mmudigon); rtg-bfd@ietf.org > Subject: RE: Security aspects with S-BFD > > Good to see this discussion continuing (thank Mallik!). > > I'm a bit skeptical of creating a hard dependency from BFD/S-BFD to time > synchronization protocol. Meaning, if we do this, malfunctions in the time > synchronization protocol or even time drift can take down all BFD/S-BFD > sessions, causing instabilities in the network. > > I think this is a general topic (i.e. applicable to both BFD and S-BFD) that > should continue to be discussed, and certainly would like to hear more from > BFD and KARP experts. > > To progress S-BFD base draft, my vote would be to go with suggestion by > Manav (below) for the time being. > > -Nobo > > From: Rtg-bfd [mailto:rtg-bfd-bounces@ietf.org] On Behalf Of MALLIK > MUDIGONDA (mmudigon) > Sent: Friday, March 07, 2014 7:39 AM > To: rtg-bfd@ietf.org > Subject: Re: Security aspects with S-BFD > > Hi, > > As mentioned in draft-ietf-karp-bfd-analysis-01 section 6, if we use UTC > time for Sequence numbers (assuming Initiator and reflector are time > synchronized), then we can mitigate the problem of DOS and Replay attacks > at reflectors. Please share your thoughts. > > Thanks > > Regards > Mallik > > From: <Bhatia>, "Manav (Manav)" <manav.bhatia@alcatel-lucent.com> > Date: Thursday 7 November 2013 10:18 PM > To: "rtg-bfd@ietf.org" <rtg-bfd@ietf.org> > Subject: Security aspects with S-BFD > > Hi, > > S-BFD describes the reflector sessions which raises interesting security > considerations. > > Since the reflector sessions are stateless (that's one of the biggest > advantages) it's impossible for the reflector to keep track of the sequence > number that its heard from its peers. This means, that the reflector is > susceptible to both inter-session and intra-session replay attacks. We had a > discussion internally amongst the co-authors and had the following > proposal that we wanted to vet before the WG members. > > Would like to hear the WGs opinion on this. > > 1. The Initiator picks up a crypto sequence number depending upon the > authentication mode that its using (meticulous or non meticulous). It sends > a packet to the Reflector with this seq num. > > 2. The reflector maintains no session state and hence does not look at the > crypto sequence number before accepting the packet. It looks at the Key ID > (draft-ietf-bfd-generic-crypto-auth-05) in the incoming packet (or it can do it > based on its own database where it maps the neighbor to the key iD) and > verifies the authentication data. If everything looks good, it processes the > packet. > > 3. When responding the Reflector needs to compute the Authentication > data. It uses the same sequence number that it received in the S-BFD packet > that it is responding to. It knows the Key ID, and thus the SA. It computes > the authentication data and sends the S-BFD packet out. > > 4. The Initiator receives the response from the Reflector. It only accepts the > S-BFD packet if it either comes with the same sequence number as it had > sent or its within the window that it finds acceptable (described in detail in > Sec 3.4 of draft-ietf-bfd-generic-crypto-auth-05) > > Benefits of this scheme. > > 1. Reflectors continue to remain stateless despite using security. > > 2. Reflectors are not susceptible to replay attacks as they always respond to > S-BFD packets irrespective of the sequence number carried. > > 3. An attacker cannot forge packets from the Reflector since the Initiator > will only accept S-BFD packets that come with the sequence number that it > had originally used when sending the S-BFD packet. > > Drawbacks of this scheme. > > 1. Reflectors are susceptible to DoS attacks since they respond to all > incoming S-BFD packets. This gets worse when cryptography is used as the > work load drastically increases as security is employed. > > Cheers, Manav > >
- Security aspects with S-BFD Bhatia, Manav (Manav)
- Re: Security aspects with S-BFD Glen Kent
- RE: Security aspects with S-BFD Santosh P K
- Re: Security aspects with S-BFD Jeffrey Haas
- RE: Security aspects with S-BFD Nobo Akiya (nobo)
- Re: Security aspects with S-BFD MALLIK MUDIGONDA (mmudigon)
- RE: Security aspects with S-BFD Nobo Akiya (nobo)
- RE: Security aspects with S-BFD Bhatia, Manav (Manav)
- RE: Security aspects with S-BFD Nobo Akiya (nobo)