IETF Logo Mail Archive

Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-dplpmtud-02.txt

Gorry Fairhurst <gorry@erg.abdn.ac.uk> Mon, 13 December 2021 10:38 UTC

Return-Path: <gorry@erg.abdn.ac.uk>
X-Original-To: tsvwg@ietfa.amsl.com
Delivered-To: tsvwg@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 826E53A067A for <tsvwg@ietfa.amsl.com>; Mon, 13 Dec 2021 02:38:40 -0800 (PST)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -3.751
X-Spam-Level:
X-Spam-Status: No, score=-3.751 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-1.852, SPF_HELO_NONE=0.001, SPF_PASS=-0.001, URIBL_BLOCKED=0.001] autolearn=ham autolearn_force=no
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id A_KAC5u07vcD for <tsvwg@ietfa.amsl.com>; Mon, 13 Dec 2021 02:38:35 -0800 (PST)
Received: from pegasus.erg.abdn.ac.uk (pegasus.erg.abdn.ac.uk [137.50.19.135]) by ietfa.amsl.com (Postfix) with ESMTP id B0D713A0651 for <tsvwg@ietf.org>; Mon, 13 Dec 2021 02:38:34 -0800 (PST)
Received: from [192.168.1.64] (fgrpf.plus.com [212.159.18.54]) by pegasus.erg.abdn.ac.uk (Postfix) with ESMTPSA id 18CAF1B002B3; Mon, 13 Dec 2021 10:37:53 +0000 (GMT)
Message-ID: <27f3b079-f470-9f37-5d31-8428bf72b0c9@erg.abdn.ac.uk>
Date: Mon, 13 Dec 2021 10:37:52 +0000
MIME-Version: 1.0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.13; rv:91.0) Gecko/20100101 Thunderbird/91.4.0
To: mohamed.boucadair@orange.com
Cc: "tsvwg@ietf.org" <tsvwg@ietf.org>
References: <163785494316.17506.9044882518269944059@ietfa.amsl.com> <24268_1638965971_61B0A2D3_24268_138_1_787AE7BB302AE849A7480A190F8B933035460D95@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <250f239f-edeb-eaab-d67f-92c672d78a77@erg.abdn.ac.uk> <22260_1639058448_61B20C10_22260_249_1_787AE7BB302AE849A7480A190F8B933035461A08@OPEXCAUBMA2.corporate.adroot.infra.ftgroup> <bbc7a30d-1bff-9c91-9694-7440f840d8fc@erg.abdn.ac.uk> <16146_1639063425_61B21F81_16146_169_1_787AE7BB302AE849A7480A190F8B933035461B80@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
From: Gorry Fairhurst <gorry@erg.abdn.ac.uk>
In-Reply-To: <16146_1639063425_61B21F81_16146_169_1_787AE7BB302AE849A7480A190F8B933035461B80@OPEXCAUBMA2.corporate.adroot.infra.ftgroup>
Content-Type: text/plain; charset="UTF-8"; format="flowed"
Content-Transfer-Encoding: 8bit
Archived-At: <https://mailarchive.ietf.org/arch/msg/tsvwg/vsdBlChNu0YSedQ5BKa6CU6mHB8>
Subject: Re: [tsvwg] I-D Action: draft-ietf-tsvwg-udp-options-dplpmtud-02.txt
X-BeenThere: tsvwg@ietf.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Transport Area Working Group <tsvwg.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/tsvwg/>
List-Post: <mailto:tsvwg@ietf.org>
List-Help: <mailto:tsvwg-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/tsvwg>, <mailto:tsvwg-request@ietf.org?subject=subscribe>
X-List-Received-Date: Mon, 13 Dec 2021 10:38:41 -0000

