[Sidr] Issues with SIDR

"Vishwas Manral" <vishwas.ietf@gmail.com> Thu, 28 February 2008 04:04 UTC

Return-Path: <sidr-bounces@ietf.org>
X-Original-To: ietfarch-sidr-archive@core3.amsl.com
Delivered-To: ietfarch-sidr-archive@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 0EC883A68C8; Wed, 27 Feb 2008 20:04:35 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -0.742
X-Spam-Status: No, score=-0.742 tagged_above=-999 required=5 tests=[AWL=-0.305, BAYES_00=-2.599, FH_RELAY_NODNS=1.451, HELO_MISMATCH_ORG=0.611, RDNS_NONE=0.1]
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id ea7KGLFv-ztd; Wed, 27 Feb 2008 20:04:33 -0800 (PST)
Received: from core3.amsl.com (localhost []) by core3.amsl.com (Postfix) with ESMTP id 86C243A6E78; Wed, 27 Feb 2008 20:04:32 -0800 (PST)
X-Original-To: sidr@core3.amsl.com
Delivered-To: sidr@core3.amsl.com
Received: from localhost (localhost []) by core3.amsl.com (Postfix) with ESMTP id 50DA53A6E5F for <sidr@core3.amsl.com>; Wed, 27 Feb 2008 20:04:31 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
Received: from mail.ietf.org ([]) by localhost (core3.amsl.com []) (amavisd-new, port 10024) with ESMTP id GBOnOp-K68SB for <sidr@core3.amsl.com>; Wed, 27 Feb 2008 20:04:29 -0800 (PST)
Received: from ug-out-1314.google.com (ug-out-1314.google.com []) by core3.amsl.com (Postfix) with ESMTP id 456543A6E6B for <sidr@ietf.org>; Wed, 27 Feb 2008 20:04:29 -0800 (PST)
Received: by ug-out-1314.google.com with SMTP id u2so259101uge.46 for <sidr@ietf.org>; Wed, 27 Feb 2008 20:04:21 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from:to:subject:mime-version:content-type; bh=jTHtWARk74wlSqaqfFsE+NyYnn7NxweLKG0NFDtMsIo=; b=w0Vz+YwTeAfvq3sIY7tQgS0eujZ63jw7O0zBDPVfrbi5oKRAgh13h/+2jd4WQCCo0KWGJ5czTSu4FGTabKBkR+bj6eqVrFRJTfuargalW8mS2R1mpWyx39292KtjZi4/4izfTqVePjAQu3mvFNxzm2lYxxhwO4I5RV0zsPhcxno=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:to:subject:mime-version:content-type; b=nPX5LHKWZF4BdOKoCqZJ9s32QXhqYpyHIx9vB3Gle69wpga/TaZH7Jd9ZAbT9xEZTclWGQAmseFxzOkQ5hpVrZ93Dzdy4/7biPLjy4mWOWIMyb5ekSHZNk60IiJciXZYfrO8j79+PtpsGvT2C6d42aozTUuB1Pg5/2jv5xL1j+0=
Received: by with SMTP id e1mr8567734wab.11.1204171455879; Wed, 27 Feb 2008 20:04:15 -0800 (PST)
Received: by with HTTP; Wed, 27 Feb 2008 20:04:15 -0800 (PST)
Message-ID: <77ead0ec0802272004r776fec76yb80df62b8f7b684b@mail.gmail.com>
Date: Wed, 27 Feb 2008 20:04:15 -0800
From: Vishwas Manral <vishwas.ietf@gmail.com>
To: idr <idr@ietf.org>, sidr <sidr@ietf.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="----=_Part_31239_5771214.1204171455873"
Subject: [Sidr] Issues with SIDR
X-BeenThere: sidr@ietf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Secure Interdomain Routing <sidr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/pipermail/sidr>
List-Post: <mailto:sidr@ietf.org>
List-Help: <mailto:sidr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/sidr>, <mailto:sidr-request@ietf.org?subject=subscribe>
Sender: sidr-bounces@ietf.org
Errors-To: sidr-bounces@ietf.org

Hi folks,

As part of the discussion in OPSEC with Stephen Kent and others, I
looked at the SIDR infrastructure as well as soBGP document.

I found easy ways to just get over all the security
infrastructure(PKI) and still being able to do all the attacks as we
can currently. Please have a look at the discussion below and let me
know your comments.


---------- Forwarded message ----------
From: Vishwas Manral <vishwas.ietf@gmail.com>
Date: Wed, Feb 27, 2008 at 7:13 PM
Subject: Re: [OPSEC] pccw as17557 leak...
To: Stephen Kent <kent@bbn.com>
Cc: Roland Dobbins <rdobbins@cisco.com>, opsec wg mailing list <opsec@ietf.org>

Hi Steve,

 Thanks a lot for the comments. I agree it can be a good first step but
 not sure what the future holds.

 I am not sure if a heavy solution like this is required which only
 gives reasonable security. What about the CPU DoS attacks that can be
 result when new random routes are injected into a domain.

 Thanks again,

 On Wed, Feb 27, 2008 at 7:07 PM, Stephen Kent <kent@bbn.com> wrote:
 > At 5:12 PM -0800 2/27/08, Vishwas Manral wrote:
 >  >Hi folks,
 >  >
 >  >I looked at the SIDR documents in brief. It can probably be used to
 >  >help prevent any attacks caused due to non-malicious intent.
 >  >
 >  >I found easy ways to get over the SIDR security when done with a
 >  >malicious intent. SIDR just tells the mapping between AFI, AF and AS
 >  >number which can originate the same. However the choosing of a route
 >  >by BGP does not depend on these fields alone. So if a malicious router
 >  >changed the attributes attached to an NLRI update so that it becomes
 >  >the chosen AS to the prefix (of course without changing the
 >  >originating AS field). It can still redirect all the traffic to itself
 >  >for the prefix and then do whatever malicious it wants to do,
 >  >including just drop the packet.
 >  >
 >  >In this way still achieving the attack, but this time for sure with
 >  >malicious intent.
 >  >
 >  >Thanks,
 >  >Vishwas
 >  Your example of how an AS can tamper with a route, without changing
 >  the origin AS assertion is correct. I think the SIDR WG participants
 >  understand that.
 >  The work so far i SIDR focuses on establishing an infrastructure that
 >  will enable more comprehensive routing security capabilities in the
 >  future.  Both the soBGP and SBGP proposal need this sort of
 >  infrastructure, so it is viewed as a reasonable initial effort.
 >  I also agree with your observation that the infrastructure makes it
 >  potentially easier to distinguish between some forms of attacks vs.
 >  accidental routing errors, and that, in itself, seems valuable too.
 >  Steve
Sidr mailing list