RPSEC WG Issues with Routing Protocols security mechanisms

Slides:

Advertisements

Similar presentations

RIP V2 W.lilakiatsakun.  RFC 2453 (obsoletes –RFC 1723 /1388)  Extension of RIP v1 (Classful routing protocol)  Classless routing protocol –VLSM is.

Advertisements

Dynamic Routing Scalable Infrastructure Workshop, AfNOG2008.

ECE 454/CS 594 Computer and Network Security Dr. Jinyuan (Stella) Sun Dept. of Electrical Engineering and Computer Science University of Tennessee Fall.

IP Security IPSec 2 * Essential Network Security Book Slides. IT352 | Network Security |Najwa AlGhamdi 1.

An Operational Perspective on BGP Security Geoff Huston GROW WG IETF 63 August 2005.

1 IP Security Outline of the session –IP Security Overview –IP Security Architecture –Key Management Based on slides by Dr. Lawrie Brown of the Australian.

Encapsulation Security Payload Protocol Lan Vu. OUTLINE 1.Introduction and terms 2.ESP Overview 3.ESP Packet Format 4.ESP Fields 5.ESP Modes 6.ESP packet.

1 © 2002, Cisco Systems, Inc. All rights reserved. Protocol /IPSec Securing Routing/Signaling Protocols w/ IPSec David Ward

SSH Secure Login Connections over the Internet

© Janice Regan, CMPT 128, CMPT 371 Data Communications and Networking BGP, Flooding, Multicast routing.

1 Chapter 8 Copyright 2003 Prentice-Hall Cryptographic Systems: SSL/TLS, VPNs, and Kerberos.

1 Section 10.9 Internet Security Association and Key Management Protocol ISAKMP.

10/8/2015CST Computer Networks1 IP Routing CST 415.

Ogier - 1 OSPF Database Exchange Summary List Optimization draft-ietf-ospf-dbex-opt-00.txt Richard Ogier Presented by Acee Lindem March 19, 2007 IETF 68.

Security Issues in Control, Management and Routing Protocols M.Baltatu, A.Lioy, F.Maino, D.Mazzocchi Computer and Network Security Group Politecnico di.

1 © 2003, Cisco Systems, Inc. All rights reserved. CCNA 3 v3.0 Module 3 EIGRP.

Karlstad University IP security Ge Zhang

1 CMPT 471 Networking II Authentication and Encryption © Janice Regan,

IP Routing Principles. Network-Layer Protocol Operations Each router provides network layer (routing) services X Y A B C Application Presentation Session.

IP security Ge Zhang Packet-switched network is not Secure! The protocols were designed in the late 70s to early 80s –Very small network.

IPSec and TLS Lesson Introduction ●IPSec and the Internet key exchange protocol ●Transport layer security protocol.

4: Network Layer4b-1 OSPF (Open Shortest Path First) r “open”: publicly available r Uses Link State algorithm m LS packet dissemination m Topology map.

CO5023 Single Area OSPF. Routing So far, we’ve looked at issues concerning the distribution and access layers. Routing is the process used to interconnect.

Routing in the Inernet Outcomes: –What are routing protocols used for Intra-ASs Routing in the Internet? –The Working Principle of RIP and OSPF –What is.

1 OSPFv3 Automated Group Keying Requirements draft-liu-ospfv3-automated-keying-req-01.txt Ya Liu, Russ White,

OSPF WG Cryptographic Algorithm Implementation Requirements for OSPF draft-bhatia-manral-crypto-req-ospf-00.txt Vishwas Manral, IPInfusion Manav Bhatia,

1 Border Gateway Protocol (BGP) and BGP Security Jeff Gribschaw Sai Thwin ECE 4112 Final Project April 28, 2005.

OSPF WG Security Extensions for OSPFv2 when using Manual Keying Manav Bhatia, Alcatel-Lucent Sam Hartman, Huawei Dacheng Zhang, Huawei IETF 80, Prague.

RPSEC WG Issues with Routing Protocols security mechanisms Vishwas Manral, SiNett Russ White, Cisco Sue Hares, Next Hop IETF 63, Paris, France.

© 2005 Cisco Systems, Inc. All rights reserved. BGP v3.2—1-1 BGP Overview Establishing BGP Sessions.

19 March 2003Page 1 BGP Vulnerabilities Draft March 19, 2003 Sandra Murphy

Lecture 18 Page 1 CS 236 Online Advanced Research Issues In Security: Securing Key Internet Technologies CS 236 On-Line MS Program Networks and Systems.

Analysis of BFD Security According to KARP Design Guide draft-ietf-karp-bfd-analysis-01 draft-ietf-karp-bfd-analysis-01 Manav Bhatia Dacheng Zhang Mahesh.

Emerging Solutions in Network Time Synchronization Security

Constraints on Automated Key Management for Routing Protocols

VPNs & IPsec Dr. X Slides adopted by Prof. William Enck, NCSU.

IP Security - Chapter 6 of William Stallings. Network Security Essentials (2nd edition). Prentice Hall Slides by Henric Johnson Blekinge Institute.

IPSec Detailed Description and VPN

UNIT 7- IP Security 1.IP SEC 2.IP Security Architecture

CSE 4905 IPsec.

