[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)

To: "Pekka Nikander" <pekka.nikander@nomadiclab.com>
Subject: RE: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
From: "marcelo bagnulo" <marcelo@it.uc3m.es>
Date: Fri, 25 Jul 2003 15:26:01 +0200
Cc: <multi6@ops.ietf.org>
In-reply-to: <3F20CC2A.4030809@nomadiclab.com>

> Hmm.  Good points.  The real question is whether the verifying peer
> is able to make a distinction between a mobility and multi-homing
> situation.  That is, if there is a real multi-homed host, it probably
> has a set of fairly stable addresses.  However, there might be an
> attacker that has a transient address but that claims that the transient
> address is one of its stable addresses.  If it is able to convince
> the verifying party that the transient address is a stable address,
> that seems to open up time shifting attacks.

Yes. However, the attack is only possible at the begining of the
communication and it is not possible for the rest of the communication
lifetime (which would be the mobility case)

This is still less secure than regular IPv6 but the time that the nodes are
exposed to attacks is much more limited. I do not know if this would be good
enough, though.

Regards, marcelo

>
> --Pekka Nikander
>

Follow-Ups:
- Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

References:
- Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

Prev by Date: Re: Minutes / Notes
Next by Date: Re: Minutes / Notes
Previous by thread: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
Next by thread: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
Index(es):
- Date
- Thread