SlideShare a Scribd company logo

IETF 80: Security Extensions for OSPF

Download as PPT, PDF
M
manav416

The document proposes two mechanisms to address security issues in OSPFv2 including inter-session replay attacks and unprotected IP headers. It expands the authentication sequence number space and introduces session IDs and nonces. If implemented, these changes would prevent replay of stale packets and ensure the source IP is included when computing the authentication digest to protect against IP spoofing attacks.

1 of 14
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
OSPF WG Security Extensions for OSPFv2 when using Manual Keying Manav Bhatia, Alcatel-Lucent Sam Hartman, Huawei Dacheng Zhang, Huawei IETF 80, Prague
Current State of Security OPSEC has published RFC 6039 that does an analysis on the vulnerabilities that exist in OSPFv2 despite it using the security and authentication mechanisms described in RFC 2328 and 5709 draft-ietf-karp-ospf-analysis identifies certain gaps that remain between the current security state and those identified in draft-ietf-karp-threats-reqs
Gaps Identified Replay Protection OSPFv2 uses Cryptographic Sequence numbers to prevent intra-session replay attacks Does not help in protecting against inter-session replay attacks IP Header Unprotected OSPFv2 uses the source IP to identify the neighbor in some cases IPv4 Header is not protected by the authentication digest
So what does this draft do? It fixes the issues identified during the OSPFv2 gap analysis Proposes two mechanisms to prevent inter-session replay attacks Extends the Authentication Sequence Number space Introduces the concept of Session ID and Nonce Fixes the IP header issue by factoring in the source IP address when computing the crypto digest - thus attacks which change this, will not be successful now
Inter-Session Replay Attack OSPF Hdr: Sequence Num = 10001 OSPF HELLO: Neighbor = B OSPF Hdr: Sequence Num = 50001 OSPF HELLO: Neighbor = A Router B goes down! OSPF Hdr: Sequence Num = 1 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 10011 OSPF HELLO: Neighbor = B OSPF Hdr: Sequence Num = 10012 OSPF HELLO: Neighbor = 0 Router B Router A OSPF Hdr: Sequence Num = 10010 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 2 OSPF HELLO: Neighbor = A OSPF Hdr: Sequence Num = 50000 OSPF HELLO: Neighbor = 0 Router A accepts the packet and brings down the adjacency with B! OSPF Hdr: Sequence Num = 50000 OSPF HELLO: Neighbor = 0
So how do we fix this? (1/2) OSPF authentication mechanism is stateless and oblivious to the session information Router A for example doesn’t remember that it once had an OSPF session with B and the last cryptographic sequence number seen from B was 50001 Highly un-scalable and also requires B to keeping updating the non-volatile memory each time it increments a sequence number so that it can continue from there.
So how do we fix this? (2/2) Change the crypto sequence number generation algorithm at the sender side so that it always generates an increasing number (for both planned and unplanned restarts) Implement some algorithm that guarantees freshness of packets We describe both in the draft
Changing the crypto sequence number algorithm Currently the sequence number is a 32-bit monotonically increasing entity Expand this to 64 bits where: most significant 32-bits increment each time the router cold boots. last 32-bits remain unchanged The final sequence number is a concatenation of the above two numbers
So does this help? OSPF Hdr: Sequence Num = 0:10001 OSPF HELLO: Neighbor = B OSPF Hdr: Sequence Num = 10:50001 OSPF HELLO: Neighbor = A Router B goes down! OSPF Hdr: Sequence Num = 11:1 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 0:10011 OSPF HELLO: Neighbor = B Router B Router A OSPF Hdr: Sequence Num = 0:10010 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 11:2 OSPF HELLO: Neighbor = A OSPF Hdr: Sequence Num = 10:50000 OSPF HELLO: Neighbor = 0 Router A rejects this as sequence number < 11:2 OSPF Hdr: Sequence Num = 10:50000 OSPF HELLO: Neighbor = 0
So where are we? We believe it solves the inter-session replay attacks with OSPF This solution does NOT guarantee packet freshness, i.e., you still don’t know if you are speaking to a live router or if somebody is playing out the entire conversation If you want to fix this then the draft spells out the challenge/response mechanism using the Session IDs and Nonces
Benefits Easy to implement - very minimal changes to the OSPF running code Consider this as part of the KARP infrastructure that even other routing protocols can use Minimal changes required in the OSPF packet encoding
Next Steps We need people who understand OSPF to look at this mechanism and see if they find some holes in it. If they think this is fool-proof then we can remove the Session ID and the Nonce stuff that currently exists in the draft Accept this as a WG document since there has been a lot of discussion on the mailing list and people have taken it positively there!
Feedback!
Protecting the source IP address A B Source IP - X' OSPFv2 Data Authentication Data 1. OSPF Packet replayed and source IP changed from X to X' Authentication has been computed assuming source IP as X 2. B computes the digest assuming the source IP as X' 3. B rejects the packet as the computed digest does NOT match the digest carried in the packet!

