IETF Logo Mail Archive

Re: [secdir] secdir review of draft-ietf-6tisch-architecture-21

"Pascal Thubert (pthubert)" <pthubert@cisco.com> Tue, 25 June 2019 12:46 UTC

Return-Path: <pthubert@cisco.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1173B1200F8; Tue, 25 Jun 2019 05:46:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -14.501
X-Spam-Level:
X-Spam-Status: No, score=-14.501 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, RCVD_IN_DNSWL_HI=-5, SPF_PASS=-0.001, USER_IN_DEF_DKIM_WL=-7.5] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=cisco.com header.b=nGiRDYRs; dkim=pass (1024-bit key) header.d=cisco.onmicrosoft.com header.b=DMTHokLf
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id jyxZ_esJnokO; Tue, 25 Jun 2019 05:46:06 -0700 (PDT)
Received: from rcdn-iport-2.cisco.com (rcdn-iport-2.cisco.com [173.37.86.73]) (using TLSv1.2 with cipher DHE-RSA-SEED-SHA (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 7FE95120025; Tue, 25 Jun 2019 05:46:06 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=cisco.com; i=@cisco.com; l=1933; q=dns/txt; s=iport; t=1561466766; x=1562676366; h=from:to:cc:subject:date:message-id:references: in-reply-to:content-transfer-encoding:mime-version; bh=kmZC0DSMAW0H6fIclMv6aFJQY3l41WoHjKkA1PD69J0=; b=nGiRDYRsA4pXDj3Wz3ZLvPR62NY91jUm4oM7xbWttXDmHbPk3Xhl7HLc lJ/biYJd1zrfuJjw1hEQur8x9qDGKz1BYZhNe9rEv5vOxKSiZSkc6ZXBG HXcU7Zl8sOgQkJF0YbOXaUfAhlwBqgVkIDYARjgAcxKH92umXUDqY+9vt I=;
IronPort-PHdr: 9a23:bUzttRRbvVvLut8zdKh89A80qtpsv++ubAcI9poqja5Pea2//pPkeVbS/uhpkESXBNfA8/wRje3QvuigQmEG7Zub+FE6OJ1XH15g640NmhA4RsuMCEn1NvnvOjQmHNlIWUV513q6KkNSXs35Yg6arw==
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: A0AkAACFFhJd/51dJa1mGwEBAQEDAQEBBwMBAQGBVAUBAQELAYFDUAOBPyAECyiHXQOOYUyCD5c4gS6BJANUCQEBAQwBAS0CAQGEQAKCdCM1CA4BAwEBBAEBAgEFbYo3DIVKAQEBAQIBEi4BATcBBAsCAQgSNDIXDgIEDg0ahGsDDg8BApoMAoE4iF+CIoJ5AQEFhQAYghEJgTQBhHCGUB0XgUA/gVeCTD6ERoM6giaOJZtzCQKCFZQGl06kNgIEAgQFAg4BAQWBUgMzgVhwFYMngkGDcIpTcoEpjCIrgiUBAQ
X-IronPort-AV: E=Sophos;i="5.63,415,1557187200"; d="scan'208";a="584993555"
Received: from rcdn-core-6.cisco.com ([173.37.93.157]) by rcdn-iport-2.cisco.com with ESMTP/TLS/DHE-RSA-SEED-SHA; 25 Jun 2019 12:46:04 +0000
Received: from XCH-RCD-006.cisco.com (xch-rcd-006.cisco.com [173.37.102.16]) by rcdn-core-6.cisco.com (8.15.2/8.15.2) with ESMTPS id x5PCk3XP014286 (version=TLSv1.2 cipher=AES256-SHA bits=256 verify=FAIL); Tue, 25 Jun 2019 12:46:03 GMT
Received: from xhs-rcd-001.cisco.com (173.37.227.246) by XCH-RCD-006.cisco.com (173.37.102.16) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 25 Jun 2019 07:46:02 -0500
Received: from xhs-aln-002.cisco.com (173.37.135.119) by xhs-rcd-001.cisco.com (173.37.227.246) with Microsoft SMTP Server (TLS) id 15.0.1473.3; Tue, 25 Jun 2019 07:46:02 -0500
Received: from NAM04-CO1-obe.outbound.protection.outlook.com (173.37.151.57) by xhs-aln-002.cisco.com (173.37.135.119) with Microsoft SMTP Server (TLS) id 15.0.1473.3 via Frontend Transport; Tue, 25 Jun 2019 07:46:01 -0500
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=cisco.onmicrosoft.com; s=selector2-cisco-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=kmZC0DSMAW0H6fIclMv6aFJQY3l41WoHjKkA1PD69J0=; b=DMTHokLf14phsLMwpXbetkYwKj3Tmo3nRzzKpNOzC3GWWgTJ3lyGO5tIq5NKYeBHT04HnPfmrqP8CTVNrLVwkSrKk1wNsK9Dx6ltVdBKCgm40FFyRl9x9YR7YYY7whkvOvTd1k0ISY+EgYoDs9deDTQwymGs6hlrQjgq7PvJOpw=
Received: from MN2PR11MB3565.namprd11.prod.outlook.com (20.178.250.159) by MN2PR11MB4046.namprd11.prod.outlook.com (20.179.149.156) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.2008.16; Tue, 25 Jun 2019 12:46:00 +0000
Received: from MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a]) by MN2PR11MB3565.namprd11.prod.outlook.com ([fe80::1ce9:1582:146c:c50a%6]) with mapi id 15.20.2008.017; Tue, 25 Jun 2019 12:46:00 +0000
From: "Pascal Thubert (pthubert)" <pthubert@cisco.com>
