[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Advantages and disadvantages of using CB64 type of identifiers

To: "Christian Huitema" <huitema@windows.microsoft.com>
Subject: Re: Advantages and disadvantages of using CB64 type of identifiers
From: marcelo bagnulo braun <mbagnulo@ing.uc3m.es>
Date: Sat, 3 Jul 2004 15:01:43 +0200
Cc: "Multi6 List" <multi6@ops.ietf.org>, "Erik Nordmark" <Erik.Nordmark@sun.com>
In-reply-to: <DAC3FCB50E31C54987CD10797DA511BA09D46E65@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com>
References: <DAC3FCB50E31C54987CD10797DA511BA09D46E65@WIN-MSG-10.wingroup.windeploy.ntdev.microsoft.com>

Hi Christian,

El 02/07/2004, a las 19:21, Christian Huitema escribió:

My understanding is that SeND chose different IIDs for different
prefixes
but that might be overkill. If the IID is not a function of the prefix
it would enable redirection by a resourceful attacker
by precomputing 2^64 public/private keys that hash to all 2^64 IIDs.
If the content of the packets are encrypted the redirection would not
provide access to the content; it could only be used for DoS or for
gathering the content for cryptoanalysis.
There are two issues: catalog attacks and privacy implications. I have already expressed my reservations about the privacy effects of having unique identifiers in addresses. I would certainly not recommend that my company ships anything like that.

i don't fully understand why do you think that having an identifier in the address is worse than current IPv4 situation (where the id and locator are one, and multihomed sites have a single address) or the current IPv6 situation (i guess that something similar to privacy extensions could be achieved by periodically creating new keys hence new identifiers)

A while back Jari Arkko computed the amount of space needed to store
2^64 precomputed keys, and the storage space was a few buildings the
size
of the former world trade center buildings I think.
You do not need to compute 2^64 keys to start having an effect. Suppose that there are N users in the system, and that the bad guys have computed a catalog of M keys. The average number of hits that a catalog of size N will achieve is approximately NxM/2^64. There are currently at least 500M Internet users, it is reasonable to expect some growth, so we can set N to about 1 billion -- 2^30. This means you need M=2^34 to get at least one hit.

Yes but how useful would this single hit be? i mean this hit is likely to correspond with an identifier of an unknown host. i guess that an attacker would be interested in knowing the identifier of a specific victim, right?

perhaps we need (at least i need) to understand the potential attacks a bit more...

 That is probably less than a Terabyte of data, i.e.
pretty soon a single hard disk.

Everybody should be convinced that, when it comes to cryptography, 2^64
is actually a small number. SEND alleviates this risk by
cryptographically link a public key to the entire 128 bits of the
address. This is NOT overkill.

i still don't have an opinion about this being an overkill or not.

regards, marcelo

-- Christian Huitema

References:
- RE: Advantages and disadvantages of using CB64 type of identifiers
  - From: "Christian Huitema" <huitema@windows.microsoft.com>

Prev by Date: Re: 2nd part Re: revision of architecture draft is now published
Next by Date: Re: revision of architecture draft is now published
Previous by thread: RE: Advantages and disadvantages of using CB64 type of identifiers
Next by thread: Is 80 bits enough? [Re: Advantages and disadvantages of using CB64 type of identifiers]
Index(es):
- Date
- Thread