Re: [dtn-security] Including fragment offset in the correlator doesn't prevent all fragment collisions.

"Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov> Wed, 20 March 2013 01:35 UTC

Return-Path: <william.d.ivancic@nasa.gov>
X-Original-To: dtn-security@ietfa.amsl.com
Delivered-To: dtn-security@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 0CAE621F8D60 for <dtn-security@ietfa.amsl.com>; Tue, 19 Mar 2013 18:35:33 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[BAYES_00=-2.599]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id l4xlxPL0oCRT for <dtn-security@ietfa.amsl.com>; Tue, 19 Mar 2013 18:35:32 -0700 (PDT)
Received: from ndmsnpf03.ndc.nasa.gov (NDMSNPF03.ndc.nasa.gov [IPv6:2001:4d0:8302:1100::103]) by ietfa.amsl.com (Postfix) with ESMTP id 4CB0E21F8C00 for <dtn-security@irtf.org>; Tue, 19 Mar 2013 18:35:32 -0700 (PDT)
Received: from ndjsppt102.ndc.nasa.gov (NDJSPPT102.ndc.nasa.gov [198.117.1.196]) by ndmsnpf03.ndc.nasa.gov (Postfix) with ESMTP id 9400B2D807A; Tue, 19 Mar 2013 20:35:31 -0500 (CDT)
Received: from ndjshub06.ndc.nasa.gov (ndjshub06.ndc.nasa.gov [198.117.4.165]) by ndjsppt102.ndc.nasa.gov (8.14.5/8.14.5) with ESMTP id r2K1ZViF003050; Tue, 19 Mar 2013 20:35:31 -0500
Received: from NDJSSCC07.ndc.nasa.gov ([198.117.4.178]) by ndjshub06.ndc.nasa.gov ([198.117.4.165]) with mapi; Tue, 19 Mar 2013 20:35:31 -0500
From: "Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov>
To: Peter Lovell <plovell@mac.com>, Amy Alford <aloomis@sarn.org>, dtn-security <dtn-security@irtf.org>
Date: Tue, 19 Mar 2013 20:35:50 -0500
Thread-Topic: [dtn-security] Including fragment offset in the correlator doesn't prevent all fragment collisions.
Thread-Index: Ac4lB+hQiXX8bntfSgmpyjv9MwIADgAA1hbP
Message-ID: <CD6E8AB6.11FDB%william.d.ivancic@nasa.gov>
In-Reply-To: <20130320011114.1072992195@smtp.mail.me.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-Entourage/13.11.0.110726
acceptlanguage: en-US
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8626, 1.0.431, 0.0.0000 definitions=2013-03-19_06:2013-03-19, 2013-03-19, 1970-01-01 signatures=0
Subject: Re: [dtn-security] Including fragment offset in the correlator doesn't prevent all fragment collisions.
X-BeenThere: dtn-security@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The Delay-Tolerant Networking Research Group \(DTNRG\) - Security." <dtn-security.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/dtn-security>
List-Post: <mailto:dtn-security@irtf.org>
List-Help: <mailto:dtn-security-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 20 Mar 2013 01:35:33 -0000

Amy,

I do not believe RFC5050 was designed with secure reactive fragmentation in
mind.  RFC5050 is fine for research.  Hopefully we are learning a lot and
will fix what doesn't work very well on a second or third iteration.

-- Will 


> From: Peter Lovell <plovell@mac.com>
> Date: Tue, 19 Mar 2013 20:11:14 -0500
> To: Amy Alford <aloomis@sarn.org>rg>, dtn-security <dtn-security@irtf.org>
> Subject: Re: [dtn-security] Including fragment offset in the correlator
> doesn't prevent all fragment collisions.
> 
> Amy Alford <aloomis@sarn.org> wrote:
> 
>> A bundle can be fragmented multiple times independently, so a node may
>> receive multiple fragments with the same offset and length that have
>> traveled different paths (and accumulated different BSP blocks along the
>> way).  Collisions in the correlator values once the bundle is reassembled
>> are inevitable.
>> - Amy
> 
> Hi Amy,
> 
> my thought is that we have covered the problem of multiple-fragmentation and
> multi-path, but perhaps not.
> 
> Can you describe a bundle scenario that exemplifies the issue you see, so we
> can think about it.
> 
> Thanks.....Peter
> 
> _______________________________________________
> dtn-security mailing list
> dtn-security@irtf.org
> https://www.irtf.org/mailman/listinfo/dtn-security