[T2TRG] FW: New Version Notification for draft-mattsson-core-coap-attacks-03.txt

John Mattsson <john.mattsson@ericsson.com> Fri, 04 February 2022 14:57 UTC

Return-Path: <john.mattsson@ericsson.com>
X-Original-To: t2trg@ietfa.amsl.com
Delivered-To: t2trg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 5C9853A15A2 for <t2trg@ietfa.amsl.com>; Fri, 4 Feb 2022 06:57:32 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.674
X-Spam-Level:
X-Spam-Status: No, score=-2.674 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_HIGH=-0.576, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_BLOCKED=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=ericsson.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A8mNICjQDLMT for <t2trg@ietfa.amsl.com>; Fri, 4 Feb 2022 06:57:27 -0800 (PST)
Received: from EUR04-HE1-obe.outbound.protection.outlook.com (mail-he1eur04on060c.outbound.protection.outlook.com [IPv6:2a01:111:f400:fe0d::60c]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 613443A1585 for <t2trg@irtf.org>; Fri, 4 Feb 2022 06:57:27 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=EJQ4DEwGYnVqsKfIR4m7px5kxAJruqC+K5gY6ewAh4//EdkuqbiyMWov6wFSL/a4J6/DFzRWVjFtdPgizn+aZ3LK3aki3cHaPOUMENNDAr769y5d1SQ95D3fzbX9DsKlC7gcX6kWmMw0kMEIaFEqyWGb6bVcu400L+fS4vA7tevU/J36oRXew/K+DbB0XJMv2jdYzsxn+zgWCwFF3M7MMXs4tMS7rfXINiQzBfwnHQAbQkviZU/2V9B3IQF9be26iE5SOLhiJ2srvjo7v0VCCVATx0grXmOQPA7iD0YWGWuEW6kyik+psGVEghtXDJge0CCtV3VgwlxVQpl5rkEamQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=3jqQFmr+N6FWdlr5t2nu4bfvrvFuAMpNXpoD2L3K4y8=; b=PkGlQDPDbcVFTqXvTcFywV74d+OeVYly+0Ky9yWKWBIKMqfCsCXLjinHF5GUEwI7s8hav11ydLg4xYRH16DD9tSVj6HM85mQfn6qzHV6bun5SCMtmHv5AAnFRpm3iqwXKJtJIS+/T3aru+wp/RXEtTNgeolDYxDXwoT3/xRgUi1XZ4VYKYOJQf2V+eqZ88z8GbLItJdVGD4FMp+IZS6dTpjZli6MHIJRJlZqmrZPr3M4DnWI+Nqj28GlKdJFN73E+O5DDHjAO1mPHEINkXQ2QmbVJuHj8c/PNgG0yTNSUw/AAcrWhfk0xAzipQ5cXcz8Z5VbHN8Qkx8rpsQ6tj99ZA==
ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=ericsson.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=3jqQFmr+N6FWdlr5t2nu4bfvrvFuAMpNXpoD2L3K4y8=; b=AEz5/Clgk6SiyonZuwLVx0pZMyG9CdnJ3QqmexOtNqtmfRJwVTB4btLb2OBbAbL/gU+4QeGhBP6oE03JiNdPiftEYRrGZVneZUOMW6edmu/2BvinFnRV4A5C1siHqylrHMnintj0+zKxg/9Al4GW39rRVtmit5/nYQX/G8rKoAU=
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com (2603:10a6:3:4b::8) by AM6PR07MB5976.eurprd07.prod.outlook.com (2603:10a6:20b:95::14) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.4951.11; Fri, 4 Feb 2022 14:57:21 +0000
Received: from HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b462:480e:b937:c62c]) by HE1PR0701MB3050.eurprd07.prod.outlook.com ([fe80::b462:480e:b937:c62c%7]) with mapi id 15.20.4951.014; Fri, 4 Feb 2022 14:57:20 +0000
From: John Mattsson <john.mattsson@ericsson.com>
To: "core@ietf.org" <core@ietf.org>, "t2trg@irtf.org" <t2trg@irtf.org>