More Related Content

PDF
Arp Cache Poisoning
Subhash Kumar Singh
 
PDF
Arpspoofing
UTD Computer Security Group
 
TXT
Copy of a simple tcp spoofing attack
Vishal Gurujuwada
 
PDF
Offline bruteforce attack on wi fi protected setup
Cyber Security Alliance
 
PDF
20141106 asfws unicode_hacks
Cyber Security Alliance
 
ODP
Code Red Security
Amr Ali
 
PPT
Chapter10ccna
ernestlithur
 
PPT
Chapter14ccna
ernestlithur
 
Arp Cache Poisoning
Subhash Kumar Singh
 
Arpspoofing
UTD Computer Security Group
 
Copy of a simple tcp spoofing attack
Vishal Gurujuwada
 
Offline bruteforce attack on wi fi protected setup
Cyber Security Alliance
 
20141106 asfws unicode_hacks
Cyber Security Alliance
 
Code Red Security
Amr Ali
 
Chapter10ccna
ernestlithur
 
Chapter14ccna
ernestlithur
 

What's hot (20)

PPTX
Packet sniffing in switched LANs
Ishraq Al Fataftah
 
PPT
Chapter5ccna
ernestlithur
 
PPT
Chapter7ccna
ernestlithur
 
PPTX
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...
NetProtocol Xpert
 
PPT
Chapter11ccna
ernestlithur
 
PDF
IPsec Basics: AH and ESP Explained
Andriy Berestovskyy
 
PDF
NAT- Network Address Translation
Eng. Emad Al-Atoum
 
PPT
Nmap(network mapping)
SSASIT
 
PPT
Cisco Router Security
kktamang
 
PPT
Chapter4ccna
ernestlithur
 
PDF
2. Stream Ciphers
Sam Bowne
 
PPT
05 06 ike
Babaa Naya
 
PDF
IPTables Primer - Part 2
Nishanth Kumar Pathi
 
PPT
IP tables
aamodt
 
PPT
NAT and PAT
Muuluu
 
PDF
Network Mapper (NMAP)
KHNOG
 
PPT
Chapter13ccna
ernestlithur
 
DOCX
Packet Tracer: SNMP, Netflow, Sys-log
Rafat Khandaker
 
PPTX
Security Onion Advance
Kaustubh Padwad
 
PPTX
Socket programming in c
Md. Golam Hossain
 
Packet sniffing in switched LANs
Ishraq Al Fataftah
 
Chapter5ccna
ernestlithur
 
Chapter7ccna
ernestlithur
 
DMVPN configuration - Configuring Cisco dynamic Multipoint VPN - HUB, SPOKES,...
NetProtocol Xpert
 
