IETF Logo Mail Archive

Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt

Jeffrey Haas <jhaas@pfrc.org> Mon, 26 July 2021 14:48 UTC

Return-Path: <jhaas@slice.pfrc.org>
X-Original-To: rtg-bfd@ietfa.amsl.com
Delivered-To: rtg-bfd@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3C1753A174B; Mon, 26 Jul 2021 07:48:30 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.901
X-Spam-Level:
X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id oRuTm5vL0KSj; Mon, 26 Jul 2021 07:48:28 -0700 (PDT)
Received: from slice.pfrc.org (slice.pfrc.org [67.207.130.108]) by ietfa.amsl.com (Postfix) with ESMTP id 5AEC13A173B; Mon, 26 Jul 2021 07:48:28 -0700 (PDT)
Received: by slice.pfrc.org (Postfix, from userid 1001) id 2DCB41E1CD; Mon, 26 Jul 2021 10:48:27 -0400 (EDT)
Date: Mon, 26 Jul 2021 10:48:26 -0400
From: Jeffrey Haas <jhaas@pfrc.org>
To: Alan DeKok <aland@freeradius.org>
Cc: "rtg-bfd@ietf. org" <rtg-bfd@ietf.org>, Reshad Rehman <reshad@yahoo.com>, draft-ietf-bfd-secure-sequence-numbers@ietf.org
Subject: Re: I-D Action: draft-ietf-bfd-secure-sequence-numbers-08.txt
Message-ID: <20210726144826.GB32584@pfrc.org>
References: <20210405171412.GB12257@pfrc.org> <4831ADD8-6E8D-4CDD-966F-B273A3AF45C5@freeradius.org> <20210405184656.GE12257@pfrc.org> <468C7D1D-7BE2-4759-9D81-0E18725FCA90@freeradius.org> <20210405190821.GF12257@pfrc.org> <14A4DD6D-7002-45A9-8FE4-42B512E97318@freeradius.org> <D48909A0-D7E9-40DA-83DA-CB0327D2D586@gmail.com> <096BC9E7-8877-4EF3-A94B-394AFE0E76E7@freeradius.org> <20210726141455.GA32584@pfrc.org> <211EC22C-F4AB-4FE6-98AB-511C5CE4EB8B@freeradius.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Disposition: inline
In-Reply-To: <211EC22C-F4AB-4FE6-98AB-511C5CE4EB8B@freeradius.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
Archived-At: <https://mailarchive.ietf.org/arch/msg/rtg-bfd/i8_zqG3XskweamxpyWfPXzs0ocE>
X-BeenThere: rtg-bfd@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: "RTG Area: Bidirectional Forwarding Detection DT" <rtg-bfd.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/rtg-bfd/>
List-Post: <mailto:rtg-bfd@ietf.org>
List-Help: <mailto:rtg-bfd-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/rtg-bfd>, <mailto:rtg-bfd-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 26 Jul 2021 14:48:30 -0000

Alan,

On Mon, Jul 26, 2021 at 10:35:01AM -0400, Alan DeKok wrote:
> 
>   That should be possible.
[...]
>   Yes.
[...]
>   Yes.
> 
> > This means that the benefit for the feature would require a function that
> > can be run on a window of packets for predicted inputs and generate the pool
> > of next expected sequence numbers.
> 
>   Yes.
> 
>   I think a cryptographic random number generator here is likely OK.  Those are usually simple, and fast.  The system can be seeded with a strong secret, or maybe hash of a secret and other information.
> 
>   My suggestion to calculate a hash over the packet is that it prevents certain kinds of attacks.  i.e. an attacker could take packet X, and sequence number Y, and put the two together, to spoof / forge state.
> 
>   Fixing that requires that the sequence number is somehow tied to a particular packet.

I don't dispute that these things are possible.

What's being requested is that our specifications have some specificity and
a proposal be made for a suitable mechanism and how it integrates into BFD.
:-)

In any case, you've minimally confirmed that the current text in the
secure-sequence numbers draft is misleading in suggesting a reversible
operation.  The procedural text there thus needs work to incorporate the
points discussed.

-- Jeff

v2.23.0 | Report a Bug | By Email