Reshad,
> On Feb 7, 2024, at 12:21 PM, Reshad Rahman <res...@yahoo.com> wrote: > >> ISAAC works for active attacks but I don't understand why no-auth still >> works, no-auth is weaker than NULL auth: you don't need to be an active >> attacker to knock over a session with no-auth? > > With no-auth, the only thing you can say is "the session is still up". In > the optimized case we're guarding against parameter changes so that's all we > get to do. > <RR> What I don't understand is no-auth still works in the statement below: > if NULL auth is impractical, so should no-auth. What I am missing? > "1. NULL auth and using the sequence numbers becomes impractical to use for > optimizing authentication procedures. ISAAC and no-auth still work. " > No authentication doesn't have sequence numbers. This means that sequence number operations for incrementing are paused at last exchanged sequence number in the strong authentication. No authentication also thus means you can't attack the system by sending packets with a sequence number. The system will be expecting authentication types of either the strong auth (protected vs. blind injection by computing the digest over the entire PDU), or the expected no-auth. If you send packets with an unexpected auth type, they'll be dropped. With ISAAC, blind injection can't work unless the injector has access to the shared secret, BFD discriminator values, initial sequence number for the ISAAC sequence base, and seed. Discriminator and seed can be discovered by intercepting the ISAAC authenticated PDUs. The initial sequence value has to be observed, or inferred by being able to compute the ISAAC table that will have the outputs. The shared secret is thus the core protecting item. Thus, with ISAAC, you can't push the sequence numbers ahead without being able to satisfy ISAAC authentication, even if it's not a digest vs. the entire BFD PDU. With NULL auth, you just need to be able to convince the implementation to accept the PDU with a higher sequence number. This can be done with blind injection once you know enough of the BFD session state like discriminators. The random discriminator makes this very low likelihood and pushes the attack case to someone that is PITM. -- Jeff