Re: [stir] DKIM-like key mgmt approach - MITM
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 12 June 2013 17:13 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: stir@ietfa.amsl.com
Delivered-To: stir@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5E6E721E808C for <stir@ietfa.amsl.com>; Wed, 12 Jun 2013 10:13:48 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -102.517
X-Spam-Level:
X-Spam-Status: No, score=-102.517 tagged_above=-999 required=5 tests=[AWL=0.082, BAYES_00=-2.599, USER_IN_WHITELIST=-100]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3vqiDSJpXzDW for <stir@ietfa.amsl.com>; Wed, 12 Jun 2013 10:13:44 -0700 (PDT)
Received: from mercury.scss.tcd.ie (mercury.scss.tcd.ie [134.226.56.6]) by ietfa.amsl.com (Postfix) with ESMTP id D958621E805E for <stir@ietf.org>; Wed, 12 Jun 2013 10:13:43 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by mercury.scss.tcd.ie (Postfix) with ESMTP id F19ACBEAA; Wed, 12 Jun 2013 18:13:21 +0100 (IST)
Received: from mercury.scss.tcd.ie ([127.0.0.1]) by localhost (mercury.scss.tcd.ie [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iN0oKFkFUx2f; Wed, 12 Jun 2013 18:13:21 +0100 (IST)
Received: from [IPv6:2001:770:10:203:24c6:3ab1:3e3d:b83f] (unknown [IPv6:2001:770:10:203:24c6:3ab1:3e3d:b83f]) by mercury.scss.tcd.ie (Postfix) with ESMTPSA id CE7F3BEA4; Wed, 12 Jun 2013 18:13:21 +0100 (IST)
Message-ID: <51B8AC31.3030608@cs.tcd.ie>
Date: Wed, 12 Jun 2013 18:13:21 +0100
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130510 Thunderbird/17.0.6
MIME-Version: 1.0
To: Hadriel Kaplan <hadriel.kaplan@oracle.com>
References: <9CC39DA7-8610-4284-B51E-5FA7E2A59C0F@neustar.biz> <51B225E9.8050206@bbiw.net> <200A4AFC-8397-4AF8-806B-4B5FC2CB6313@neustar.biz> <51B2283A.6070207@bbiw.net> <025FF36A-457A-4106-936C-7BDFC5ECA167@neustar.biz> <51B22C29.8010502@dcrocker.net> <A2C525DE-C215-41ED-B260-654B3E11C3DD@neustar.biz> <51B231CE.7010908@dcrocker.net> <51B63552.3020607@cs.tcd.ie> <07DEB0E9-FB4B-4582-AE62-3673E52B6313@neustar.biz> <51B63E06.9040705@dcrocker.net> <9E8E21BE-2AD8-4239-8547-5BE543982CBD@neustar.biz> <00C069FD01E0324C9FFCADF539701DB3A03DB413@ex2k10mb2.corp.yaanatech.com> <208038CE-DD6B-4670-92CC-D91CFD770C52@cs.columbia.edu> <51B84A0D.1000702@cs.tcd.ie> <3B763E54-DE72-4855-A6AB-18E9A4DAC54F@oracle.com>
In-Reply-To: <3B763E54-DE72-4855-A6AB-18E9A4DAC54F@oracle.com>
X-Enigmail-Version: 1.5.1
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
Cc: stir@ietf.org, Michael Hammer <michael.hammer@yaanatech.com>, Henning Schulzrinne <hgs@cs.columbia.edu>
Subject: Re: [stir] DKIM-like key mgmt approach - MITM
X-BeenThere: stir@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Secure Telephone Identity Revisited <stir.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/stir>, <mailto:stir-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/stir>
List-Post: <mailto:stir@ietf.org>
List-Help: <mailto:stir-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/stir>, <mailto:stir-request@ietf.org?subject=subscribe>
X-List-Received-Date: Wed, 12 Jun 2013 17:13:48 -0000
On 06/12/2013 05:56 PM, Hadriel Kaplan wrote: > > On Jun 12, 2013, at 6:14 AM, Stephen Farrell <stephen.farrell@cs.tcd.ie> wrote: > >> One concern I have though is whether or not it'd be ok to leave >> open potential spoof calls launched from e.g. a zombied home router >> to a callee on the home network. If the final model had exactly >> the same security properties as DKIM, then that would be an issue. >> If the final model were based on Brian's 5280-based ideas that >> threat would probably not be an issue. Or there may be ways to >> look up a signer public key over a TLS channel that'd work too. > > I understand what a "zombied home router" is and what a "callee on the home network" is, but I don't understand the case you're talking about. Can you describe the scenario for how the attack would work/behave? I guess bad-guy hacks my home router, then initiates a call from or via there to me in my living room making it look like the call comes from my bank. If the key management was precisely the same as DKIM's then he'd be able to feed me a public key to make it look like his signature is ok for the bank's telephone number since I use my home router for DNS as well. (Assuming my UA doesn't insist on DNSSEC.) > One type of attack that we might have to worry about, that might be called a MITM attack because the attacker becomes a type of MITM during the attack: a malicious callee receiving a call and using the received signature to initiate an outbound call during the short time the signature is valid, spoofing the original caller. > > This is described in: > http://tools.ietf.org/html/draft-kaplan-sip-baiting-attack-00 Don't have time to read that right now, will look later. S > > Basically it boils down to us needing to distinguish legitimate call-forwarding from malicious call-forwarding. Unfortunately none of the possible solutions for it are very palatable, imho. > > -hadriel > > _______________________________________________ > stir mailing list > stir@ietf.org > https://www.ietf.org/mailman/listinfo/stir > >
