[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: New multi6 draft: WIMP
On 28-jan-04, at 16:57, Jukka Ylitalo wrote:
We have submitted a new multi6 draft to I-D directory. The draft
defines a Weak Identifier Multihoming Protocol (WIMP), and we wrote it
in order to see how opportunistic/weak authentication methods could be
used to sove the multi6 problem.
Ok. This is basically a secure negotiation mechanism. All other aspects
of multihoming are only addressed fleetingly, if at all.
When a host wants to negotiate new addresses, some info is split into n
pieces and sent to n addresses. What happens if less than the full set
of n addresses is reachable?
I believe there is a problem with the gradual release of secret
information (such as hash chains) when a man in the middle can trick
both sides to become desynchronized such that side A has two messages
in transit, messages M+1 and M+2, with an ealier message being M. M,
M+1 and M+2 are protected using hashes X, X+1 and X+2, respectively.
Side B can check whether message M+1 is authentic by taking X+1,
performing a function over it and determining whether the result is
equal to X. However, a man in the middle that already has X+2 could
create X+1 and then use this value to create an authentic-looking
message M+1. Or am I missing something?