IETF Logo Mail Archive

Re: [secdir] secdir review of draft-ietf-6tisch-architecture-21

David Mandelberg <david@mandelberg.org> Sun, 30 June 2019 17:44 UTC

Return-Path: <david@mandelberg.org>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 515041200F7 for <secdir@ietfa.amsl.com>; Sun, 30 Jun 2019 10:44:58 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.699
X-Spam-Level:
X-Spam-Status: No, score=-2.699 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=unavailable autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=mandelberg.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jsnrvWWXiYb6 for <secdir@ietfa.amsl.com>; Sun, 30 Jun 2019 10:44:56 -0700 (PDT)
Received: from smtp.rcn.com (smtp.rcn.com [69.168.97.78]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 41E1212010D for <secdir@ietf.org>; Sun, 30 Jun 2019 10:44:53 -0700 (PDT)
X_CMAE_Category: , ,
X-CNFS-Analysis: v=2.2 cv=buYOPwSi c=1 sm=1 tr=0 a=OXtaa+9CFT7WVSERtyqzJw==:117 a=OXtaa+9CFT7WVSERtyqzJw==:17 a=jpOVt7BSZ2e4Z31A5e1TngXxSK0=:19 a=KGjhK52YXX0A:10 a=-CRmgG0JhlAA:10 a=NTnny0joGdQA:10 a=dq6fvYVFJ5YA:10 a=bmmO2AaSJ7QA:10 a=l70xHGcnAAAA:8 a=AUd_NHdVAAAA:8 a=BTUBnpS-AAAA:8 a=48vgC7mUAAAA:8 a=XEC7Y1hFCdGuypyff68A:9 a=jiObf9B0YAUA:10 a=JtN_ecm89k2WOvw5-HMO:22 a=pblkFgjdBCuYZ9-HdJ6i:22 a=w1C3t2QeGrPiZgrLijVG:22
X-CM-Score: 0
X-Scanned-by: Cloudmark Authority Engine
X-Authed-Username: ZHNlb21uQHJjbi5jb20=
Authentication-Results: smtp01.rcn.cmh.synacor.com header.DKIM-Signature=@mandelberg.org; dkim=pass
Authentication-Results: smtp01.rcn.cmh.synacor.com header.from=david@mandelberg.org; sender-id=softfail
Authentication-Results: smtp01.rcn.cmh.synacor.com smtp.mail=david@mandelberg.org; spf=softfail; sender-id=softfail
Authentication-Results: smtp01.rcn.cmh.synacor.com smtp.user=dseomn@rcn.com; auth=pass (LOGIN)
Received: from [209.6.43.168] ([209.6.43.168:59698] helo=uriel.mandelberg.org) by smtp.rcn.com (envelope-from <david@mandelberg.org>) (ecelerity 3.6.25.56547 r(Core:3.6.25.0)) with ESMTPSA (cipher=DHE-RSA-AES256-GCM-SHA384) id 05/C4-36753-215F81D5; Sun, 30 Jun 2019 13:44:51 -0400
Received: from [192.168.1.152] (DD-WRT [192.168.1.1]) by uriel.mandelberg.org (Postfix) with ESMTPSA id DFA881C6033; Sun, 30 Jun 2019 13:44:49 -0400 (EDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=mandelberg.org; s=201903; t=1561916689; bh=YTWr46pZP38Qg+jENv8lK6KoFtwkrJ0K1QejFOUcGzM=; h=Subject:To:Cc:References:From:Date:In-Reply-To:From; b=o3nOmHvHgg3iQ5dD8TCK9oQ2uNvcwEtE+2cFvZ8TaNzCvigiqbZRtbtS6DF8pp0oO L6CXgYw+PoZ+7ej8ASkOCuhBvIFkSZhvbVR9eeYduIRcRtln1efJjE3lRvQC8AL2Xc cqY4mHFQL1pPd00wbJk3rwpvswQ8tlfyWENxkEMkfdzjFkP6OCAlcfoftPdxW6tlw2 3ax8sCv8TwGXCitesD7yQciwf0d97vYMiAfvXTok1SyXNTNFHiy0BT6JSyLTXpO/2r DAbm6766MbjZ1u/NYqU4ufxeBoBYTWBL1+PU0CupJ4MpZlW/z0ANUYCpn+b4hDmnYQ Yuj3qpWi+DrFg==
To: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
Cc: Tero Kivinen <kivinen@iki.fi>, "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-6tisch-architecture.all@ietf.org" <draft-ietf-6tisch-architecture.all@ietf.org>, Thomas Watteyne <thomas.watteyne@inria.fr>, Mališa Vučini ć <malisav@ac.me>, Michael Richardson <mcr+ietf@sandelman.ca>
References: <2cced16c-d1df-88c2-eb21-7452b42f081a@mandelberg.org> <MN2PR11MB35651735463F27A247B4B0F0D8E00@MN2PR11MB3565.namprd11.prod.outlook.com> <23825.24715.882644.180316@fireball.acr.fi> <MN2PR11MB35655F77D328CD9B27029413D8E30@MN2PR11MB3565.namprd11.prod.outlook.com> <28910.1561477164@localhost> <MN2PR11MB356523D951AF96FF31143F34D8E20@MN2PR11MB3565.namprd11.prod.outlook.com> <17322.1561564458@localhost> <MN2PR11MB356522D2D3C8E73A7AECF930D8FC0@MN2PR11MB3565.namprd11.prod.outlook.com>
From: David Mandelberg <david@mandelberg.org>
Message-ID: <66e00d2b-448a-7845-451f-6a0a14a3fb11@mandelberg.org>
Date: Sun, 30 Jun 2019 13:44:47 -0400
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.7.0
MIME-Version: 1.0
In-Reply-To: <MN2PR11MB356522D2D3C8E73A7AECF930D8FC0@MN2PR11MB3565.namprd11.prod.outlook.com>
Content-Type: text/plain; charset="iso-8859-2"; format="flowed"
Content-Language: en-US
Content-Transfer-Encoding: 7bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/2yydU7fkrqvjzYwlx1vloOGJaFk>
Subject: Re: [secdir] secdir review of draft-ietf-6tisch-architecture-21
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Sun, 30 Jun 2019 17:44:58 -0000

