IETF Logo Mail Archive

[Hipsec] mm-03 CBA fixes

"Henderson, Thomas R" <thomas.r.henderson@boeing.com> Thu, 13 April 2006 15:20 UTC

Received: from [127.0.0.1] (helo=stiedprmman1.va.neustar.com) by megatron.ietf.org with esmtp (Exim 4.43) id 1FU3cC-0002fi-Tk; Thu, 13 Apr 2006 11:20:12 -0400
Received: from [10.91.34.44] (helo=ietf-mx.ietf.org) by megatron.ietf.org with esmtp (Exim 4.43) id 1FU3cB-0002fd-At for hipsec@ietf.org; Thu, 13 Apr 2006 11:20:11 -0400
Received: from stl-smtpout-01.boeing.com ([130.76.96.56]) by ietf-mx.ietf.org with esmtp (Exim 4.43) id 1FU3cA-00006J-06 for hipsec@ietf.org; Thu, 13 Apr 2006 11:20:11 -0400
Received: from stl-av-01.boeing.com ([192.76.190.6]) by stl-smtpout-01.boeing.com (8.9.2.MG.10092003/8.8.5-M2) with ESMTP id KAA10025; Thu, 13 Apr 2006 10:19:46 -0500 (CDT)
Received: from XCH-NWBH-11.nw.nos.boeing.com (localhost [127.0.0.1]) by stl-av-01.boeing.com (8.11.3/8.11.3/MBS-AV-LDAP-01) with ESMTP id k3DFJjN26902; Thu, 13 Apr 2006 10:19:45 -0500 (CDT)
Received: from XCH-NW-5V1.nw.nos.boeing.com ([130.247.55.44]) by XCH-NWBH-11.nw.nos.boeing.com with Microsoft SMTPSVC(6.0.3790.1830); Thu, 13 Apr 2006 08:19:40 -0700
X-MimeOLE: Produced By Microsoft Exchange V6.5
Content-class: urn:content-classes:message
MIME-Version: 1.0
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: quoted-printable
Date: Thu, 13 Apr 2006 08:19:39 -0700
Message-ID: <77F357662F8BFA4CA7074B0410171B6D01A2F00D@XCH-NW-5V1.nw.nos.boeing.com>
In-Reply-To: <77F357662F8BFA4CA7074B0410171B6D01A2EFB1@XCH-NW-5V1.nw.nos.boeing.com>
X-MS-Has-Attach:
X-MS-TNEF-Correlator:
Thread-Topic: mm-03 CBA fixes
Thread-Index: AcZXNp9zVFlWgAyoQAqsLCJ8SQG/OwCVan9wAV9pt+A=
From: "Henderson, Thomas R" <thomas.r.henderson@boeing.com>
To: Miika Komu <miika@iki.fi>, hipsec@ietf.org
X-OriginalArrivalTime: 13 Apr 2006 15:19:40.0295 (UTC) FILETIME=[AF109170:01C65F0D]
X-Spam-Score: 0.0 (/)
X-Scan-Signature: d185fa790257f526fedfd5d01ed9c976
Cc:
Subject: [Hipsec] mm-03 CBA fixes
X-BeenThere: hipsec@lists.ietf.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "This is the official IETF Mailing List for the HIP Working Group." <hipsec.lists.ietf.org>
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@lists.ietf.org?subject=unsubscribe>
List-Archive: <http://www1.ietf.org/pipermail/hipsec>
List-Post: <mailto:hipsec@lists.ietf.org>
List-Help: <mailto:hipsec-request@lists.ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/hipsec>, <mailto:hipsec-request@lists.ietf.org?subject=subscribe>
Errors-To: hipsec-bounces@lists.ietf.org

Returning to the mm draft comments from Miika.

> > 
> > > Figure 10.
> > 
> > Can the "+ address change" in the lower left corner be removed?
> > 
> 
> I will check with Christian about this figure, as your question has
> raised also a question in my mind whether it is correct.
> 

Christian has provided the following corrected figure.


        +-------+                        +-------+
        |   A   |                        |   B   |
        +-------+                        +-------+
            |                                |
    address |------------------------------->| credit += size(packet)
     ACTIVE |                                |
            |------------------------------->| credit += size(packet)
            |<-------------------------------| don't change credit
            |                                |
            + address change                 |
            + address verification starts    |
    address |<-------------------------------| credit -= size(packet)
 UNVERIFIED |------------------------------->| credit += size(packet)
            |<-------------------------------| credit -= size(packet)
            |                                |
            |<-------------------------------| credit -= size(packet)
            |                                X credit < size(packet)
            |                                | => do not send packet!
            + address verification concludes |
    address |                                |
     ACTIVE |<-------------------------------| don't change credit
            |                                |

             Figure 10: Readdressing Scenario

In the course of revising this, I discussed with Christian some
additional clarifying text and would like to propose the following text
that we worked out together:

- Section 3.3.2:  Add the following sentence right before the figure:

"Not shown in Figure 10 are the results of credit aging (Section
5.5.2), a mechanism used to dampen possible time-shifting attacks."

- Section 5.5:  At the beginning of this section (before reaching 5.5.1)
add:

"To prevent redirection-based flooding attacks, the use of
a Credit-Based Authorization (CBA) approach is mandatory when a host
sends data to an UNVERIFIED locator.  The following algorithm meets
the security considerations for prevention of amplification and
time-shifting attacks.  Other forms of credit aging--- and other values
for the CreditAgingFactor and CreditAgingInterval parameters in
particular--- are for further study, and so are the advanced CBA
techniques specified in [1]."

[1]
http://doc.tm.uka.de/2005/draft-vogt-mobopts-credit-based-authorization-
00.txt

(note to Christian:  This document [1] will need some official status or
republishing as a technical report)

- Section 6.  Add the following sentence just before starting Section
6.1:

"Security considerations for Credit-Based Authorization are discussed in
[2]."

[2]
http://doc.tm.uka.de/2006/draft-vogt-mobopts-simple-cba-00.txt

(note:  Christian says that he is working with Jari to publish this
draft)

Tom

_______________________________________________
Hipsec mailing list
Hipsec@lists.ietf.org
https://www1.ietf.org/mailman/listinfo/hipsec

v2.23.0 | Report a Bug | By Email