On 09/12/2021 15:23, mohamed.boucadair@orange.com wrote:
> Re-,
>
> Please see inline.
>
> Cheers,
> Med
>
>> -----Message d'origine-----
>> De : Gorry Fairhurst <gorry@erg.abdn.ac.uk>
>> Envoyé : jeudi 9 décembre 2021 15:48
>> À : BOUCADAIR Mohamed INNOV/NET <mohamed.boucadair@orange.com>
>> Cc : tsvwg@ietf.org
>> Objet : Re: I-D Action: draft-ietf-tsvwg-udp-options-dplpmtud-02.txt
>>
>>
> [snip]
>>>> This I wonder - if really this is necessary that all probes carry a
>>>> random nonce, in the past we have managed with sequentially numbered
>>>> probes - initialised with a hard to guess value
>>> [Med] If you have the initial random value close to the nonce bounds (0,
>> 2^32 - 1), randomness does not add much because of nonce wraps around. A
>> more efficient approach to prevent off-path attacks is to use random
>> nonces per request.
>>
>> GF2, Well I see the sender generating a sequence of probes... probably not
>> many per RTT, and each carries a RES option and the nonce. An off-path
>> attacker will find it hard to guess a random nonce.
> [Med] Fully agree if the nonce is always random.
>
>> Probes need to be indentifiable uniquely in the case of path reordering or
>> (unlikely) duplication. I'm suggesting successive probes could be numbered
>> sequentially, to achieve this - but you could also use a PN sequence or
>> whatever means to achieve uniqueness.
> [Med] I thought you were suggesting that a given sender will generate a nonce once, and then sequentially increment it when it has to send a REQ.

GF3: I'm suggested that I think this is OK to provide off-path attack 
protection. Without knowledge of the starting value of the token/nonce, 
an attacker is statistically unable to forge a packet that  causes the 
sender to react,

An on-path attacker can see any plaintext token/nonce and could forge 
such a pacekt, however this attacker can also see the probe requests, 
and could forge an apparently valid response or ICMP PTB packet or 
selectively drop probe packets - all of which would change the sender 
state. This could potentially force a reduction in the packet size - and 
with some effort could black hole the traffic. An on-path device can 
always do this - without attacking DPLPMTUD.

>   I think this is suboptimal compared to generating a random nonce to uniquely identify each REQ. Sequentially incrementing the nonce may not be a good guard especially if a host sends regulars probes to check an increase of the PLPMTU (the draft says, this happens "From time to time").

GF3: I'm not sure this add much protection - if someone really wants 
protection from on-path attacks, then the design could use an encrypted 
probe packet contents to avoid mis-directing the search logic - (but 
still on-path devices could selectively drop). A downside is that this 
makes the implementation at the sender more complex - where it might 
need to maintain a list of currently valid nonce/tokens to accommodate 
delay and reordering by the path.

Still, the current proposal does not constraint any way to select a 
valid nonce/token for each probe, so you could still do that within the 
spec.

I may have misunderstood or have missed something else, if so, do let me 
know.

>
> I don't think a sequence number is needed with a 4-byte nonce.
GF3: I agree - we need tro uniguely identify probes, this can be done 
using the 4-byte field.
> _________________________________________________________________________________________________________________________
>
> Ce message et ses pieces jointes peuvent contenir des informations confidentielles ou privilegiees et ne doivent donc
> pas etre diffuses, exploites ou copies sans autorisation. Si vous avez recu ce message par erreur, veuillez le signaler
> a l'expediteur et le detruire ainsi que les pieces jointes. Les messages electroniques etant susceptibles d'alteration,
> Orange decline toute responsabilite si ce message a ete altere, deforme ou falsifie. Merci.
>
> This message and its attachments may contain confidential or privileged information that may be protected by law;
> they should not be distributed, used or copied without authorisation.
> If you have received this email in error, please notify the sender and delete this message and its attachments.
> As emails may be altered, Orange is not liable for messages that have been modified, changed or falsified.
> Thank you.
>
Gorry

v2.23.0 | Report a Bug | By Email