[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [RRG] Tunnel fragmentation/reassembly for RRG map-and-encaps architectures
On 18.1.2008, at 5.32, Sandy Murphy wrote:
Considering the BGP+TCP-MD5 is considered 'secure enough' by the
people around these days, while it is in truth about as secure as
sending data in envelopes made of clear plastic, I don't think this
system needs to be more ambitious if it means orders of magnitude
I lurk here occasionally, but I had to chime in on this one.
TCP MD5 protects the links between routers. It does nothing at all,
de nada, zero, zip, about protecting what the routers
say. (What's more, it is cryptographically unsophisticated and
Yes.. This is what I was trying to point out, with a broken example.
Anyway, even with the admittedly broken key handling (static manual
keying), broken protocol (replay attacks and such), and partially
broken digest algorithm, it seems to be still working well enough. I
haven't heard about any attacks against the BGP+TCP-MD5 really
happening out there in the wild.
I'm not sure if this effort should aim for anything insanely complex
and computationally expensive (global CA hierarchy is typically an
example of that - there is only one that has been really deployed), as
that's unlikely to work out in practise, but the downside of any
piggybacking scheme is that _does_ need to be authenticated in some
way, as it comes directly from potentially untrustworthy source.
Attacks using that mechanism (traffic redirection/DoS/blackholing)
seem both more desirable and easier to implement in practise than
attacks on BGP (which is unavailable to be attacked for most people, I
Conclusion? I'd prefer to keep piggybacking out of the picture
altogether, if security framework that it requires makes the solution
more complex (and CA hierarchy is typically no-no if you want things
to happen in real world anyway).
to unsubscribe send a message to firstname.lastname@example.org with the
word 'unsubscribe' in a single line as the message text body.
archive: <http://psg.com/lists/rrg/> & ftp://psg.com/pub/lists/rrg