To: Tero Kivinen <kivinen@iki.fi>
CC: David Mandelberg <david@mandelberg.org>, "secdir@ietf.org" <secdir@ietf.org>, "iesg@ietf.org" <iesg@ietf.org>, "draft-ietf-6tisch-architecture.all@ietf.org" <draft-ietf-6tisch-architecture.all@ietf.org>, Thomas Watteyne <thomas.watteyne@inria.fr>, Michael Richardson <mcr+ietf@sandelman.ca>, Mališa Vučinić <malisav@ac.me>
Thread-Topic: [secdir] secdir review of draft-ietf-6tisch-architecture-21
Thread-Index: AQHVKitVZAMqDsUZHEuS/CYS/vDUhKaqVH6wgAEk6YCAAHyKMA==
Date: Tue, 25 Jun 2019 12:45:55 +0000
Deferred-Delivery: Tue, 25 Jun 2019 12:44:56 +0000
Message-ID: <MN2PR11MB35655F77D328CD9B27029413D8E30@MN2PR11MB3565.namprd11.prod.outlook.com>
References: <2cced16c-d1df-88c2-eb21-7452b42f081a@mandelberg.org> <MN2PR11MB35651735463F27A247B4B0F0D8E00@MN2PR11MB3565.namprd11.prod.outlook.com> <23825.24715.882644.180316@fireball.acr.fi>
In-Reply-To: <23825.24715.882644.180316@fireball.acr.fi>
Accept-Language: fr-FR, en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: spf=none (sender IP is ) smtp.mailfrom=pthubert@cisco.com;
x-originating-ip: [2001:420:44f3:1300:552f:ff32:b86:aad7]
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 74f9fce0-2c34-4d54-2efb-08d6f96b13c2
x-microsoft-antispam: BCL:0; PCL:0; RULEID:(2390118)(7020095)(4652040)(8989299)(4534185)(4627221)(201703031133081)(201702281549075)(8990200)(5600148)(711020)(4605104)(1401327)(2017052603328)(7193020); SRVR:MN2PR11MB4046;
x-ms-traffictypediagnostic: MN2PR11MB4046:
x-microsoft-antispam-prvs: <MN2PR11MB404665105C947F06BA57722BD8E30@MN2PR11MB4046.namprd11.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-forefront-prvs: 0079056367
x-forefront-antispam-report: SFV:NSPM; SFS:(10009020)(346002)(366004)(376002)(39860400002)(396003)(136003)(189003)(199004)(71190400001)(81156014)(2906002)(66476007)(81166006)(54906003)(66556008)(14454004)(8676002)(305945005)(73956011)(74316002)(6436002)(316002)(99286004)(5660300002)(66946007)(76176011)(8936002)(186003)(6116002)(6506007)(66446008)(86362001)(476003)(229853002)(11346002)(446003)(76116006)(6916009)(9686003)(33656002)(55016002)(25786009)(4326008)(53936002)(68736007)(256004)(46003)(486006)(14444005)(71200400001)(7696005)(478600001)(102836004)(52536014)(6666004)(6246003)(64756008)(7736002); DIR:OUT; SFP:1101; SCL:1; SRVR:MN2PR11MB4046; H:MN2PR11MB3565.namprd11.prod.outlook.com; FPR:; SPF:None; LANG:en; PTR:InfoNoRecords; MX:1; A:1;
received-spf: None (protection.outlook.com: cisco.com does not designate permitted sender hosts)
x-ms-exchange-senderadcheck: 1
x-microsoft-antispam-message-info: eaxeLxHlj0BjMicF1iMRKb+XEl194L8XSrFoqpSKV8iY5nBIXSiXoLmAUh9b4q9khCm2Jx1hGWvYDFMpSUauwx5UnxEnvCSeSoIy2hkP6eOqIYPZSEWMnqEVjIBPAA6x0H9KH8dyXNOd8kTuj2u3rJILGAmJZLxGordi50L2DcRni1gdSDIbLc15ymTRq5xlf9R46izRPj9EjzmUEEDG26/L/frcPO9GuMpZ4wW/xgv3WVhWvMTu6gtN+LasmMH0/Lbgbr79qxnPn63RacmdQOQYDwT7aLETGBGzVsrbxDNqx0Whq4fF7rlpXGRfjCyNfkcGN6V0KKNX5WdW8Fsb+sY5dnRvOSBgYHsAhTEZKWtLdQeARvIIo3SYS3Mw7KK0XJptiLtH1ZiNuSQfXevMHOrAkNSvM0AqtJQknHpV+aU=
Content-Type: text/plain; charset="iso-8859-2"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-MS-Exchange-CrossTenant-Network-Message-Id: 74f9fce0-2c34-4d54-2efb-08d6f96b13c2
X-MS-Exchange-CrossTenant-originalarrivaltime: 25 Jun 2019 12:46:00.6524 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 5ae1af62-9505-4097-a69a-c1553ef7840e
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: pthubert@cisco.com
X-MS-Exchange-Transport-CrossTenantHeadersStamped: MN2PR11MB4046
X-OriginatorOrg: cisco.com
X-Outbound-SMTP-Client: 173.37.102.16, xch-rcd-006.cisco.com
X-Outbound-Node: rcdn-core-6.cisco.com
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/BxflcdGLj1ouF-xUSlT1Puoe7pg>
Subject: Re: [secdir] secdir review of draft-ietf-6tisch-architecture-21
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 25 Jun 2019 12:46:09 -0000

