[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: additional attack for multi6 threat draft?

To: mbagnulo@ing.uc3m.es
Subject: Re: additional attack for multi6 threat draft?
From: Masataka Ohta <mohta@necom830.hpcl.titech.ac.jp>
Date: Tue, 09 Dec 2003 05:13:25 +0900
Cc: multi6@ops.ietf.org
In-reply-to: <LIEEJBCNFDJHFFKJJDPAIECIDHAA.mbagnulo@ing.uc3m.es>
References: <LIEEJBCNFDJHFFKJJDPAIECIDHAA.mbagnulo@ing.uc3m.es>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax)

marcelo;

Why?
Why?

Can you name some protocol that does not do this?

Take mip and remove the rr check.
You are supposedly talking to the HoA but you are sending packets to the
CoA, so you don't have a RR check of the address that you are supposed to be
talking to i.e. the HoA


You are talking about triangle elimination, which, as I mentioned, is
a cause of new form of redirection attack.

However, it is purely a mobility issue having nothing to do with
multihoming.

A CN and a MN can use all the complex security mechanism to locate
and identify each other. However, it does not prevent MN redirection
of traffic of CN to a DOS victim. The victim can be protected from
DoS, if 8+8 is used, though the network around the victim still suffer.

Again, RR is fine to verify locators but it is not so great to verify
identifiers.

RR check involves cookie exchange, which is to verify the identity.

In multi6 where we may need redirection, you cannot assume that RR will be
available to verify identities

Cookie is our friend.

Masataka Ohta

References:
- RE: additional attack for multi6 threat draft?
  - From: "marcelo bagnulo" <mbagnulo@ing.uc3m.es>

Prev by Date: Re: Terminology [Re: Some Comments on ID/Loc Separation Proposals]
Next by Date: RE: delayed multihoming/mobility set-up
Previous by thread: RE: additional attack for multi6 threat draft?
Next by thread: Re: additional attack for multi6 threat draft?
Index(es):
- Date
- Thread