Re: [secdir] sec-dir review of draft-ietf-ipsecme-ikev2-fragmentation-06
Valery Smyslov <svan@elvis.ru> Thu, 03 April 2014 15:19 UTC
Return-Path: <svan@elvis.ru>
X-Original-To: secdir@ietfa.amsl.com
Delivered-To: secdir@ietfa.amsl.com
Received: from localhost (ietfa.amsl.com [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id F0EC31A024E; Thu, 3 Apr 2014 08:19:00 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -97.301
X-Spam-Level:
X-Spam-Status: No, score=-97.301 tagged_above=-999 required=5 tests=[BAYES_50=0.8, HELO_EQ_RU=0.595, HOST_EQ_RU=0.875, STOX_REPLY_TYPE=0.439, T_RP_MATCHES_RCVD=-0.01, USER_IN_WHITELIST=-100] autolearn=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id c8vk2lLztqXq; Thu, 3 Apr 2014 08:18:57 -0700 (PDT)
Received: from fish.elvis.ru (fish.elvis.ru [82.138.51.18]) by ietfa.amsl.com (Postfix) with ESMTP id 8EFEE1A0226; Thu, 3 Apr 2014 08:18:55 -0700 (PDT)
Received: from [10.111.1.40] (helo=robin.office.elvis.ru) by fish.elvis.ru with esmtp (Exim 4.76) (envelope-from <svan@elvis.ru>) id 1WVjPk-0006Hz-2U; Thu, 03 Apr 2014 19:18:48 +0400
Received: from buildpc (10.111.10.31) by robin.office.elvis.ru (10.111.1.40) with Microsoft SMTP Server id 14.1.438.0; Thu, 3 Apr 2014 19:18:48 +0400
Message-ID: <038E8235A7E047809B765B35F995772A@buildpc>
From: Valery Smyslov <svan@elvis.ru>
To: Derek Atkins <derek@ihtfp.com>
References: <sjmzjk2ijfd.fsf@mocana.ihtfp.org> <B90F5487B44E4F5E9B0904B14FE94D90@buildpc> <89fe86e74a6e22a538adcc0cc3db2489.squirrel@mail2.ihtfp.org>
Date: Thu, 03 Apr 2014 19:18:46 +0400
MIME-Version: 1.0
Content-Type: text/plain; format="flowed"; charset="UTF-8"; reply-type="original"
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157
Archived-At: http://mailarchive.ietf.org/arch/msg/secdir/fM0_hDA3FYhiwFHdSEOHSU6csvY
Cc: ipsecme-chairs@tools.ietf.org, iesg@ietf.org, secdir@ietf.org
Subject: Re: [secdir] sec-dir review of draft-ietf-ipsecme-ikev2-fragmentation-06
X-BeenThere: secdir@ietf.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Security Area Directorate <secdir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/secdir>, <mailto:secdir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/secdir/>
List-Post: <mailto:secdir@ietf.org>
List-Help: <mailto:secdir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/secdir>, <mailto:secdir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 03 Apr 2014 15:19:01 -0000
Hi, >> Note, that in this proposal each IKE fragment is individually protected - >> encrypted and authenticated. Forged fragments will be detected >> before they are placed into reassembling queue and thus they >> couldn't exhaust receiver's resources - only fragments from real peer >> will be taken into consideration. And if attacker is capable enough >> to drop an arbitrary IP packet, than there is no protection >> anyway - the connection will fail on attacker's will in any case, >> with or without IKE fragmentation. > > It's only authenticated in the sense that you have to have already had a > full round trip so yes, an attacker can not forge their source IP. But No, it is fully cryptographically authenticated. IKE fragmentation may only take place after shared keys (SK_*) keys are computed. > that doesn't prevent a true DDoS where real hosts (think botnet) all > perform a real IKE_SA_INIT and then use their sessions to build a lot of > held state with "fake" fragments that will never complete. Messages of IKE_SA_INIT cannot be fragmented with this proposal, because SK_* are not yet computed. This is limitation, mentioned in the draft. It is assumed that IKE_SA_INIT messages can be made relatively small to avoid IP fragmentation. > Like I said, it's an improvement because it's not at the kernel IP layer, > and theoretically there are more resources available at the IKE layer. > But it probably should still be mentioned. (Not that IKE without > fragmentation isn't also subject to this kind of DDoS attack). As I've said, IKE_SA_INIT are beyond this proposal (and IKE_SA_RESUME also, if we count in IKE session resumption protocol). But messages of the other exchanges can be fragmented with full cryptographic protection, including authentication of each fragment, and I don't think this attack is possible here (and it was one of the goals to prevent this kind of attack). Regards, Valery. > Thanks, > >> >> Regards, >> Valery Smyslov. > > -derek > > -- > Derek Atkins 617-623-3745 > derek@ihtfp.com www.ihtfp.com > Computer and Internet Security Consultant >
- [secdir] sec-dir review of draft-ietf-ipsecme-ike… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-ipsecme… Valery Smyslov
- Re: [secdir] sec-dir review of draft-ietf-ipsecme… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-ipsecme… Valery Smyslov
- Re: [secdir] sec-dir review of draft-ietf-ipsecme… Derek Atkins
- Re: [secdir] sec-dir review of draft-ietf-ipsecme… Valery Smyslov