Flaws in RIPv2 packet's authentication
draft-etienne-ripv2-auth-flaws-00

Document Type Expired Internet-Draft (individual)
Last updated 2001-05-01
Stream (None)
Intended RFC status (None)
Formats
Expired & archived
pdf htmlized bibtex
Stream Stream state (No stream defined)
Consensus Boilerplate Unknown
RFC Editor Note (None)
IESG IESG state Expired
Telechat date
Responsible AD (None)
Send notices to (None)

This Internet-Draft is no longer active. A copy of the expired Internet-Draft can be found at
https://www.ietf.org/archive/id/draft-etienne-ripv2-auth-flaws-00.txt

Abstract

The current strongest authentication method for RIPv2 (RFC2453[6]) is the MD5 authentication (RFC2082[5]) which uses shared secret key to authenticate the packets. This memo explains the different security flaws we found in the anti-replay and the MACs calculation. The second part presents practical exploitations of these weaknesses: an attacker directly connected to a link, can (i) break neighborhood, (ii) flap routes and (iii) inject obsolete routes.

Authors

Jerome Etienne (jme@off.net)

(Note: The e-mail addresses provided for the authors of this Internet-Draft may no longer be valid.)