Re: [VIPR] Review of draft-jennings-vipr-overview-01
Michael Procter <michael@voip.co.uk> Fri, 22 July 2011 17:42 UTC
Return-Path: <michael@voip.co.uk>
X-Original-To: vipr@ietfa.amsl.com
Delivered-To: vipr@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id AEBE921F8B18 for <vipr@ietfa.amsl.com>; Fri, 22 Jul 2011 10:42:54 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -5.977
X-Spam-Level:
X-Spam-Status: No, score=-5.977 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, FM_FORGED_GMAIL=0.622, RCVD_IN_DNSWL_MED=-4]
Received: from mail.ietf.org ([64.170.98.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 2hhV6RHXfC4B for <vipr@ietfa.amsl.com>; Fri, 22 Jul 2011 10:42:54 -0700 (PDT)
Received: from na3sys009aog126.obsmtp.com (na3sys009aog126.obsmtp.com [74.125.149.155]) by ietfa.amsl.com (Postfix) with SMTP id B99F821F8B0E for <vipr@ietf.org>; Fri, 22 Jul 2011 10:42:53 -0700 (PDT)
Received: from mail-yi0-f44.google.com ([209.85.218.44]) (using TLSv1) by na3sys009aob126.postini.com ([74.125.148.12]) with SMTP ID DSNKTim2nM/RpG8CInnt//vpeNnVZn8xfKGb@postini.com; Fri, 22 Jul 2011 10:42:53 PDT
Received: by yie30 with SMTP id 30so1583084yie.31 for <vipr@ietf.org>; Fri, 22 Jul 2011 10:42:52 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.100.174.12 with SMTP id w12mr916974ane.50.1311356571915; Fri, 22 Jul 2011 10:42:51 -0700 (PDT)
Received: by 10.100.189.8 with HTTP; Fri, 22 Jul 2011 10:42:51 -0700 (PDT)
In-Reply-To: <2D5E1705-DC64-42CE-AB73-5B99F44AECB0@cisco.com>
References: <BANLkTi=XTs5Vz_ojE1PvAL7ozKivw09cnQ@mail.gmail.com> <2D5E1705-DC64-42CE-AB73-5B99F44AECB0@cisco.com>
Date: Fri, 22 Jul 2011 18:42:51 +0100
Message-ID: <CAPms+wRf+=Ra1DgscY7-DP7PH_bOyq7Rxg_v=iwy9j6bQ3bguw@mail.gmail.com>
From: Michael Procter <michael@voip.co.uk>
To: Cullen Jennings <fluffy@cisco.com>
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: quoted-printable
Cc: vipr@ietf.org
Subject: Re: [VIPR] Review of draft-jennings-vipr-overview-01
X-BeenThere: vipr@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Verification Involving PSTN Reachability working group <vipr.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/vipr>, <mailto:vipr-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/vipr>
List-Post: <mailto:vipr@ietf.org>
List-Help: <mailto:vipr-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/vipr>, <mailto:vipr-request@ietf.org?subject=subscribe>
X-List-Received-Date: Fri, 22 Jul 2011 17:42:54 -0000
On 11 July 2011 19:54, Cullen Jennings <fluffy@cisco.com> wrote: > > Thee are excellent points. The first few were easy and fixed in next version but on to some of the harder issues you raised ... > > On May 13, 2011, at 1:37 , Michael Procter wrote: > >> Section 8.2 >> The TLS-SRP uses the caller ID and called number as a "username" [Discussion of CLI leaks of callers to a specific number] > I think we need to protect against the attack you describe. It's been > awhile since have looked at SRP. Perhaps hashing the username would > solve this? I don't think hashing would be enough. I hashed the entire UK number space in a few hours using a naive piece of Python and my not-exactly-state-of-the-art computer. Then I googled and found out about using graphics cards for number crunching, which apparently can do the same job in a couple of seconds. Hashing the CLI doesn't sound like a sufficient deterrent to me. In fact, whatever technique used to obscure the CLI is probably only slightly helpful as the source IP address of the validation attempt would probably leak too much information for larger users (I accept that smaller users will probably have fairly generic reverse IP information and probably their ISP's info in whois). Going a step further, even without knowing the source IP (validation over TOR anyone?), I still think there is a worrying leak. Spotting a noticeable spike in competitor's sales line traffic following this ad campaign, but not that one, is perfectly doable once you have a statistically significant number of calls. No doubt far more information can be extracted given time and inspiration. >> Section 9.2: 3rd attack >> "the TTL for cached routes is set to match the >> duration that carriers typically hold numbers." [Description of route expiry leading to poor user experience] > total agree. I'd like to see a better way of doing validation for video calls. Not thought of any bright ideas here, sorry! >> Section 9.2: 5th attack [Discussion of falsely claiming a number by knowing the start and end times of a call] > again I agree. Of course the guy in the next cube could probably just > walk over and forward the phone too. One things that can be done is > not share the validation you learn for one phone in an enterprise with > other phones in the enterprise. That restriction isn't enough to stop the attack if you time the victim making the call on their own phone, which wouldn't take too much social engineering. Remember that you only need to get the timings accurate to 2 seconds, which I think sounds fairly straightforward. Actually, you can handle a looser tolerance if you register multiple times. For each registration in the DHT, the original caller will attempt a validation, giving you another guess at the times, so you can use your best guesses (Tb and Te) for the first go, (Tb, Te+2) for the second, (Tb+2, Te) for the third and (Tb+2, Te+2) for the fourth. 4 registrations and you have doubled the tolerance to timing errors to 4 seconds for both call beginning and end. More registrations would allow you to relax the tolerances further. You could even defeat Hadriel's "You expect accurate call lengths?" attack like this! And once you have had a correct with the caller, you can use your new accurate times to talk to the real registered owner of the number and set up a MITM for the next few months. Best regards, Michael
- [VIPR] Review of draft-jennings-vipr-overview-01 Michael Procter
- Re: [VIPR] Review of draft-jennings-vipr-overview… Cullen Jennings
- Re: [VIPR] Review of draft-jennings-vipr-overview… Michael Procter
- Re: [VIPR] Review of draft-jennings-vipr-overview… Marc Petit-Huguenin