Re: [secdir] Secdir review of draft-ietf-ippm-6man-pdm-option-05: Timing Attacks

[<nalini.elkins@insidethestack.com>]

Tero,

I believe this is the last outstanding issue!  After we reach agreement, I will rewrite the draft to:

1) incorporate the new changes

2) incorporate the changes suggested by the Gen-Art reviewer.

This particular thread relates to timing attacks in the Security section.

nalini.elkins@insidethestack.com writes: 
>>> 8.4 Timing Attacks 
>>> 
>>> The fact that PDM can help in the separation of node processing time 
>>> from network latency brings value to performance monitoring.  Yet, 
>>> it is this very characteristic of PDM which may be misused to make 
>>> certain new type of timing attacks against protocols and 
>>> implementations possible.  Having said that, PDM is more likely to 
>>> be used in response to an attack to find whether there are problems 
>>> in the network or the node rather than its temporary use being 
>>> exploited to mount an attack.  The normal use of PDM is likely to be 
>>> for testing and diagnostics.  So, this is a short-term opportunity 
>>> for an attacker. 
>>> 
>>> Even so, if using PDM, we introduce the concept of user "Consent to 
>>> be Measured" as a pre-requisite for using PDM.  Consent is common in 
>>> enterprises and with some subscription services. So, if with PDM, we 
>>> recommend that the user SHOULD consent to its use. 
> 
> 
> [Tero's comments below] 
> >I think this text might need bit more text about the attacks. I.e. the 
> >nature of these attacks is that they can leak out the long term 
> >credentials of the device. So if attacker is able to make attack, 
> >which causes the enterprice to turn on PDM to diagnose the attack, 
> >then the attacker might use PDM during that debugging time to do 
> >timing attack against the long term keying material used by the crypto 
> >protocol. Immediately when they get the keying material out, they stop 
> >the actual attack, which might then cause the defender to think that 
> >nothing bad happend, and just disable PDM and go on, without realizing 
> >that their long term keying material got stolen during the attack, and 
> >that the visible attack was there only to cause them to turn on PDM... 
> 
> 
> 
>>> Tero, I am a bit reluctant to be completely specific as I think that 
>>> will give people ideas that they might not have had before. 

>Security by obscurity never works. Attackers have much more time to 
>think and plan about attacks than people who are implementing code for 
>something unrelated. If you are too vague, people who are implementing 
>PDM or the crypto protocols, thinks that those attacks are impossible. 
>It is better to spell them out for those implementing those so they 
>can make needed security measures for those. 

>One of those security measures could for example be that PDM is 
>enabled only for certain ip-addresses, or only for some ports. Another 
>would be to enable it for certain timeperiod (for example for 1 hour), 
>so it can be made sure that PDM is not accidently left on after 
>debugging has been done etc. 

>> That is, before I say it, few people might think to launch such 
>> attacks but if I spell it out clearly that such attacks can be 
>> launched, then people who might not even have thought that this was 
>> possible, will now think that they can do it. 

>I think it is better to explain the attacks properly to the PDM 
>implementors, so they understand what kind of things they need to 
>think about when implementing PDM. Same thing for the people 
>implementing crypto protocols. They need to understand that with PDM 
>some things that used to be hard will be easy. 

>If you just give general warnings, that means that quite a lot of 
>implementors think that this text is just general text, not really 
>specific for this. So implementors might think it does not concern 
>them, and ignore the issue. 


8.4 Timing Attacks 

The fact that PDM can help in the separation of node processing time 
from network latency brings value to performance monitoring.  Yet, 
it is this very characteristic of PDM which may be misused to make 
certain new type of timing attacks against protocols and 
implementations possible. 

That is, in some cases, depending on the nature of the cryptographic 
protocol used, it may be possible to leak the long term credentials 
of the device.  For example, if and attacker is able to create an attack 
which causes the enterprise to turn on PDM to diagnose the attack, 
then the attacker might use PDM during that debugging time to launch 
a timing attack against the long term keying material used by the 
cryptographic protocol. 

An implementation may want to be sure that PDM is enabled only for 
certain ip addresses, or only for some ports.  Additionally, we 
recommend that the implementation SHOULD require an explicit 
restart of monitoring after a certain timeperiod (for example for 1 hour), 
to make sure that PDM is not accidently left on after 
debugging has been done etc. 

Even so, if using PDM, we introduce the concept of user "Consent to 
be Measured" as a pre-requisite for using PDM.  Consent is common in 
enterprises and with some subscription services. So, if with PDM, we 
recommend that the user SHOULD consent to its use. 


Thanks,
Nalini