Thread-Topic: New Version Notification for draft-mattsson-core-coap-attacks-03.txt
Thread-Index: AQHYGdZ0OaKH4cWPbUaWA1d8QDaoZqyDet2M
Date: Fri, 04 Feb 2022 14:57:20 +0000
Message-ID: <HE1PR0701MB3050F68CD5C73FF76170335F89299@HE1PR0701MB3050.eurprd07.prod.outlook.com>
References: <164398617596.31288.8774123387724574069@ietfa.amsl.com>
In-Reply-To: <164398617596.31288.8774123387724574069@ietfa.amsl.com>
Accept-Language: en-US
Content-Language: en-GB
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=ericsson.com;
x-ms-publictraffictype: Email
x-ms-office365-filtering-correlation-id: d2e21852-eb0d-49d8-00fe-08d9e7eea531
x-ms-traffictypediagnostic: AM6PR07MB5976:EE_
x-microsoft-antispam-prvs: <AM6PR07MB5976400A135E71D873E1F52189299@AM6PR07MB5976.eurprd07.prod.outlook.com>
x-ms-oob-tlc-oobclassifiers: OLM:10000;
x-ms-exchange-senderadcheck: 1
x-ms-exchange-antispam-relay: 0
x-microsoft-antispam: BCL:0;
x-microsoft-antispam-message-info: J4X5/hWFq4Goca/AnnEdjl5+cx/pRqUHvBDYx8D8eVZidE0hEqaFX1Sn1NYtmbPotRrDkX6Z0oqHKOoebej5Ykv9BNeeop4cMJA8i6sWpV7kFCJz8vcchvY/TjKIjVCg7MLS/xdWp3UoNoWVRQ1K9nxYX+s79rw7wTm48CVCTAffSIXcC9rgAngT/e7/U8Z6EPvgOe10TbS+BTQV9Z2awa5SJzpgU2tvGQqDP1wmTBLC6wO0cEByJB8+vIfG3TVTn1c+rMrVBMiwY41D9f9sh7QCgAd9aofXTzbj94c/TRB7sPtLvrRWvtje/1gIgytU+8TR1hbnWEqySSk3uTvyafhZAaRLH48MQFBDg7P+JB8P2t5xjTP4ZG2Z+uZaqpNjw0a7ZxdPfRUQ7QI4pcGJNmQhWhY5evfFIY9gE1bKtqaqAEPmjgW0T6tz7f1t59y+Gf82aikVMGQZJuae036oT3Jv1O93gdQS7Og+O7lMgSuBIaEw5zCnbfxxKXJjqOj1Hc3M1MaifHjU74VVDjYAKS/9/nCr80GnE5ZSSBlQHJvuhsHh+WPKQtXo+nVgTVM3cK86vxbTgdfNW1KVxszluLE8Wd/W3ZYzrFHtcCkUkx3+eEd9YWuMAYt7zUC0yQ46MHApr9AhfdqmLAzuXHXiM4AUygxdFumHIAz7xDyAA6XiftuGDVp+Zq+9L+n/4kq/vYIn8KMTD3FcB3zX/fNWj14+dLhKDtyimzg+Y0A0stXPTOH6J3vr8m7dnkiU7oU+5C81gO9XQzqULMvMG/47hl5WiZP2XaLPj0cHCPiJ/x7h9dipFOqo57RcfBcV5yqPK5zAuw+mLj+in9KjKtqjziOe+p4MJERHfrytwhZp+QbswMySyH+N7Bi681igAU8g
x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:HE1PR0701MB3050.eurprd07.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(508600001)(966005)(66574015)(316002)(110136005)(33656002)(71200400001)(21615005)(38100700002)(38070700005)(122000001)(44832011)(186003)(5660300002)(66556008)(82960400001)(7696005)(66476007)(26005)(166002)(52536014)(8936002)(15650500001)(55016003)(66446008)(83380400001)(53546011)(6506007)(91956017)(66946007)(86362001)(8676002)(2906002)(9686003)(76116006)(64756008); DIR:OUT; SFP:1101;
x-ms-exchange-antispam-messagedata-chunkcount: 1
