IETF Logo Mail Archive

Re: [secdir] secdir review of draft-ietf-lisp-gpe

Christopher Wood <christopherwood07@gmail.com> Fri, 14 September 2018 13:30 UTC

Return-Path: <christopherwood07@gmail.com>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2A204130E5B; Fri, 14 Sep 2018 06:30:16 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -1.75
X-Spam-Level:
X-Spam-Status: No, score=-1.75 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_PASS=-0.001] autolearn=no autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mC-0nLYdx3vn; Fri, 14 Sep 2018 06:30:14 -0700 (PDT)
Received: from mail-io1-xd2f.google.com (mail-io1-xd2f.google.com [IPv6:2607:f8b0:4864:20::d2f]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 0D074130EC4; Fri, 14 Sep 2018 06:30:14 -0700 (PDT)
Received: by mail-io1-xd2f.google.com with SMTP id w11-v6so6043013iob.2; Fri, 14 Sep 2018 06:30:14 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=1fAL8SoWNK+ETWlHUyCD6E8oPCMnIvauSUpHL43HjxA=; b=uP/Vh3Psy5l7ITIz8y03AerkdUs7uTzDEx89dzgCH5goBIaYiUXeJk+4NYuf2R2OUw YjGktRAN++6IM4JU/4LLkJhMsFusrcLPpjUdm4fmDnPEnoXf+TB+vBOSie+mINtOLGk1 VDUQthxduDl3w5onTDUczURTM1kHK16nVTbDNA78dPZj8Ra3DRfOpEhviL1ZGeuLV8G8 E2Y8f12qTHUoGkCYvrbr7T7bu3yTTKIM4kYjEvn+7xwkhn489223nvuiyxKwGgdr8bZW 9vfaT7/mf/jDtzIz1iJLNh6s/Df6AdNcWBESNzK0rkOgLlv173C0t1OQfpRo5uMDwuSL +iGA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=1fAL8SoWNK+ETWlHUyCD6E8oPCMnIvauSUpHL43HjxA=; b=lrzo+cyyGt7CL4lRi4FDlqAh4+oMls3iA3Tqfg8CN9tmdDxvTCkeb5yIhzz/uh0AxO IxJsqYx5H1bfwDJt9oJcJwaa9/Gx4mM49lan5Y5Aekivul3mMM/hlB7mgvTCaaaxHHbx 5T5/mi8+oyHo0zs+LqmajD1DaTi8XJHVbem46zIeXW9wW1W0qghw7VIB76vMz4jAae+J iRelUq9rSazF6qG0Y0rfaupqO43mFYT8H7sBBLBGMvWXPwD9xJxtE2TD5ZZQyvvnOorN /5vBNlh5aATkCUeC00c7yvHroZ0R50mAIT5xe2SjkQCgx7WX8VuREuxmB1gnq0qTf1fH w48Q==
X-Gm-Message-State: APzg51C1Loap5DhGCeQt6GLBTQxo2ciSi5u+lcVxTuY85rtHBnjmGaLc uRnpd72fL7MeRmeHFgbtuY2PRbqc9tBM2ma1G0zFym6m
X-Google-Smtp-Source: ANB0VdZm/JKmvRBHXuRAuEeNPJ0/E74ZBXMXFgmji+8qdNZ+Tr4nFn3Hr/mR49BfHFrAkSwD2nzDKFE866kqCp7nAyU=
X-Received: by 2002:a6b:7846:: with SMTP id h6-v6mr7911588iop.204.1536931813134; Fri, 14 Sep 2018 06:30:13 -0700 (PDT)
MIME-Version: 1.0
References: <CAO8oSXkv2RAL5w8oG4yY7EZNujsc+nZYmaf+OdCjOzmkY2dnTg@mail.gmail.com> <7aedf62f-780b-6ebd-16eb-d7c2031be91d@cisco.com>
In-Reply-To: <7aedf62f-780b-6ebd-16eb-d7c2031be91d@cisco.com>
From: Christopher Wood <christopherwood07@gmail.com>
Date: Fri, 14 Sep 2018 06:29:59 -0700
Message-ID: <CAO8oSX=9NU_wg2pfRKoS5xgiAWa=Efwf_zRqkupU373-z7=VPg@mail.gmail.com>
To: fmaino@cisco.com
Cc: The IESG <iesg@ietf.org>, secdir@ietf.org, draft-ietf-lisp-gpe.all@ietf.org
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
Archived-At: <https://mailarchive.ietf.org/arch/msg/secdir/NF1qQf2fg9GYnsAtndLyuewqIXs>
Subject: Re: [secdir] secdir review of draft-ietf-lisp-gpe
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 14 Sep 2018 13:30:26 -0000

Hi Fabio,

Thanks for the quick response! Your proposed additions address my
concerns. I assume you all will work out what is best for the
diagrams.

