[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: address pair exploration, flooding and state loss



Hi Erik,

I think this mechanism you outline can do thee trick.
thanks, marcelo


El 26/05/2005, a las 22:42, Erik Nordmark escribió:


As i think we concluded a while ago, the key point is that these particular error messages cannot be sent spontaneously, but must be sent as a reply to a packet of the context (which must carry this random nonce)

Yes, only as a reply.

this, i guess imposes that data packets of the context, that need to be demuxed, need not only to carry the context tag, but also this security nonce.

If the context tag is big enough and randomly allocated (at least hard to guess), then it would be sufficient. Question is how big would be sufficient? 20 bits?


We can do a two step scheme where the hosts allocate large context tags, but the data packets only contain the last N bits of the tag.
This would allow e.g. the shim6 signaling to use the tags with all the bits (which makes it harder for off-path attackers to inject bogus shim6 signaling messages).
But one can also then use this for the lost context case as in:
1. A sends data packet to B. Contains a small number of bits of the context tag.
2. B doesn't have any state. Responds with an error which includes the above bits.
3. A sends a "have you really lost the context" message, which includes the full context tag.
4. B responds and echoes the full context tag.


I guess a variant of this is that the context tag remains short and in #3 there is a random nonce plus the shortish context tag.

   Erik