x-ms-exchange-antispam-messagedata-0: qwi577+GrvtgcTgyhqqdowgm8NYGBlF6Y9ZxW7Iq53mGdD40OrZdP2NJ10OS8AitXivDF5VElWwOT7yIVgI24VWqjedEnXu3HrUdjd8iTVJfg+qZyW19hBbK7L5k7vpccX/FMyePYXTgH+FW1icrgiS9dYvgyu5iFbkxgnzyaZUnCqAoH2YXq560QfRECfBqbiWgqA17W0GaGPU4tas0zi9psgw7w4+dXmZATJ7kUn0XZAmQ4OjqHz1r7VWjUi0TiZOeIcTO0feE8mbNAiRL8jTLeP7DdWxN5f+spVLleOllXg9Sz86ycbN/er+utA5kqyhu9EdW1cGnrkCxBL2kF2ow14V1bXCiy7TNguZBCE5Hr0d6L3mAh/Qwl74g/0Q80A3FH2uyB25a2CVHxOQNZYWeg8xy63GoD69ueWHt57t/FTddiRJn+cf0v7hoXyFXghYzIuJx4OSKQg5MawrASakzre8triabwcCjdGXO5SINe4ZCj4i/Xs/IAnlmFq3cL/as3bSh3ubZFd4Xy6VJcbJ1oWgKjjZtrFGXeqRYB7c/e8x2gWlHTDdEZ9jbx4/iUtpt9F6XW/sKvgF6UTjgZJtiBc9F0fT/u53t7wV7jkr/0N+MnNYttvQk87kPeAU/JjP5xpNGRlcsbKasHyGGRqpWOCMOSxGHwGgx2Uz22uvERJSPQFG47jank57hUSLEFVOH7vY1NMsyMTgDBEUGPGsIbbPHkGSSme95hVpO4myi3gJ1b0xAePWToof0TASv1r71ky3zE+pcn9Jnf2d9znZBDBt82MHhk/QxEPK8ZuZF+rW8f/Q+dqqGRLMsaaSp9AZG/9r2XMxs9iHc5uyYMYoMctTLuQIFT8Q+K/BpHpV/zGWth0y5iI+w4c6jur0FeJEH+TSbrF3t2NgqXWNF9zUh/LqUXNSLUOI489Xb1LKiLv/iQ6kV/dVh+Ffj92XrehGNN0SrmtAhMostLo0/rFBSSwG7s0nMDiBhtyDgFpAsqT9jVCS24DIbWbKGxbKYow9KInjMt2ng0MbjyNFDY8t4tjs51awoB35+MjmESa4s8fFQ/sa898WLTC/0OvLq7Wq4obXbJ7iqUOgoTwxD+y5M33RCiLePZgGdcO0zTst9ORDyRrbWNQWTEsQgBW/juNjUUsmqUH9PLr+pbjdruT7PkiO3CviABcb+8/glv4K6gwO5mUSFHXXA4CfRQCgwRyT/aTscqViaEsD5MMh3y6NUf9cNYfMUgrTOr+LNcpLvcCjUKQCLzaK0Af2pt8zMbT4yRrE8Xvxt+J+vTxBmS0yhmTxRwDQYhNmRzRoSVEebtI4jn86QElnT3HhIQjBOuNfRYH5k75CjWFSXeJZvLG0ZrIvugZx1hYxm+AifgnW1fVEcTip8kAqJ49cpcSt8CjBUFhBG4dYbVWE/yVMaq+uootmMB2UqyksHgHt6s44/KLM5as4LNUnbMcRn9K3BgGnx7KU0h5S0TU5eoqwpxaOWAd6k7g672xhhVWEO+GPaWCK0NjzAgnZSGfA3H0YCsmqPwdMwoHZt/ad6JRHYEV1Ak/S5SghVVsw75ScGJW7aI8o6UZEDVuhAu4wJ5C68OyfoHhiV6sgShc5mkeo6VW3JCkyUC0hGwKAv01CLWPBnuxfjD2tGEjBOsiUZLvn0CEZFrJkXJ/7ZiyN+UYsdOEdK69KBXMA02aARLfyeBus=
Content-Type: multipart/alternative; boundary="_000_HE1PR0701MB3050F68CD5C73FF76170335F89299HE1PR0701MB3050_"
MIME-Version: 1.0
X-OriginatorOrg: ericsson.com
X-MS-Exchange-CrossTenant-AuthAs: Internal
X-MS-Exchange-CrossTenant-AuthSource: HE1PR0701MB3050.eurprd07.prod.outlook.com
X-MS-Exchange-CrossTenant-Network-Message-Id: d2e21852-eb0d-49d8-00fe-08d9e7eea531
X-MS-Exchange-CrossTenant-originalarrivaltime: 04 Feb 2022 14:57:20.7914 (UTC)
X-MS-Exchange-CrossTenant-fromentityheader: Hosted
X-MS-Exchange-CrossTenant-id: 92e84ceb-fbfd-47ab-be52-080c6b87953f
X-MS-Exchange-CrossTenant-mailboxtype: HOSTED
X-MS-Exchange-CrossTenant-userprincipalname: oQMXPtR5c5urOVb9stjw7weyVsIzr3VbPSlgGeVytYcz2Xv0tZbbQpRR0v+5QXwRWqcIHp73ax7eDf/Q3pdXO3YT4tvtlUu5j5k/OWAeUiQ=
X-MS-Exchange-Transport-CrossTenantHeadersStamped: AM6PR07MB5976
Archived-At: <https://mailarchive.ietf.org/arch/msg/t2trg/yCae7dbri9YY7uP6rST2ryQLtUs>
Subject: [T2TRG] FW: New Version Notification for draft-mattsson-core-coap-attacks-03.txt
X-BeenThere: t2trg@irtf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: IRTF Thing-to-Thing Research Group <t2trg.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/t2trg>, <mailto:t2trg-request@irtf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/t2trg/>
List-Post: <mailto:t2trg@irtf.org>
List-Help: <mailto:t2trg-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/t2trg>, <mailto:t2trg-request@irtf.org?subject=subscribe>
X-List-Received-Date: Fri, 04 Feb 2022 14:57:32 -0000

