Re: IGP protocol

[Saku Ytti <saku () ytti fi>]

On Sun, 18 Nov 2018 at 12:15, Alfie Pates <alfie@fdx.services> wrote:

> There's a school of thought which suggests MD5 security on single-hop BGP is absolute theatre with no security 
> benefit and that MACsec is the route you should be taking.

AFAIK there are no known attacks against HMAC-MD5. eBGP I don't care
about. But for iBGP I consider this a problem:

Someone goes to random forest where fibre is trenched, digs it up,
taps fibre until correct fibre+wave is found, then injects BGP UPDATE
to change L3 MPLS VPN labels, and diverts traffic through their device
while returning it safely. Seems quite cheap attack, maybe <5k, and
entirely compromises MPLS security model. iBGP MD5 should protect well
from this.

Not arguing that MacSec isn't superior feature, it's just cost of
MacSec is non-trivial compared to cost of HMAC-MD5, and it seems
HMAC-MD5 for certain attacks is strong guarantee. Ideally we'd
implement TCP-AO (RFC5925) to replace BGP HMAC-MD5, just to get
derived secret instead of static (how many change their MD5 secret
periodically?)  but it looks like ship may have sailed on that one.

-- 
  ++ytti