Hello Tero:

Some clarification questions below:


> Now, if JN is using extended address to generate nonce, the nonce will be
> different for all other nonces ever used, even the ASN is faked, and has been

This is assuming that the attacker is not attacking the same device twice, isn't it?

> used before. On the other hand if JN also receives short address assignment
> from the JRC, JRC needs to make sure that short address has not been
> assigned to anybody else before, as if it was used by someone else, and frame
> sent by JN is encrypted, then attacker will now have two packets with same
> ASN, and short address, meaning same nonce, and it can now decrypt packets.

That's unless new keys are given if the short address is reattributed, correct?

> Note, that attacker might be able to replay valid ACKs for the frame sent by
> the JN, provided that the JRC (or whoever JN sent the message
> to) happened to ack message using the same ASN attacker faked for JN.

Your mean that the faked ASN is only slightly in the future, so the attacker can repeat messages from the pledge after that delay?

> If JN sends message to JRC which only JRC can reply, and uses wrong ASN, the
> JRC will not be able to decrypt/validate that frame because of wrong ASN in
> nonce, and will drop it silently, so if JN uses wrong ASN it might be getting
> ACKs, but it will not get any real reply frames back from real participants in the
> network. After it will not receive confirmation from JRC that it has proper keys
> and ASN, it knows something went wrong.

I'm not sure about the status of sync'ing the JRC with the network. Minimal-security does not discuss it. Talking to Malisa to improve that piece proactively to the sec-dir review.

I'll propose text based on your reply and Malisa's separately.

Many thanks for your clarifications!

Pascal

v2.23.0 | Report a Bug | By Email