[T2TRG] FW: New Version Notification for draft-mattsson-t2trg-amplification-attacks-00.txt
John Mattsson <john.mattsson@ericsson.com> Sat, 12 February 2022 05:51 UTC
Return-Path: <john.mattsson@ericsson.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2F9BE3A0033 for <t2trg@ietfa.amsl.com>; Fri, 11 Feb 2022 21:51:52 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.675
X-Spam-Level:
X-Spam-Status: No, score=-2.675 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 9osCWTy7GQMK for <t2trg@ietfa.amsl.com>; Fri, 11 Feb 2022 21:51:46 -0800 (PST)
Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on20625.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1a::625]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 35D9C3A0029 for <t2trg@irtf.org>; Fri, 11 Feb 2022 21:51:46 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=N9IIMj7yiFLIXNXkawVYPc39RcmXTeKFEI+n/Si++r7+Vtjj5y/vshxXW7TcC/m60QRjAyIawLO7sKaN2E5tQGtUyYcSqnWXJx0mrlkcv+4F1buD00lGWwi6bhKLZGv7zF5URGXPlH+60vYv/kBqYKH6P7vmjvo63TIDaDp33+/EnnVJpEwn6UixGf5D1YG023TxZY3s8Nqkdl7W/jjQJnj/ny1Kzku9mbqrLwaTt3ygLktv46SiQ9zIPGTGLgiNKVQgpBN2EGGi2+HnXYdPVOcgUJR7SXQmWoaO/bM82HCpux7bNQ+ZYZCSIkfyVsjfPfiTHAWctO83+GzF+5g+Sw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=OJDyia8fXVCKlb3+wLelQTQjVUz4ICUMbOe7VnohGdQ=; b=JopEa/U5cZmbtG1OPUEzsHT9c5LE8KIQmRPOjWmImSjBfHgY0CrgjUQifdCjNTcG/r/gMiEFyOs9C3AMVwQ8bXEGH6657OrvfFEElV4zXltvWQVqP6WMnvZm1wA5MgHEZDuSHZHr3LDlouKEB98c8/k6OaJRa1Q/DclGI9h7uWQWSiNODEa+3/MGAJK7V18utEEr7AJG0qHhNh85EZvjxCLc4ya3eKai9fAv7oWmD5sOBY8dpLegdAa3dQ9sn8KIPz7eVZ4k0dIEqV/vJorRK0flAun1QO2dABGFRNKWZ8unzyD5EzOrogK7P2ocwA7HS/dLgO8eIq7N46BGf0sejQ==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=ericsson.com; dmarc=pass action=none header.from=ericsson.com; dkim=pass header.d=ericsson.com; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=OJDyia8fXVCKlb3+wLelQTQjVUz4ICUMbOe7VnohGdQ=; b=kgfey/ZBjuii1uJmmOiIIPwV50ys5YGRtV9iRFTCUV1we4gLPddOho3nifiSKY8S9ay3UpUAola8CdgzKFHpJ0LB88CZeZHpoJPNYUippeOfnxRg3XIbfX4JM+zgJ6RSfI+HCu3ZzXnRRlA6M2HDHgBhoIL0g5bNooqsFjUqxbA=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by AM6PR07MB4807.eurprd07.prod.outlook.com (2603:10a6:20b:3d::23) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4995.6; Sat, 12 Feb 2022 05:51:41 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b462:480e:b937:c62c]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b462:480e:b937:c62c%7]) with mapi id 15.20.4975.011; Sat, 12 Feb 2022 05:51:41 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "t2trg@irtf.org" <t2trg@irtf.org>
Thread-Topic: New Version Notification for draft-mattsson-t2trg-amplification-attacks-00.txt
Thread-Index: AQHYH4n3jh4xVHHhFEm6tkSdgCJndqyPYx/x
Date: Sat, 12 Feb 2022 05:51:41 +0000
Message-ID: <HE1PR0701MB305074064F667D1C6824EF5189319@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <164461302769.11378.4006380484656682794@ietfa.amsl.com>
In-Reply-To: <164461302769.11378.4006380484656682794@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: 0aeeef7e-cd3f-4fb2-dbd8-08d9edebbe3b
x-ms-traffictypediagnostic: AM6PR07MB4807:EE_
