1 / 23

MPTCP threat analysis: an update

MPTCP threat analysis: an update. marcelo bagnulo IETF77 – MPTCP WG. Scope: Types of attackers. On-path vs. Off-path On-path attackers Full time on the path Passive (man on the side) Active: Blocking packets Changing packets. Scenario. IDB LB1,…, LBn. IDA LA1,…, LAn. IDX

mills
Download Presentation

MPTCP threat analysis: an update

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. MPTCP threat analysis:an update marcelo bagnulo IETF77 – MPTCP WG

  2. Scope: Types of attackers • On-path vs. Off-path • On-path attackers • Full time on the path • Passive (man on the side) • Active: • Blocking packets • Changing packets

  3. Scenario IDB LB1,…, LBn IDA LA1,…, LAn IDX LX1,…, LXn

  4. Scenario IDB LB1,…, LBn IDA LA1,…, LAn IDA LA1,…, LAn IDB LB1,…, LBn IDX LX1,…, LXn

  5. Redirection attacks IDB LB1,…, LBn IDA LA1,…, LAn IDA LA1,…, LAn IDB LB1,…, LBn IDX LX1,…, LXn

  6. Flooding IDX LX1,…, LXn IDA LA1,…, LAn IDX LX1,…, LXn

  7. Flooding IDX LX1,…LAi,…, LXn IDA LA1,…, LAn IDX LX1,…, LXn

  8. Flooding IDX LX1,…LAi,…, LXn IDA LA1,…, LAn IDX LX1,…, LXn

  9. Flooding and MPTCP • If MPTCP performs a 3-wayhandshakepernewflowandtheyidentifytheconnection • Thisprovidesthereachability check requiredtopreventfloodingattacks • Itisveryimportantto NOT send data without a prior reachability check

  10. Connection Hijacking IDB LB1,…, LBn IDA LA1,…, LAn IDA LA1,…,…, LAn IDB LB1,…, LBn IDX LX1,…, LXn

  11. Connection Hijacking IDB LB1,…, LBn IDA LA1,…, LAn IDA LA1,…,LXi,…, LAn IDB LB1,…, LBn IDX LX1,…, LXn

  12. Connection Hijacking IDB LB1,…, LBn IDA LA1,…, LAn IDA LA1,…,LXi,…, LAn IDX LX1,…, LXn

  13. Additional Threat • In current TCP, an on-path attacker can launch a hijacking attack, but an off-path attacker can’t. • So, MPTCP security must prevent off path atackers to perform hijacking attacks

  14. Hijacking and MPTCP with cookie based security • MPTCP can use a combination of seq# and cookie for security. (as in draft-ford-mptcp-multiaddressed) • By Seq# i refer to the data seq# (not the one per flow, but the one of the data) • They are both exchanged in the first 3 way exchange, when the ULID pair is defined for the connection. • So what residual hijacking attacks can be performed with this protection?

  15. Time-shifted/future attacks • A time-shiftedattackisanattackwhere: • Theattackerison-pathduring a periodof time andobtainsinformation (e.g. The cookie andtheseq#) or even installsstateifneeded. • Thentheattackerleavestheonpathlocation • Theattakcscontinues even aftertheattackerlefttheonpathposition • Current TCP isnot vulnerable to time-shiftedattacks • i.e. Whentheattackerleavestheposition, it no longerreceivesthepacketsofthe TCP connection

  16. Time shifted attack in MPTCP IDB LB1,…, LBn IDA LA1,…, LAn Attacker on path learns cookie and seq# IDA LA1,…, LAn IDB LB1,…, LBn Any side initiates the connection

  17. Time shifted attack in MPTCP Attacker leaves the location to a more comfortable one and adds new flow IDB LB1,…, LBn IDA LA1,…, LAn IDA LA1,…,LXi,…, LAn IDB LB1,…, LBn IDX LX1,…, LXn

  18. Taxonomy of time shofted attacks • Type of attacker: Passive vs. Active • Vulnerability window to take over: • Only the initial handshake • Every subflow addition handshake • Integrity attacks • Replay attacks • Detectable vs. Undetactable attacks

  19. Cookie based solution • Type of attacker: Passive • Vulnerability window to take over: both the initial and the every next subflow • Vulnerable to Integrity attacks • Vulnerable to Replay attacks • Undetactable attacks

  20. Plain text key exchange + keyed HMAC • Type of attacker: Passive • Vulnerability window to take over: Only the initial handshake • Vulnerable to Integrity attacks • Vulnerable to Replay attacks • Undetactable attacks

  21. Leap of faith/ssh type of security • Type of attacker: Active • Vulnerability window to take over: Only the initial handshake • Vulnerable to Integrity attacks • Replay attacks: possible to protect • Detectable attacks

  22. NAT considerations • NAT compatibility implies that the endpoints do not know the IP address pair, which is exactly what we need to protect • Implies that integrity protection is very hard to achieve

  23. Next steps • It would be possible to craft a solution with different pieces that mitigates most of the threats?

More Related