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- [stir] Can canonical phone numbers survive SBCs a… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Bernard Aboba
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Bernard Aboba
- Re: [stir] Can canonical phone numbers survive SB… Stephen Farrell
- Re: [stir] Can canonical phone numbers survive SB… Richard Barnes
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Stephen Farrell
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Michael Hammer
- Re: [stir] Can canonical phone numbers survive SB… Brian Rosen
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dwight, Timothy M (Tim)
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… philippe.fouquart
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dwight, Timothy M (Tim)
- Re: [stir] Can canonical phone numbers survive SB… Richard Barnes
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Dan York
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Richard Shockey
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Henning Schulzrinne
- [stir] DKIM-like key mgmt approach (was: Re: Can … Stephen Farrell
- [stir] selector naming (was - Re: DKIM-like key m… Dave Crocker
- Re: [stir] DKIM-like key mgmt approach (was: Re: … Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Paul Kyzivat
- Re: [stir] DKIM-like key mgmt approach Paul Kyzivat
- Re: [stir] DKIM-like key mgmt approach Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- [stir] Alternative wording for "legitimate spoofi… Dan York
- Re: [stir] selector naming (was - Re: DKIM-like k… Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Dan York
- [stir] Feeble diagram (was - Re: DKIM-like key mg… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach (was: Re: … Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Dave Crocker
- Re: [stir] Can canonical phone numbers survive SB… Dan York
- Re: [stir] Can canonical phone numbers survive SB… Dave Crocker
- Re: [stir] DKIM-like key mgmt approach (was: Re: … Richard Shockey
- [stir] clarity (was: Re: DKIM-like key mgmt appro… Stephen Farrell
- Re: [stir] clarity (was: Re: DKIM-like key mgmt a… Hadriel Kaplan
- Re: [stir] Can canonical phone numbers survive SB… Olle E. Johansson
- Re: [stir] DKIM-like key mgmt approach Michael Hammer
- Re: [stir] Can canonical phone numbers survive SB… Hutton, Andrew
- Re: [stir] Can canonical phone numbers survive SB… Hutton, Andrew
- Re: [stir] clarity Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] Alternative wording for "legitimate sp… Henning Schulzrinne
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] Can canonical phone numbers survive SB… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Dave Crocker
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] Can canonical phone numbers survive SB… Hutton, Andrew
- Re: [stir] Feeble diagram (was - Re: DKIM-like ke… Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] clarity (was: Re: DKIM-like key mgmt a… Richard Shockey
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Dave Crocker
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Henning Schulzrinne
- Re: [stir] DKIM-like key mgmt approach Henning Schulzrinne
- Re: [stir] DKIM-like key mgmt approach Dave Crocker
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Brian Rosen
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Rosen, Brian
- Re: [stir] DKIM-like key mgmt approach Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach - MITM Henning Schulzrinne
- Re: [stir] DKIM-like key mgmt approach - MITM Wilhelm Wimmreuter
- Re: [stir] DKIM-like key mgmt approach - MITM Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach PFAUTZ, PENN L
- Re: [stir] DKIM-like key mgmt approach - MITM Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach - MITM Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach - MITM Hadriel Kaplan
- Re: [stir] DKIM-like key mgmt approach Paul Kyzivat
- Re: [stir] DKIM-like key mgmt approach Peterson, Jon
- Re: [stir] DKIM-like key mgmt approach Stephen Farrell
- Re: [stir] DKIM-like key mgmt approach Richard Shockey