Re: [dtn-security] Including fragment offset in the correlator doesn't prevent all fragment collisions.
"Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov> Thu, 21 March 2013 04:19 UTC
Return-Path: <william.d.ivancic@nasa.gov>
X-Original-To: dtn-security@ietfa.amsl.com
Delivered-To: dtn-security@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3CB4711E80EE for <dtn-security@ietfa.amsl.com>; Wed, 20 Mar 2013 21:19:35 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.599
X-Spam-Level:
X-Spam-Status: No, score=-2.599 tagged_above=-999 required=5 tests=[AWL=-0.001, BAYES_00=-2.599, HTML_MESSAGE=0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iA+MFDFvZ20P for <dtn-security@ietfa.amsl.com>; Wed, 20 Mar 2013 21:19:33 -0700 (PDT)
Received: from ndjsnpf03.ndc.nasa.gov (NDJSNPF03.ndc.nasa.gov [IPv6:2001:4d0:a302:1100::103]) by ietfa.amsl.com (Postfix) with ESMTP id 4E02B11E80BA for <dtn-security@irtf.org>; Wed, 20 Mar 2013 21:19:29 -0700 (PDT)
Received: from ndjsppt103.ndc.nasa.gov (NDJSPPT103.ndc.nasa.gov [198.117.1.197]) by ndjsnpf03.ndc.nasa.gov (Postfix) with ESMTP id 07C6A2D8205; Wed, 20 Mar 2013 23:19:29 -0500 (CDT)
Received: from ndjshub04.ndc.nasa.gov (ndjshub04-pub.ndc.nasa.gov [198.117.1.34]) by ndjsppt103.ndc.nasa.gov (8.14.5/8.14.5) with ESMTP id r2L4JSpi017238; Wed, 20 Mar 2013 23:19:28 -0500
Received: from NDJSSCC07.ndc.nasa.gov ([198.117.4.178]) by ndjshub04.ndc.nasa.gov ([10.202.202.163]) with mapi; Wed, 20 Mar 2013 23:19:28 -0500
From: "Ivancic, William D. (GRC-RHN0)" <william.d.ivancic@nasa.gov>
To: Amy Alford <aloomis@sarn.org>, Peter Lovell <plovell@mac.com>
Date: Wed, 20 Mar 2013 23:19:58 -0500
Thread-Topic: [dtn-security] Including fragment offset in the correlator doesn't prevent all fragment collisions.
Thread-Index: Ac4lw8UUioJBUzfWRem5xtXjA/y+qQAJ5Pdk
Message-ID: <CD7002AE.120A7%william.d.ivancic@nasa.gov>
In-Reply-To: <CAB9rx+_G87R-ZtwBx14jX8YkmX__zjhhVXn8XesZztMaY0vZXg@mail.gmail.com>
Accept-Language: en-US
Content-Language: en-US
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
user-agent: Microsoft-Entourage/13.11.0.110726
acceptlanguage: en-US
Content-Type: multipart/alternative; boundary="_000_CD7002AE120A7williamdivancicnasagov_"
MIME-Version: 1.0
X-Proofpoint-Virus-Version: vendor=fsecure engine=2.50.10432:5.10.8626, 1.0.431, 0.0.0000 definitions=2013-03-20_12:2013-03-20, 2013-03-20, 1970-01-01 signatures=0
Cc: dtn-security <dtn-security@irtf.org>
Subject: Re: [dtn-security] Including fragment offset in the correlator doesn't prevent all fragment collisions.