Encryption and Network Security

Chapter 16 – IP Security If a secret piece of news is divulged by a spy before the time is ripe, he must be put to death, together with the man to whom.

Chapter 18 IP Security  IP Security (IPSec)

Internet and Intranet Fundamentals

CSE 4905 IPsec II.

Chapter 6 IP Security 1.

IT443 – Network Security Administration Instructor: Bo Sheng

IS-IS WG IS-IS Cryptographic Authentication Requirements

Distributed Keyservers

IP Router-Alert Considerations and usage

Goals of soBGP Verify the origin of advertisements

In-Band Authentication Extension for Protocol Independent Multicast (PIM) draft-bhatia-zhang-pim-auth-extension-00 Manav Bhatia

IPSec IPSec is communication security provided at the network layer.

CSCE 815 Network Security Lecture 13

Chapter 5: Dynamic Routing

CSCE 715: Network Systems Security

IP Security - Chapter 6 of William Stallings. Network Security Essentials (2nd edition). Prentice Hall Slides by Henric Johnson Blekinge Institute.

IP Security - Chapter 6 of William Stallings. Network Security Essentials (2nd edition). Prentice Hall Slides by Henric Johnson Blekinge Institute.

SSH: SECURE LOGIN CONNECTIONS OVER THE INTERNET

draft-ipdvb-sec-01.txt ULE Security Requirements

– Chapter 4 – Secure Routing

Dynamic Routing and OSPF

Outline Using cryptography in networks IPSec SSL and TLS.

Virtual Private Networks (VPNs)

PW security measures PWE3 – 65th IETF 21 March 2005 Yaakov (J) Stein.

Deprecating MD5 for LDP draft-nslag-mpls-deprecate-md5-04

Chapter 6 IP Security.

Presentation transcript:

RPSEC WG Issues with Routing Protocols security mechanisms Vishwas Manral, SiNett Russ White, Cisco Sue Hares, Next Hop IETF 63, Paris, France

Basic Idea of the draft Security Issues in Unicast Routing Protocols Not about issues when no security mechanisms in place e.g. draft-ietf-rpsec-ospf-vuln-01.txt Issues that arise despite security mechanisms in place

Brief idea of overall work Security Issues even with security mechanisms in place Main issue - no key management and automatic key distribution mechanism Problem statement draft Decide on the problems to solve Come up with solution. Meet reasonable security requirements Be easy to deploy Use the credentials people actually have available Support automatic keying in the long-term

Replay attacks CPU Exhaustion Routing loops Black holes Traffic redirection

OSPFv3 Uses IPSec security RFC2401bis states: - If the key used to compute an ICV is manually distributed, a compliant implementation SHOULD NOT provide anti-replay service. Authentication/ Confidentiality for OSPFv3 states: - As it is not possible as per the current standards to provide replay protection while using manual keying, the proposed solution will not provide protection against replay attacks.

OSPFv3 issues Problem OSPF is stricter with receiving packets not expected Replaying packets (CPU Exhaustion/ Routing loops/ black holes/ traffic redirection) Hello Packets Database Description Packets LS Request Packets LS Acknowledgement packets LS Update Packets

OSPFv2 Provides inbuilt authentication mechanism Sender has to send packets in ascending order of sequence number Receiver can acknowledge as many packets with the same sequence number, but drop with lower sequence number

OSPFv2 issues Works over IP which can reorder packets Mechanisms like different prioritization of different packets cannot be done. Is a smaller issue (sometimes can result in adjacency reformation over VL) Manual keying is used. If all packets from a previous session between routers are stored and resent the neighbor could be misled to believing it is talking to the same router. Replay can be done till the next sequence number (no mechanism on how the sender needs to take care of sequence numbers - no perfect forward secrecy)

OSPFv2 issues Also Keyed MD5 is the default authentication algorithm used While there are no openly published attacks on that mechanism, some reports [Dobb96a, Dobb96b] create concern about the ultimate strength of the MD5 cryptographic hash function. Further, some end users, particularly several different governments, require the use of the SHA-1 hash function rather than any other such function for policy reasons. Draft to recommend HMAC construct already there for RIP/ IS-IS

IS-IS Provides for HMAC-MD5 While there are no openly published attacks on that mechanism, some reports [Dobb96a, Dobb96b] create concern about the ultimate strength of the MD5 cryptographic hash function. Further, some end users, particularly several different governments, require the use of the SHA-1 hash function rather than any other such function for policy reasons. TLV – Value field has Auth Type defined for HMAC-MD5

IS-IS issues No sequence number hence liable to replay attacks Slightly less vulnerable Wrong packets got are silently discarded Works directly over Layer-2 Entire flooding domain should have the same keys (changing keys difficult)

BGP Uses TCP for transporting information between peers. Suggestion of choosing Manual keys in RFC3562.

BGP Issues Most BGP implementations will hold packets for an interval negotiated at peering startup This technique allows a short period of time during which an attacker may inject BGP packets with false MD5 signatures into the network, and can expect those packets to be accepted, even though their MD5 signatures are not valid. Most vulnerabilities resolved

RIP Issues RIPv1 provides no security at all RIPv2 has authentication mechanism but provides no counter for replay protection

Feedback?