Chapter11ccna
ernestlithur
 
IPsec Basics: AH and ESP Explained
Andriy Berestovskyy
 
NAT- Network Address Translation
Eng. Emad Al-Atoum
 
Nmap(network mapping)
SSASIT
 
Cisco Router Security
kktamang
 
Chapter4ccna
ernestlithur
 
2. Stream Ciphers
Sam Bowne
 
05 06 ike
Babaa Naya
 
IPTables Primer - Part 2
Nishanth Kumar Pathi
 
IP tables
aamodt
 
NAT and PAT
Muuluu
 
Network Mapper (NMAP)
KHNOG
 
Chapter13ccna
ernestlithur
 
Packet Tracer: SNMP, Netflow, Sys-log
Rafat Khandaker
 
Security Onion Advance
Kaustubh Padwad
 
Socket programming in c
Md. Golam Hossain
 
Ad

Similar to IETF 80: Security Extensions for OSPF (20)

PPTX
Лекц 15
Muuluu
 
PPT
Learn OSPF(Open Short Path First) routing to day
SilasHAKUZWIMANA
 
PPT
Ospf
Alp isik
 
PDF
How to configure the basic OSPF?
E-Lins Technology Co. Ltd.
 
PPT
I pv6 for cmu
Naranont Atima
 
PPTX
OSPF Authentication
NetProtocol Xpert
 
PPTX
OSPF by Abdullah Mukhtar
Abdullah Mukhtar
 
PDF
Ospfv3 primer
Fred Bovy
 
PPT
Chapter7ccna
robertoxe
 
PPT
BSCI30S03 OSPF open shortest path first .ppt
hodeve9961
 
PPT
Icnd210 s04l01
computerlenguyen
 
DOCX
How to troubleshoot and verifying ospf configuration
IT Tech
 
PDF
Defeating OSPF MD5 authentication
fropert
 
PDF
Ospfv3 News version 2
Fred Bovy
 
PDF
ospf ahmed tawfeek CCNA dump for Exam12
ym7md88
 
PPT
Chapter7ccna
Lakshan Perera
 
PDF
ospf-filtering-issue - Partial Topology.pdf
Denis Rasskazov
 
PPTX
Allwyn ospf ppt
Allwyngeorge4
 
PDF
Cisco ospf
sarasanandam
 
PDF
Cisco ospf
sarasanandam
 
Лекц 15
Muuluu
 
Learn OSPF(Open Short Path First) routing to day
SilasHAKUZWIMANA
 
Ospf
Alp isik
 
How to configure the basic OSPF?
E-Lins Technology Co. Ltd.
 