x-microsoft-antispam-prvs: <AM6PR07MB48070912695495DBDF87DDA389319@AM6PR07MB4807.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:9508;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: y3bBXvR6nWZcAOASA4e8ph6oh80t+08vfowIdhqk1ZIABlteQ16kYkwlfiXAeiDWG7TtjXt9kA4YdO8+pBWtet/I+CD4HC9Pn2oEszlqViU38B+WW4JV0NKTkvUaQT11vSJ8e3l3T/GB6n4Db2duf/r00QLxPJH0cq9pQM37jYZHhyF0SXHCtjPRmXzsEi9xlloqHtRFNVhwXDFcJSs4bM6a6SFiI8q3S02UoOq0mQ/Fo6eYmoo7l8UTj4Xg4GbL1ZBKmD67prjPf7sEeHtYH5MGTvCBMASl29reQn9XtzDVU7PYFwDaTk1r8dzOqSs2ibSUS0iZone8qDzfwDHx2kVMagdvmVPGLyBygeCRky6VZQs49XJZBnXPeYY/3PuM/igVaX1D9FUyAEiKh1elTpJsjBMmSmCKwIZL7QrRRkU9eK80qQiD3oaJeAJ1EG8S61ZGa1+hML9gAxX/AEHeCTGdYfuJw164WMscHJ8JCW4ix4u1OZykYfsEUYRab4ACeUhpeuX4WqHEl4GhUIRTrWp2Q4+z39dd2XAUjQMCiRQ1tf2gXKJ5O3TQsoB/cJFUbwNygyPngVyq63STfi4fRUZIw28VH9rTeSup/lCUQLZPgF+PBisUts7/OdtsaQRzDHxLuICbKewxGJI9I9AvQZTALwPnowosesMHK6vIeo74N392I+nISxc7pVl/aUwcqLNihoewXud4F1/aTbFSVRSuQh23mxNie6cLA85PEgbuYDPqx5UZ00lRQUkRM9Q/de7IHxQvtxKE0Pk9QGrHseuOUHHoMnDApZaO2SbGRe5OmE492GynAJwv1PslztQF
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(316002)(966005)(6916009)(8676002)(6506007)(2906002)(9686003)(44832011)(53546011)(15650500001)(7696005)(26005)(83380400001)(66476007)(66556008)(66946007)(91956017)(76116006)(64756008)(66446008)(508600001)(186003)(71200400001)(122000001)(33656002)(86362001)(38100700002)(66574015)(38070700005)(8936002)(166002)(52536014)(21615005)(5660300002)(55016003)(82960400001); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: /yhLJW6gIBgnPDzNaJy9S35ZsadIMd96umgAoI6hEV3rM8Bv7PBfv6Oxzgpr/XnfM96PyllvgQdhIrwByNKiBf+PQt7ORGV4u1Qp4+v9790KsVYB/I2KHb3DJtR3cdXZ92vOUvI59BregPemTCeC7bZaGV8npUT40hWn9Q8uT1btG12HqX8DQAEPGOrbcRcLaktxlrYyehiL3wl7HP4UQC2ZjU7G+YghG+3qivhZPiM82i6n6hls53gJHkHGq4tf4rPmTckxU+mdAeI3M8hNISwzQyDIobOU37zXWF2GlVFkSWPuqMxkPrIIuyTrDzIDNuq7Ts4MH+xFGKB6yQJxADhbc7rEvAKV48JBH2uHU++54PR0rfI2TrWVK43UUAhn9ylL6chQNGamN9U5LU3TYnUT6YirT1f6bhZZ8lmi3TIHmVz2nQu4eRIcW/JcUO3TKGUplqEACejzoBLKQjNPIpYjzZ+a7ckHNbahoJXa1MFrR7O+aK7E+6537ytJQSiwGZfF9L35NFDnKQbMKwTM0JzGU4Akdl5npr1f1GFHzy0//6SURvAcppjzUMyYrOpf+k/Ym2kqSGuyAaPYMHlAXXr+wVsrbc12+iZyebzrU+7WJDYfcHaBKPI8RfCmCwTMFceoOvS+jCbTN48WsrXwHzxuZ7d/24SkhPGhUvFlz8giyivFYuxvpynsikL3qDVh8VnjAdEe2EAX1JUZBm5mNd7WvlnfyfE9fjPdxJ8egls4dG8zr/48K+7nbkKz6lAAKA++0z6lj+GRCyF3mtsAI0K1L+yIomi+Hn9ZcjkuOQNDjAd73hfb0nC07yIoML1D4p1taA/sv05E4zdSF1Ik5qTbEmUk6JrIlw1slpAiqs7ma8j+WIFlE+hMbvwrFvmpwFSYuJOl7dMPTWLwvYqFxgW2aoWUBB8lY7g+N8Quy8Jo3Q8QmAg8nk/8TiU7wK+nhrESxeKOBkhb3WkXbevQfkcoQKCqAiI9DGp7TC7LHjEirPMBS4I4AkCINeKUhXCSeCK5K7Cm44NGAS1qjA6y4v15/1pCQ66PTmQMmrt6Et9VpzUDBKckylLO2ANwzDufv6K+Mj34yiKRrnGXtn06WmJBg+ufcnPEKogyraxeJQ9bCGSAZVhjes+jst13zkVSGZeVgnr0qs28EYUSgWqPofU7HZ662m68MkvR0tz9o7LV/ubU+NHTMzHGvC1W5LJ4A1FTgGqxj6XykwAgp5ohU/DkeKhLk9SwlU55qgY4rjp6/95c4PUEk86L0R2RSTVTsUBPSQKZKtaS5gIhHbkRtpSFe+sLNysw3xjbJZ3VbzqHfhpn5Gv+X+xsmSHyKNBtTDcoqrCUaQwsWo0rTFGuBrxW37O/2l0OFCZl5xZ2Q8eWLPCPjODQ0C1U3sJm9sibC34xWIpyCq/cQpr4v5SPgmR39p+N7WTG2w9T8MnDtEf4M3rIZw/hzugTwpy+H6qNaQnRfxOjJ5gMrKIu5btvub6KrJcLOMupkSdnPe+erSONqOHerjwHPJBcVnZ/8wO5GDiPvLHEkPYkH//RryGh+fW5+NUXcTJqqcArd3qF38EsFDj2lrxKCnxKxqUWnlTQ74AH90uz1rkLfAAaRd30HScx7vQX7g3sTIL6Gv3O6CSs02nualQKf9XHDup8DermAAv3VFbzWzx42tDmuk3GJURIUvOf6CH3mmSA1bpE7mU=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB305074064F667D1C6824EF5189319HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: 0aeeef7e-cd3f-4fb2-dbd8-08d9edebbe3b
X-MS-Exchange-CrossTenant-originalarrivaltime: 12 Feb 2022 05:51:41.2920 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: e3WglrTCsZV3cIPEeg2LKdjQxfOp6SwTd8DQgnnHMqlFoOhFWvpTYF+fJBcqypzMP3WE5jRf4HEuKZ/6xU6w3+E5Qt8dgKxrvO2puKuH7e8=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB4807
