[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)

To: "Pekka Nikander" <pekka.nikander@nomadiclab.com>
Subject: RE: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
From: "marcelo bagnulo" <marcelo@it.uc3m.es>
Date: Mon, 28 Jul 2003 10:04:58 +0200
Cc: <multi6@ops.ietf.org>
In-reply-to: <3F2172BF.2030403@nomadiclab.com>


> -----Mensaje original-----
> De: Pekka Nikander [mailto:pekka.nikander@nomadiclab.com]
> Enviado el: viernes, 25 de julio de 2003 20:11
> Para: marcelo bagnulo
> CC: multi6@ops.ietf.org
> Asunto: Re: Reasonable to use crypto in all communications? (Re: Fwd:
> Minutes/Notes)
>
>
> marcelo bagnulo wrote:
> >>Hmm.  Good points.  The real question is whether the verifying peer
> >>is able to make a distinction between a mobility and multi-homing
> >>situation.  That is, if there is a real multi-homed host, it probably
> >>has a set of fairly stable addresses.  However, there might be an
> >>attacker that has a transient address but that claims that the transient
> >>address is one of its stable addresses.  If it is able to convince
> >>the verifying party that the transient address is a stable address,
> >>that seems to open up time shifting attacks.
> >
> > Yes. However, the attack is only possible at the begining of the
> > communication and it is not possible for the rest of the communication
> > lifetime (which would be the mobility case)
>
> Right.  However, the attacker is most probably able to select
> the most convenient time to initiate communication.  Hence, I don't
> see this much changing the situation.

I think there is an important difference. As you mention, the attacker can
initiate a new communication whenever he wants, but he cannot hijack an
already initiated communication, which would be possible in the mip scenario
by just sending a BU in an existent communication.

>
> > This is still less secure than regular IPv6 but the time that
> the nodes are
> > exposed to attacks is much more limited. I do not know if this
> would be good
> > enough, though.
>
> The real question is whether there are attacks against standard
> non-multi-homed hosts or flooding attacks against networks.
> It looks like there might be.
>
> I am starting to think that we would need a proper security
> analysis on multi-address multi-homing.  I might be willing
> to spend some cycles on writing a draft on that, but only
> later in the fall  (starting from mid September or so).
>

I think that this would be really usefull. I am willing to try to comment if
you write something.

Thanks, marcelo

> --Pekka NIkander
>
>

Follow-Ups:
- Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
  - From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>

References:
- Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
  - From: Pekka Nikander <pekka.nikander@nomadiclab.com>

Prev by Date: RE: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
Next by Date: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
Previous by thread: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
Next by thread: Re: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
Index(es):
- Date
- Thread