[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
additional attack for multi6 threat draft?
Hi,
Perhaps there is an additional attack that should be included in the threat
draft
The attack would be something like this
an attacker X wants to impersonate another host B in future communications
initiated by A to B
(i will use mip notation to simplify)
X sends to A a sort of BU binding X as the CoA and B as the HoA (in order to
do this X may need to be on the path between A and B, but if this is only
for a short period of time that attack can be successful)
If the attacker has a mean to maintain the binding in host A (for instance
sending periodic pings to it or other packets that will end up being
discarded by the ULP), then when eventually A wants to communicate with B, A
will send packets to X
Do you think this is a real threat?
IMHO, this is the real attack that can be prevented by limiting BCE in mip6.
I think this threat is not considered in the threat draft...
IMHO this is related to the attacks included in the 4.1.2 section about
premeditated redirection but i don't think that it is inlcuded there.
the example considered in the threat draft is that A and B will comunicate,
so X sends a BU to B containing A as a HoA and X as a CoA
then the described attack continues considering that A tries to communicate
with B and the problems that arise
The attack described above is about the case when B initiates the
communication. IMHO this is potentially more dangerous, because probably X
will be able to impersonate A, and B will actually believe that it is
communicating with A when he is actually communicating with X
So if you think this is important enough to be included, i can try to write
a paragraph about it if you want.
Regards, marcelo