Hi,

As discussed during the CORE interim, the part about amplification attacks have been removed from this document. The amplification attacks will soon be submitted to T2TRG as a new draft. I think it is great if T2TRG starts working on (D)DoS attacks as part of the suggested SECCORE activity. Two big enablers for DDoS are devices that are easy to hack and protocols/implementations with large amplification factors. A T2TRG activity would help to raise awareness, increase understanding, and hopefully suggest mitigations suitable for constrained devices and networks.

Changes in -03
  - The section on amplification attacks has been removed.
  - Merged a PR from Carsten with Nits
  - Merged a PR from Christian with a new section (2.4.3) describing the attack difficulty of the fragment rearrangement attack. This PR was based on an issue opened by Achim.

Cheers,
John

From: internet-drafts@ietf.org <internet-drafts@ietf.org>
Date: Friday, 4 February 2022 at 15:49
To: Christian Amsüss <c.amsuess@energyharvesting.at>, Göran Selander <goran.selander@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>, Christian Amsuess <c.amsuess@energyharvesting.at>, Francesca Palombini <francesca.palombini@ericsson.com>, Göran Selander <goran.selander@ericsson.com>, John Fornehed <john.fornehed@ericsson.com>, John Mattsson <john.mattsson@ericsson.com>
Subject: New Version Notification for draft-mattsson-core-coap-attacks-03.txt

A new version of I-D, draft-mattsson-core-coap-attacks-03.txt
has been successfully submitted by John Preuß Mattsson and posted to the
IETF repository.

Name:           draft-mattsson-core-coap-attacks
Revision:       03
Title:          Attacks on the Constrained Application Protocol (CoAP)
Document date:  2022-02-04
Group:          Individual Submission
Pages:          20
URL:            https://www.ietf.org/archive/id/draft-mattsson-core-coap-attacks-03.txt
Status:         https://datatracker.ietf.org/doc/draft-mattsson-core-coap-attacks/
Html:           https://www.ietf.org/archive/id/draft-mattsson-core-coap-attacks-03.html
Htmlized:       https://datatracker.ietf.org/doc/html/draft-mattsson-core-coap-attacks
Diff:           https://www.ietf.org/rfcdiff?url2=draft-mattsson-core-coap-attacks-03

Abstract:
   Being able to securely read information from sensors, to securely
   control actuators, and to not enable distributed denial-of-service
   attacks are essential in a world of connected and networking things
   interacting with the physical world.  This document summarizes a
   number of known attacks on CoAP and show that just using CoAP with a
   security protocol like DTLS, TLS, or OSCORE is not enough for secure
   operation.  Several of the discussed attacks can be mitigated with
   the solutions in draft-ietf-core-echo-request-tag.




The IETF Secretariat