nanog mailing list archives
Re: key change for TCP-MD5
From: "Steven M. Bellovin" <smb () cs columbia edu>
Date: Mon, 26 Jun 2006 20:42:52 -0400
On Tue, 20 Jun 2006 17:06:27 -0400, Ross Callon <rcallon () juniper net> wrote:
At 12:12 PM 6/20/2006 -0700, Bora Akyol wrote:The draft allows you to have a set of keys in your keychain and the implementation tries all of them before declaring the segment as invalid.DoS against routers is of course a major concern. Using encryption has the potential of making DoS worse, in the sense that the amount of processing that a bogus packet can cause is increased by the amount of processing needed to check the authentication. If the router needs to check multiple keys in the keychain before declaring the segment as invalid, then this multiplies the effect of the DOS by the number of keys that need to be checked.
You're quite right, and the next version of the draft contains the following additional text in the Security Considerations: Having multiple keys makes CPU denial of service attacks easier. This suggests that keeping the overlap period reasonably short is a good idea. In addition, the Generalized TTL Security Mechanism <xref target="RFC3682" />, if applicable to the local topology, can help. Note that there would almost never be more than two keys in existence at any one time in any event. --Steven M. Bellovin, http://www.cs.columbia.edu/~smb
Current thread:
- RE: key change for TCP-MD5, (continued)
- RE: key change for TCP-MD5 Randy Bush (Jun 20)
- RE: key change for TCP-MD5 Ross Callon (Jun 20)
- Re: key change for TCP-MD5 Richard A Steenbergen (Jun 20)
- Re: key change for TCP-MD5 Warren Kumari (Jun 20)
- Re: key change for TCP-MD5 Randy Bush (Jun 20)
- Re: key change for TCP-MD5 Ross Callon (Jun 21)
- Re: key change for TCP-MD5 David Barak (Jun 21)
- Re: key change for TCP-MD5 Richard A Steenbergen (Jun 20)
- RE: key change for TCP-MD5 Randy Bush (Jun 20)
- Re: key change for TCP-MD5 Jared Mauch (Jun 21)
- Re: key change for TCP-MD5 Randy Bush (Jun 21)
- Re: key change for TCP-MD5 Steven M. Bellovin (Jun 26)
- RE: key change for TCP-MD5 Randy Bush (Jun 21)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 21)
- Re: key change for TCP-MD5 Niels Bakker (Jun 25)
- Re: key change for TCP-MD5 Iljitsch van Beijnum (Jun 26)
- RE: key change for TCP-MD5 Randy Bush (Jun 21)
- Re: key change for TCP-MD5 Richard A Steenbergen (Jun 21)
- backbone threats [Re: key change for TCP-MD5] Pekka Savola (Jun 26)