[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: CGA Use with HBA in Shim6 IETF Meeting July 10, 2006
In your previous mail you wrote:
so for multihoming purposes, which is the scope of this working group,
the security of the shim6 protocol provided by HBA and CGA are exactly
equivalent right?
=> HBA is the weaker mechanism providing the required security for
multi-homing. This doesn't change my argument saying than
HBA < CGA < IPsec or address sharing < ownership < authentication.
> => I am afraid you believe any bit string is a valid public key, this
> is
> not the case for RSA. It does not matter for real brute force attacks
> (the modifier is long enough) but should matter for more sophisticate
> attacks using some vulnerabilities in the hash function.
but this is exactly why the modifier is included in the initial part of
the string, in order to prevent other type of attacks (i.e. the part
that is easy to change is at the begining, so the attacker cannot
benefit from precomputed parts of the hash)
=> you do an assumption about possible more sophisticate attacks
which can be false (and nobody knows as they are possible and likely
not yet known), i.e., this detail in the design is good but perhaps far
from to be enough.
Regards
Francis.Dupont@point6.net