I pv6 for cmu
Naranont Atima
 
OSPF Authentication
NetProtocol Xpert
 
OSPF by Abdullah Mukhtar
Abdullah Mukhtar
 
Ospfv3 primer
Fred Bovy
 
Chapter7ccna
robertoxe
 
BSCI30S03 OSPF open shortest path first .ppt
hodeve9961
 
Icnd210 s04l01
computerlenguyen
 
How to troubleshoot and verifying ospf configuration
IT Tech
 
Defeating OSPF MD5 authentication
fropert
 
Ospfv3 News version 2
Fred Bovy
 
ospf ahmed tawfeek CCNA dump for Exam12
ym7md88
 
Chapter7ccna
Lakshan Perera
 
ospf-filtering-issue - Partial Topology.pdf
Denis Rasskazov
 
Allwyn ospf ppt
Allwyngeorge4
 
Cisco ospf
sarasanandam
 
Cisco ospf
sarasanandam
 
Ad

IETF 80: Security Extensions for OSPF

  • 1. OSPF WG Security Extensions for OSPFv2 when using Manual Keying Manav Bhatia, Alcatel-Lucent Sam Hartman, Huawei Dacheng Zhang, Huawei IETF 80, Prague
  • 2. Current State of Security OPSEC has published RFC 6039 that does an analysis on the vulnerabilities that exist in OSPFv2 despite it using the security and authentication mechanisms described in RFC 2328 and 5709 draft-ietf-karp-ospf-analysis identifies certain gaps that remain between the current security state and those identified in draft-ietf-karp-threats-reqs
  • 3. Gaps Identified Replay Protection OSPFv2 uses Cryptographic Sequence numbers to prevent intra-session replay attacks Does not help in protecting against inter-session replay attacks IP Header Unprotected OSPFv2 uses the source IP to identify the neighbor in some cases IPv4 Header is not protected by the authentication digest
  • 4. So what does this draft do? It fixes the issues identified during the OSPFv2 gap analysis Proposes two mechanisms to prevent inter-session replay attacks Extends the Authentication Sequence Number space Introduces the concept of Session ID and Nonce Fixes the IP header issue by factoring in the source IP address when computing the crypto digest - thus attacks which change this, will not be successful now
  • 5. Inter-Session Replay Attack OSPF Hdr: Sequence Num = 10001 OSPF HELLO: Neighbor = B OSPF Hdr: Sequence Num = 50001 OSPF HELLO: Neighbor = A Router B goes down! OSPF Hdr: Sequence Num = 1 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 10011 OSPF HELLO: Neighbor = B OSPF Hdr: Sequence Num = 10012 OSPF HELLO: Neighbor = 0 Router B Router A OSPF Hdr: Sequence Num = 10010 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 2 OSPF HELLO: Neighbor = A OSPF Hdr: Sequence Num = 50000 OSPF HELLO: Neighbor = 0 Router A accepts the packet and brings down the adjacency with B! OSPF Hdr: Sequence Num = 50000 OSPF HELLO: Neighbor = 0
  • 6. So how do we fix this? (1/2) OSPF authentication mechanism is stateless and oblivious to the session information Router A for example doesn’t remember that it once had an OSPF session with B and the last cryptographic sequence number seen from B was 50001 Highly un-scalable and also requires B to keeping updating the non-volatile memory each time it increments a sequence number so that it can continue from there.
  • 7. So how do we fix this? (2/2) Change the crypto sequence number generation algorithm at the sender side so that it always generates an increasing number (for both planned and unplanned restarts) Implement some algorithm that guarantees freshness of packets We describe both in the draft
  • 8. Changing the crypto sequence number algorithm Currently the sequence number is a 32-bit monotonically increasing entity Expand this to 64 bits where: most significant 32-bits increment each time the router cold boots. last 32-bits remain unchanged The final sequence number is a concatenation of the above two numbers
  • 9. So does this help? OSPF Hdr: Sequence Num = 0:10001 OSPF HELLO: Neighbor = B OSPF Hdr: Sequence Num = 10:50001 OSPF HELLO: Neighbor = A Router B goes down! OSPF Hdr: Sequence Num = 11:1 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 0:10011 OSPF HELLO: Neighbor = B Router B Router A OSPF Hdr: Sequence Num = 0:10010 OSPF HELLO: Neighbor = 0 OSPF Hdr: Sequence Num = 11:2 OSPF HELLO: Neighbor = A OSPF Hdr: Sequence Num = 10:50000 OSPF HELLO: Neighbor = 0 Router A rejects this as sequence number < 11:2 OSPF Hdr: Sequence Num = 10:50000 OSPF HELLO: Neighbor = 0
  • 10. So where are we? We believe it solves the inter-session replay attacks with OSPF This solution does NOT guarantee packet freshness, i.e., you still don’t know if you are speaking to a live router or if somebody is playing out the entire conversation If you want to fix this then the draft spells out the challenge/response mechanism using the Session IDs and Nonces
  • 11. Benefits Easy to implement - very minimal changes to the OSPF running code Consider this as part of the KARP infrastructure that even other routing protocols can use Minimal changes required in the OSPF packet encoding
  • 12. Next Steps We need people who understand OSPF to look at this mechanism and see if they find some holes in it. If they think this is fool-proof then we can remove the Session ID and the Nonce stuff that currently exists in the draft Accept this as a WG document since there has been a lot of discussion on the mailing list and people have taken it positively there!
  • 14. Protecting the source IP address A B Source IP - X' OSPFv2 Data Authentication Data 1. OSPF Packet replayed and source IP changed from X to X' Authentication has been computed assuming source IP as X 2. B computes the digest assuming the source IP as X' 3. B rejects the packet as the computed digest does NOT match the digest carried in the packet!