X-BeenThere: dtn-security@irtf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: "The Delay-Tolerant Networking Research Group \(DTNRG\) - Security." <dtn-security.irtf.org>
List-Unsubscribe: <https://www.irtf.org/mailman/options/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/dtn-security>
List-Post: <mailto:dtn-security@irtf.org>
List-Help: <mailto:dtn-security-request@irtf.org?subject=help>
List-Subscribe: <https://www.irtf.org/mailman/listinfo/dtn-security>, <mailto:dtn-security-request@irtf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Mar 2013 04:19:35 -0000
A 5 GB bundle come forms Mr. Bad. You don’t want to store anything from Mr. Bad, but you cannot confirm the source using PIB until you receive the entire bundle thus eating up 5 GB of resources. It is broken. -- Will ________________________________ From: Amy Alford <aloomis@sarn.org> Date: Wed, 20 Mar 2013 18:36:32 -0500 To: Peter Lovell <plovell@mac.com> Cc: dtn-security <dtn-security@irtf.org> Subject: Re: [dtn-security] Including fragment offset in the correlator doesn't prevent all fragment collisions. A 100 byte bundle is created. Different nodes independently fragment it into 50 byte fragments. A subsequent node adds PIB and PCB (so we have correlated PCB blocks) to each fragment with a security destination of the bundle destination. The correlators can collide. (In DTN2, they will collide.) If the fragments are reassembled before the destination, the destination has no way to distinguish the PCB blocks that should correlate with each other. Alternatively, if we assume reassembly only happens at the destination (which 5050 doesn't guarantee), we still have a problem if we use a two block PIB ciphersuite where one block comes before the payload and one comes after. A node creates a 100 byte bundle. It's independently fragmented into 50 byte bundles. A subsequent node adds a PIB ciphersuite with a correlated block trailing the payload. Again, the correlators collide. Now, each 50 byte fragment is fragmented again. So, we have fragments: (I'm numbering the PIB instances so that we can distinguish them in the discussion. The numbers don't correspond to anything identifiable in the blocks themselves.) PIB 1 with correlator x -> 0-25 25-50 -> PIB 1 with correlator x PIB 2 with correlator y -> 50-75 75-100 -> PIB 2 with correlator y PIB 3 with correlator x -> 0-25 25-50 -> PIB 3 with correlator x PIB 4 with correlator y -> 50-75 75-100 -> PIB 4 with correlator y The receiving node has no way to realize that that pre-payload PIB 1 with correlator x doesn't match up to the post-payload PIB 3 with correlator x. - Amy On Tue, Mar 19, 2013 at 9:11 PM, Peter Lovell <plovell@mac.com> wrote: Amy Alford <aloomis@sarn.org> wrote: >A bundle can be fragmented multiple times independently, so a node may >receive multiple fragments with the same offset and length that have >traveled different paths (and accumulated different BSP blocks along the >way). Collisions in the correlator values once the bundle is reassembled >are inevitable. >- Amy Hi Amy, my thought is that we have covered the problem of multiple-fragmentation and multi-path, but perhaps not. Can you describe a bundle scenario that exemplifies the issue you see, so we can think about it. Thanks.....Peter
- Re: [dtn-security] Including fragment offset in t… Stephen Farrell
- Re: [dtn-security] Including fragment offset in t… Amy Alford
- [dtn-security] Including fragment offset in the c… Amy Alford
- Re: [dtn-security] Including fragment offset in t… Peter Lovell
- Re: [dtn-security] Including fragment offset in t… Ivancic, William D. (GRC-RHN0)
- Re: [dtn-security] Including fragment offset in t… Elwyn Davies
- Re: [dtn-security] Including fragment offset in t… Amy Alford
- Re: [dtn-security] Including fragment offset in t… Ivancic, William D. (GRC-RHN0)
- Re: [dtn-security] Including fragment offset in t… Amy Alford
- Re: [dtn-security] Including fragment offset in t… Amy Alford
- [dtn-security] Re(2): Including fragment offset i… Peter Lovell
- [dtn-security] Re(4): Including fragment offset i… Peter Lovell
- Re: [dtn-security] Re(4): Including fragment offs… Amy Alford
- Re: [dtn-security] Re(4): Including fragment offs… Elwyn Davies
- Re: [dtn-security] Re(4): Including fragment offs… Amy Alford
- Re: [dtn-security] Re(4): Including fragment offs… Burleigh, Scott C (313B)
- Re: [dtn-security] Re(4): Including fragment offs… Amy Alford
- Re: [dtn-security] Re(4): Including fragment offs… Burleigh, Scott C (313B)
- Re: [dtn-security] Re(4): Including fragment offs… l.wood
- Re: [dtn-security] Re(4): Including fragment offs… Amy Alford
- Re: [dtn-security] Re(4): Including fragment offs… Burleigh, Scott C (313B)
- Re: [dtn-security] Re(4): Including fragment offs… Burleigh, Scott C (313B)
- Re: [dtn-security] Re(4): Including fragment offs… Amy Alford
- Re: [dtn-security] Re(4): Including fragment offs… Burleigh, Scott C (313B)