[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: Reasonable to use crypto in all communications? (Re: Fwd: Minutes/Notes)
> -----Mensaje original-----
> De: Pekka Nikander [mailto:pekka.nikander@nomadiclab.com]
> Enviado el: viernes, 25 de julio de 2003 20:11
> Para: marcelo bagnulo
> CC: multi6@ops.ietf.org
> Asunto: Re: Reasonable to use crypto in all communications? (Re: Fwd:
> Minutes/Notes)
>
>
> marcelo bagnulo wrote:
> >>Hmm. Good points. The real question is whether the verifying peer
> >>is able to make a distinction between a mobility and multi-homing
> >>situation. That is, if there is a real multi-homed host, it probably
> >>has a set of fairly stable addresses. However, there might be an
> >>attacker that has a transient address but that claims that the transient
> >>address is one of its stable addresses. If it is able to convince
> >>the verifying party that the transient address is a stable address,
> >>that seems to open up time shifting attacks.
> >
> > Yes. However, the attack is only possible at the begining of the
> > communication and it is not possible for the rest of the communication
> > lifetime (which would be the mobility case)
>
> Right. However, the attacker is most probably able to select
> the most convenient time to initiate communication. Hence, I don't
> see this much changing the situation.
I think there is an important difference. As you mention, the attacker can
initiate a new communication whenever he wants, but he cannot hijack an
already initiated communication, which would be possible in the mip scenario
by just sending a BU in an existent communication.
>
> > This is still less secure than regular IPv6 but the time that
> the nodes are
> > exposed to attacks is much more limited. I do not know if this
> would be good
> > enough, though.
>
> The real question is whether there are attacks against standard
> non-multi-homed hosts or flooding attacks against networks.
> It looks like there might be.
>
> I am starting to think that we would need a proper security
> analysis on multi-address multi-homing. I might be willing
> to spend some cycles on writing a draft on that, but only
> later in the fall (starting from mid September or so).
>
I think that this would be really usefull. I am willing to try to comment if
you write something.
Thanks, marcelo
> --Pekka NIkander
>
>