potential new IETF WG on anonymous IPSec
Joe Touch
touch at ISI.EDU
Thu Sep 16 16:05:07 PDT 2004
Bill Stewart wrote:
> At 02:17 PM 9/16/2004, Joe Touch wrote:
>
>> Ian Grigg wrote:
>>
>>> On the backbone, between BGP peers, one would have thought
>>> that there are relatively few attackers, as the staff are
>>> highly trusted and the wires are hard to access - hence no
>>> active attacks going on and only some passive eavesdropping
>>> attacks. Also, anyone setting up BGP routing knows the other
>>> party, so there is a prior relationship.
>>
>>
>> My understanding of the attacks this past spring is that:
>> a) they were indeed on the backbone BGP peers
>> b) that those peers had avoided setting up
>> preshared keys or getting mutually-authenticatable
>> certificates because of the configuration overhead
>> (small on a per-pair basis, but may be large
>> in aggregate)
>
> The interesting attacks were a sequence-number guessing attack
> using forged TCP RST packets, which tell the TCP session to tear down,
> therefore dropping the BGP connection (typically between two ISPs).
> The attackers didn't need to be trusted backbone routers -
> they could be randoms anywhere on the Internet.
> BGP authentication doesn't actually help this problem,
> because the attack simply kills the connection at a TCP layer
> rather than lying to the BGP application.
FWIW, the other system we were referring to - TCP-MD5 - works at the TCP
layer. It rejects packets within TCP, before any further TCP processing,
that don't match the MD5 hash. It isn't BGP authentication.
This is why I refer to it as TCP-MD5 rather than BGP-MD5, even though
the latter is more common.
Joe
[demime 1.01d removed an attachment of type application/pgp-signature which had a name of signature.asc]
More information about the cypherpunks-legacy
mailing list