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/CAj78H-2XSS3cXJ3BFq6xXH8kOk>
Subject: [T2TRG] FW: New Version Notification for draft-mattsson-t2trg-amplification-attacks-00.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Sat, 12 Feb 2022 05:51:52 -0000
Hi, This -00 draft contains the amplification sections that used to be part of https://datatracker.ietf.org/doc/draft-mattsson-core-coap-attacks/ Updates since draft-mattsson-core-coap-attacks-02 * Rewritten abstract and intro to match the current scope * New references and a new paragraph summarizing real-world CoAP amplification attacks. Achim pointed out that some of the references (popular media) had confusing details that was likely wrong. * Removed “remedy” and all use of the word “soft” after comments from Carsten * New section on MITM attacks and address validation. I think it is great that T2TRG is planning to look at denial-of-service attacks as part of the SECCORE activity. Denial-of-service attacks are a HUGE practical problem. The draft is limited to amplification attacks and all the examples are CoAP. T2TRG should likely look at other kinds of DoS attacks as well (compromised nodes, protocol attacks like TCP SYN Flood, etc.) as well as other protocols then CoAP. Cheers, John From: internet-drafts@ietf.org <internet-drafts@ietf.org> Date: Friday, 11 February 2022 at 21:57 To: Christian Amsüss <c.amsuess@energyharvesting.at>, Göran Selander <goran.selander@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, Christian Amsuess <c.amsuess@energyharvesting.at>, Göran Selander <goran.selander@ericsson.com>, John Mattsson <john.mattsson@ericsson.com> Subject: New Version Notification for draft-mattsson-t2trg-amplification-attacks-00.txt A new version of I-D, draft-mattsson-t2trg-amplification-attacks-00.txt has been successfully submitted by John Preuß Mattsson and posted to the IETF repository. Name: draft-mattsson-t2trg-amplification-attacks Revision: 00 Title: Amplification Attacks Using the Constrained Application Protocol (CoAP) Document date: 2022-02-11 Group: Individual Submission Pages: 14 URL: https://www.ietf.org/archive/id/draft-mattsson-t2trg-amplification-attacks-00.txt Status: https://datatracker.ietf.org/doc/draft-mattsson-t2trg-amplification-attacks/ Html: https://www.ietf.org/archive/id/draft-mattsson-t2trg-amplification-attacks-00.html Htmlized: https://datatracker.ietf.org/doc/html/draft-mattsson-t2trg-amplification-attacks Abstract: Protecting Internet of Things (IoT) devices against attacks is not enough. IoT deployments need to make sure that they are not used for Distributed Denial-of-Service (DDoS) attacks. DDoS attacks are typically done with compromised devices or with amplification attacks using a spoofed source address. This document gives examples of different theoretical amplification attacks using the Constrained Application Protocol (CoAP). The goal with this document is to raise awareness and to motivate generic and protocol-specific recommendations on the usage of CoAP. Some of the discussed attacks can be mitigated by not using NoSec or by using the Echo option. The IETF Secretariat
- [T2TRG] FW: New Version Notification for draft-ma… John Mattsson