You’re assuming either an on-LAN attacker (and therefore, that BFD is being used on a multiaccess medium) or multihop BFD here, I take it? Because RFC 5881 tells me GTSM is required if there’s no other authentication.
—John > On Feb 6, 2024, at 8:56 AM, Jeffrey Haas <[email protected]> wrote: > > > My thought over first cup of caffeine for the morning: You can have an active > attacker attack a session using NULL auth and knock over a BFD session. This > is counter to the usual "silly" attack of keeping BFD Up. > > Presume the session is in the Up state between A and B and using NULL auth. > The current expected sequence number at A from B is 100. > > An active attacker, seeing that 100 is the sequence number, spoofs packets > rapidly in order 101..200. > > Sequence number procedures are, tersely, "accept the larger sequence number > as long as it's bigger". Presume that some portion of that spray of packets > gets through and moves the sequence number > 100 + 3 before B would have sent > sequence 101. > > B then continues happily sending the meticulously increasing packets, 101, > 102, 103. These packets are discarded because the sequence number is under > the "last seen" sequence number. > > The session drops. > > I don't believe there is any mitigation against this attack in NULL auth. > > The impacts of this, if so: > 1. NULL auth and using the sequence numbers becomes impractical to use for > optimizing authentication procedures. ISAAC and no-auth still work. > 2. BFD stability really wants that increasing sequence number. This leads to > using either meticulous types from the strong authentication mechanisms, or > ISAAC. > > Counter observation 1: Stability doesn't really care about the sequence > numbers from a security standpoint, just a dropped packet standpoint. The > attack against stability if the sequence numbers aren't used for > authentication of the session to drop the session is to trigger an "unstable" > event and whatever trigger might be tied to that mechanism as a client. > > Counter observation 2: If the sequence numbers are ignored as a mechanism for > taking the session down, you can't use it to prevent PITM attacks, but it's > no worse than no-auth. The periodic strong authentication becomes more > important. > > > -- Jeff > > >
