IGP protocol
Saku Ytti
saku at ytti.fi
Sun Nov 18 10:59:19 UTC 2018
On Sun, 18 Nov 2018 at 12:15, Alfie Pates <alfie at fdx.services> wrote:
> There's a school of thought which suggests MD5 security on single-hop BGP is absolute theatre with no security benefit and that MACsec is the route you should be taking.
AFAIK there are no known attacks against HMAC-MD5. eBGP I don't care
about. But for iBGP I consider this a problem:
Someone goes to random forest where fibre is trenched, digs it up,
taps fibre until correct fibre+wave is found, then injects BGP UPDATE
to change L3 MPLS VPN labels, and diverts traffic through their device
while returning it safely. Seems quite cheap attack, maybe <5k, and
entirely compromises MPLS security model. iBGP MD5 should protect well
from this.
Not arguing that MacSec isn't superior feature, it's just cost of
MacSec is non-trivial compared to cost of HMAC-MD5, and it seems
HMAC-MD5 for certain attacks is strong guarantee. Ideally we'd
implement TCP-AO (RFC5925) to replace BGP HMAC-MD5, just to get
derived secret instead of static (how many change their MD5 secret
periodically?) but it looks like ship may have sailed on that one.
--
++ytti
More information about the NANOG
mailing list