Too Big or Too Small? The PTB-PTS ICMP-based Attack against IPsec Gateways

Ludovic Jacquin 1 Vincent Roca 1, * Jean-Louis Roch 2, *
* Auteur correspondant
1 PRIVATICS - Privacy Models, Architectures and Tools for the Information Society
Inria Grenoble - Rhône-Alpes, CITI - CITI Centre of Innovation in Telecommunications and Integration of services
2 MOAIS - PrograMming and scheduling design fOr Applications in Interactive Simulation
Inria Grenoble - Rhône-Alpes, LIG - Laboratoire d'Informatique de Grenoble
Abstract : This work introduces the "Packet Too Big"-"Packet Too Small" ICMP based attack against IPsec gateways. We explain how an attacker having eavesdropping and packet injection capabilities, from the insecure network where he only sees encrypted packets, can force a gateway to reduce the Path MTU of an IPsec tunnel to the minimum, which triggers severe issues for the hosts behind this gateway: depending on the Path MTU discovery algorithm in use, the attack either creates a Denial of Service or major performance penalties. This attack highlights two fundamental problems that we discuss, along with potential counter-measures to mitigate the attack while keeping ICMP benefits.
Type de document :
Communication dans un congrès
Ted Rappaport. IEEE Global Communications Conference (GLOBECOM'14), Dec 2014, Austin, United States. IEEE, 2014
Liste complète des métadonnées


https://hal.inria.fr/hal-01052994
Contributeur : Vincent Roca <>
Soumis le : mardi 29 juillet 2014 - 12:24:17
Dernière modification le : mercredi 18 novembre 2015 - 01:12:30
Document(s) archivé(s) le : mardi 25 novembre 2014 - 20:12:29

Fichier

globecom14_ptb-pts_attack.pdf
Fichiers produits par l'(les) auteur(s)

Identifiants

  • HAL Id : hal-01052994, version 1

Collections

Citation

Ludovic Jacquin, Vincent Roca, Jean-Louis Roch. Too Big or Too Small? The PTB-PTS ICMP-based Attack against IPsec Gateways. Ted Rappaport. IEEE Global Communications Conference (GLOBECOM'14), Dec 2014, Austin, United States. IEEE, 2014. <hal-01052994>

Partager

Métriques

Consultations de
la notice

358

Téléchargements du document

306