[secdir] secdir review of draft-ietf-ipfix-flow-selection-tech
"Dan Harkins" <dharkins@lounge.org> Tue, 10 April 2012 23:59 UTC
Return-Path: <dharkins@lounge.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 01DF711E811A; Tue, 10 Apr 2012 16:59:44 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.336
X-Spam-Level:
X-Spam-Status: No, score=-5.336 tagged_above=-999 required=5 tests=[AWL=0.929, BAYES_00=-2.599, IP_NOT_FRIENDLY=0.334, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id Sz5adrNtT173; Tue, 10 Apr 2012 16:59:43 -0700 (PDT)
Received: from colo.trepanning.net (colo.trepanning.net [69.55.226.174]) by ietfa.amsl.com (Postfix) with ESMTP id 893E811E810C; Tue, 10 Apr 2012 16:59:43 -0700 (PDT)
Received: from www.trepanning.net (localhost [127.0.0.1]) by colo.trepanning.net (Postfix) with ESMTP id 4E6071022404A; Tue, 10 Apr 2012 16:59:43 -0700 (PDT)
Received: from 69.12.173.8 (SquirrelMail authenticated user dharkins@lounge.org) by www.trepanning.net with HTTP; Tue, 10 Apr 2012 16:59:43 -0700 (PDT)
Message-ID: <8b9118710c0f73581afe12789d16ae07.squirrel@www.trepanning.net>
Date: Tue, 10 Apr 2012 16:59:43 -0700
From: Dan Harkins <dharkins@lounge.org>
To: iesg@ietf.org, secdir@ietf.org, draft-ietf-ipfix-flow-selection-tech.all@tools.ietf.org
User-Agent: SquirrelMail/1.4.14 [SVN]
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 8bit
X-Priority: 3 (Normal)
Importance: Normal
Subject: [secdir] secdir review of draft-ietf-ipfix-flow-selection-tech
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 10 Apr 2012 23:59:44 -0000
Hello, I have reviewed this document as part of the security directorate's ongoing effort to review all IETF documents being processed by the IESG. These comments were written primarily for the benefit of the security area directors. Document editors and WG chairs should treat these comments just like any other last call comments. This draft describes techniques to select flows which are sets of packets with some common characteristics. The authors have accurately identified what constitutes an attack-- an adversary having the ability to influence flow selection-- and the Security Considerations give a couple examples of this. They seem fine. There is reference to a paper "[GoRe07]" which does not appear in the References and seems to give advice that I think is wrong: use a strong cryptographically strong random number generator to thwart an attack in which parameters of time-based sampling are discovered to predict the selection decision. This attack can be thwarted by using a value that the adversary cannot predict (sort of like an IV for CBC mode) instead of a cryptographically strong random number. That leaves the random number pool to applications that really need it (like a key exchange that does a Diffie-Hellman). I suggest removing the reference to the un-referenced paper and mention a weaker requirement to thwart that attack. regards, Dan.
- [secdir] secdir review of draft-ietf-ipfix-flow-s… Dan Harkins
- [secdir] R: secdir review of draft-ietf-ipfix-flo… Salvatore D'Antonio
- [secdir] R: secdir review of draft-ietf-ipfix-flo… Salvatore D'Antonio