-23 looks good. Thank you all for doing the work to secure the protocols!

On 6/28/19 6:59 AM, Pascal Thubert (pthubert) wrote:
> Hello David
> 
> Many thanks again. Your comments steered great discussions that led to improvements in both this draft and minimal security.
> I posted -23 in the hope that it satisfies all your comments. Please let us know is there is any additional issue we need to look at.
>   
> All the best,
>   
> Pascal
> 
>> -----Original Message-----
>> From: Michael Richardson <mcr+ietf@sandelman.ca>
>> Sent: mercredi 26 juin 2019 17:54
>> To: Pascal Thubert (pthubert) <pthubert@cisco.com>
>> Cc: Tero Kivinen <kivinen@iki.fi>; David Mandelberg
>> <david@mandelberg.org>; secdir@ietf.org; iesg@ietf.org; draft-ietf-6tisch-
>> architecture.all@ietf.org; Thomas Watteyne <thomas.watteyne@inria.fr>;
>> =?iso-8859-2?Q?Mali=B9a_Vu=E8ini=E6?= <malisav@ac.me>
>> Subject: Re: [secdir] secdir review of draft-ietf-6tisch-architecture-21
>>
>>
>> Pascal Thubert (pthubert) <pthubert@cisco.com> wrote:
>>      >> Tero:
>>      >> >> Note, that attacker might be able to replay valid ACKs for the frame
>>      >> >> sent by the JN, provided that the JRC (or whoever JN sent the message
>>      >> >> to) happened to ack message using the same ASN attacker faked for
>> JN.
>>      >>
>>      >> Pascal Thubert (pthubert) <pthubert@cisco.com> wrote:
>>      >> > Your mean that the faked ASN is only slightly in the future, so the
>>      >> > attacker can repeat messages from the pledge after that delay?
>>      >>
>>      >> The faked ASN is always in the past.
>>
>>      > Do you mean the replayed ones? When the pledge does not have the keys,
>>      > the attacker can forge the beacon with any ASN, and place random bytes
>>      > in the MIC, can't it?
>>
>> Yes, the replayed one has a "fake" ASN that is in the past.
>>
>>      > If the attacker fakes an ASN that is tomorrow and intercepts a join
>>      > request, it could make the pledge seem to appear now on the network
>>      > tomorrow even if the real pledge is long gone.
>>
>> But that one won't validate.
>>
>>      >> So the L2-ACKs can be faked, was the point.
>>
>>      > I can see that an ACK can be replayed. But the ACK that was stored in
>>      > advance can only work if the attacked node speaks on the very ASN for
>>      > which the attacker intercepted an ACK in the past. The attacker is not
>>      > in control of that and that makes its life harder.
>>
>> When I said faked, I should have said replayed.
>>
>> I think that we don't need to do this: just wait for a beacon.  If the attacker can
>> block and replay them all, then they absolutely win, and the network can not
>> form.  Such an attacker probably can also put faraday cages around all the
>> nodes.
>>
>> --
>> Michael Richardson <mcr+IETF@sandelman.ca>, Sandelman Software Works  -
>> = IPv6 IoT consulting =-
>

v2.23.0 | Report a Bug | By Email