Best,
Chris

On Wed, Sep 12, 2018 at 5:12 PM Fabio Maino <fmaino@cisco.com> wrote:
>
> On 9/9/18 11:26 AM, Christopher Wood wrote:
> > Hello,
> >
> > I have reviewed this document as part of the security directorate's
> > ongoing effort to review all IETF documents being processed by the
> > IESG. These comments were written primarily for the benefit of the
> > security area directors. Document editors and WG chairs should treat
> > these comments just like any other last call comments.
> >
> >     The summary of my review is: Ready with issues.
> >
> > The proposed extension mechanism is simple to understand. However, my
> > main concern is regarding the nonce size reduction and implications on
> > LISP. While the threat models (on-path and off-path) do not change
> > with this extension, the probability of some off-path attacks might
> > change. Specifically, the probability of correctly guessing a 16 bit
> > nonce is not negligible. This might make attacks in which an adversary
> > tries to convince an ITR of reachability to an otherwise unreachable
> > ETR more likely. From [1], an ITR that sees the nonce echoed correctly
> > “knows that the path to and from the ETR is up.” Thus, I think some
> > discussion of this is necessary in the security considerations.
>
> Good point. I'll add the following text to the Security Section, after
> the very first paragraph:
>
> "The Echo Nonce Algorithm described in [I-D.ietf-lisp-rfc6830bis] relies
> on the nonce to detect reachability from ITR to ETR. In LISP-GPE the use
> of a 16-bit nonce, compared with the 24-bit nonce used in LISP,
> increases the probability of an off-path attacker to correctly guess the
> nonce and force the ITR to believe that a non-reachable RLOC is
> reachable. However, the use of common anti-spoofing mechanisms such as
> uRPF prevents this form of attack."
> >
> > Beyond that, I have the following minor comments and nits:
> >
> > - UDP checksums seem to be the only mechanism in place that give ITRs
> > and ETRs a means of checking datagram integrity. Of course, this means
> > an on-path adversary can muck with the g-Bit from Section 4.1 so as to
> > prevent use of the GPE mechanism. This is not new with this extension,
> > though a comment on the issue might be useful, e.g., in the security
> > considerations.
>
> I will add this paragraph to the security section:
>
> "LISP-GPE, as many encapsulations that use optional extensions, is
> subject to on-path adversaries that by manipulating the g-Bit and the
> packet itself can remove part of the payload. Typical integrity
> protection mechanisms (such as IPsec) SHOULD be used in combination with
> LISP-GPE by those protocol extensions that want to protect from on-path
> attackers."
>
>
> > - It would be helpful to include packet diagrams similar to Figure 2
> > wherein (1) P and V are set and (2) only P is set. While I don’t find
> > the text misleading or confusing, a figure might help other readers.
> >
> >          0                   1                   2                   3
> >          0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> >         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >         |N|L|E|1|I|1|K|K|   Source MV   |    Dest MV    | Next Protocol |
> >         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >         |                 Instance ID/Locator-Status-Bits               |
> >         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >
> >          0                   1                   2                   3
> >          0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1
> >         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >         |0|L|0|0|I|1|K|K|           ... 0 ...           | Next Protocol |
> >         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
> >         |                 Instance ID/Locator-Status-Bits               |
> >         +-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
>
> I'd prefer to use diagrams that are congruent with those used in
> RFC6830bis. I'll defer this comment to the authors of RFC6830bis, and
> follow whatever convention they will decide to follow.
>
> >
> > - In Section 4, where it states, "A LISP-GPE router MUST NOT
> > encapsulate non-IP packets to a non LISP-GPE capable router," I might
> > replace "to a non LIST-GPE capable router" with "when the P-bit is set
> > to 0."
>
> I will use the following text:
>
> "A LISP-GPE router MUST NOT encapsulate non-IP packets (that have the
> P-bit set to 1) to a non-LISP-GPE capable router."
>
>
> Thanks,
> Fabio
>
>
> >
> > [1] https://tools.ietf.org/html/draft-ietf-lisp-rfc6830bis-16#section-10.1
>
>

v2.23.0 | Report a Bug | By Email