[69927] in North American Network Operators' Group
Re: TCP/BGP vulnerability - easier than you think
daemon@ATHENA.MIT.EDU (Iljitsch van Beijnum)
Wed Apr 21 15:53:24 2004
In-Reply-To: <Pine.LNX.4.58.0404212015580.22749@fogarty.jakma.org>
Cc: nanog@merit.edu
From: Iljitsch van Beijnum <iljitsch@muada.com>
Date: Wed, 21 Apr 2004 21:47:22 +0200
To: Paul Jakma <paul@clubi.ie>
Errors-To: owner-nanog-outgoing@merit.edu
On 21-apr-04, at 21:17, Paul Jakma wrote:
>> I'm not recommending this for "small" peers as the crypto DoS risk
>> is worse than what happens when the attack is executed
>> successfully.
> Why would MD5 be more of a crypto DoS risk with IPSec AH headers than
> with bgp tcp-md5?
Beats me. But why do you bring up IPsec?
Anyway, what needs to happen is a form of crypto where the expensive
algorithms are only executed for good packets and not for all packets.
For instance, in addition to the regular MD5 checksum we also include a
checksum of part of the sequence number and the/a password. Since we
know what sequence numbers to expect, we can calculate these additional
checksum beforehand so the only thing that needs to happen for each
(possibly spoofed) packet is checking whether it contains the right
sequence number derived checksum. If it does, we know that the packet
came from the actual peer so we proceed to check the MD5 checksum to
make sure the data wasn't modified in transit.
