IETF Logo Mail Archive

Re: [manet] New AODVv2 draft and status

Jiazi YI <ietf@jiaziyi.com> Thu, 21 April 2016 20:38 UTC

Return-Path: <yi.jiazi@gmail.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 3FAB812DD27 for <manet@ietfa.amsl.com>; Thu, 21 Apr 2016 13:38:10 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.399
X-Spam-Level:
X-Spam-Status: No, score=-2.399 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, FREEMAIL_FORGED_FROMDOMAIN=0.199, FREEMAIL_FROM=0.001, HEADER_FROM_DIFFERENT_DOMAINS=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mg3MDlKr5jqB for <manet@ietfa.amsl.com>; Thu, 21 Apr 2016 13:38:08 -0700 (PDT)
Received: from mail-wm0-x234.google.com (mail-wm0-x234.google.com [IPv6:2a00:1450:400c:c09::234]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 89D8212B04E for <manet@ietf.org>; Thu, 21 Apr 2016 13:38:07 -0700 (PDT)
Received: by mail-wm0-x234.google.com with SMTP id v188so259335847wme.1 for <manet@ietf.org>; Thu, 21 Apr 2016 13:38:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc; bh=2+gBFA9FATWDwjCy/cQrlJawTDhrRZlEcUfhp90XsjE=; b=j3i4WGYJF+7A2R9w/IXW0t2Xg0a8TLUVYdy4MAF6qVZeA0xBT8LeQJ8yikBwuDTNC4 Qj55kxFiXhzeslYUXpnpEAQXLueU4cz7iX4FAKymepDcwIY1//CibmmUrkBpkfH8yywX fj8iE01GSMvQ8G7fy31vLXfvwq6wLGv45DLOmPapdPT0GTZGONYE37a4N3Vj/xKzS61M 1S5ixS4r+5CAT//vPtg/oCIDWjOkRGy8JzoKPPuJs2ZpLEvz9W5GA/PtWyPgNUYyuOUD /FXhsF87YDbohYpy0WTMJZsuPlcGn/WICQYVAnODXtZtiDtmWOQTUXh50cHNphXw84WJ gZbg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:date :message-id:subject:from:to:cc; bh=2+gBFA9FATWDwjCy/cQrlJawTDhrRZlEcUfhp90XsjE=; b=IspPvODYWBqPRpyk58TnqfOLwfZyEx8r+Oz0BjLCxEzvgtoJ44FEQ2KrwlPRVx6iEP JTf+iHFxcADR4KNs4QfN+XoYS+Cj3Wwg2Eo/NQMUDqe1LxCpU/7IjfRA3DbrfcMQDodG o9+s8vnyo4rNg59kJ0Y6s39z1mz8lTt849xXKxgCsZpyXRLZ6Iu5YQlIwjOfKDLn5eUo 8zVuuIODFCPMmaaHI1YhkJbszrju9Pn9xNknWABtQTg5nTWIYOUQm3fIPkR+9WJ6W5OS HW1qMqBg/2k916tDG00mo1PA1ngozB7W6Jg27zEz8JHdyqaO6EzHigKyEE2S1Cvogfh6 9h1A==
X-Gm-Message-State: AOPr4FX6n/kuxnHteCVdebCL7PKuDjTFCCtUH3iKeUPzpilq7IiuDoDgz9tzhTdD7g72kiTCb5RVythA3GIO8g==
MIME-Version: 1.0
X-Received: by 10.28.54.208 with SMTP id y77mr36353699wmh.17.1461271086060; Thu, 21 Apr 2016 13:38:06 -0700 (PDT)
Sender: yi.jiazi@gmail.com
Received: by 10.194.153.166 with HTTP; Thu, 21 Apr 2016 13:38:05 -0700 (PDT)
In-Reply-To: <57191FDD.5010707@earthlink.net>
References: <CA+-pDCdh2O1iuVKTj+=kV=52Mx7qLNE3PB7M=WbPLCv4Vd9KoQ@mail.gmail.com> <CAN1bDFxMu4P6q1HOsGwELx1Y9fEigWYcwWUQqFXSMEa0BvCf8Q@mail.gmail.com> <CADnDZ8-2cCoPVDAr9g0q3ir0J5bJKYK1udYd2TzE82HOcpBkLg@mail.gmail.com> <927E6489-D927-4670-A24C-5A5D9B58C05D@gmail.com> <57191FDD.5010707@earthlink.net>
Date: Thu, 21 Apr 2016 22:38:05 +0200
X-Google-Sender-Auth: 1I3ctYZzxIix5xgce6DMzCoxNes
Message-ID: <CAN1bDFyLdnkRBe_qQLW4JFNJxGzOs8=kTTCbRwrnRh+0WprDyQ@mail.gmail.com>
From: Jiazi YI <ietf@jiaziyi.com>
To: Charlie Perkins <charles.perkins@earthlink.net>
Content-Type: multipart/alternative; boundary="001a11435430015fc5053104b07c"
Archived-At: <http://mailarchive.ietf.org/arch/msg/manet/7nxp6LhBRKXPzuVBlQ_FSrCPAAM>
Cc: "manet@ietf.org" <manet@ietf.org>
Subject: Re: [manet] New AODVv2 draft and status
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Apr 2016 20:38:10 -0000

Hi,


On Thu, Apr 21, 2016 at 8:45 PM, Charlie Perkins <
charles.perkins@earthlink.net> wrote:

> <snip>
>
> Regarding security: if AODVv2 were to solve all the possible security
> exposures of ad hoc networks, it would be historic and worthy of
> publication -- probably would win paper of the year. Needless to say, that
> was never part of the charter.
>


But security and its consideration are part of every specification.

As one who co-authored several vulnerability analysis drafts/RFCs
(ndhp-sec-threats, smf-sec-threats, olsrv2-sec-threats), what we always do
for a protocol is:

  - assuming that we have a compromised router in the network, what can it
do to break the network? What's the consequences? What about if there are
several of them?

  - what about if there are mis-configured routers or wrong-implemented
routers?

  - what kind of threats can be mitigated by existed security measurements
(like RFC 7182/7183)?

  - what kind of future work can be done to make the protocol more secure?

With the current AODVv2 specification, if I was to produce a
aodvv2-sec-threats draft, it would be much simpler:

   - one single compromised router can easily jam the whole network (RREQ
flooding), or even bring down the whole network (remember the multicast
RERR?) because of the transit-trust model used.

  - with my limited knowledge, as future work, there is no easy way to
protect the message because of the reconstructed and length-varied message
regenerated in every hop.


Even *if* security was acceptable as future work (it is not, but as a
thought experiment, let's assume), there is no easy way to protect the
message because of the reconstructed and length-varied message regenerated
in every hop.

Securing a reactive protocol requires different considerations than does
securing a proactive protocol, but there has been work done in this area,
and other WG participants have raised both their concerns, and suggestions
to security architectures, and protocol architectures (better) able to
accommodate security, a long time ago. I don't see those works, nor the
suggestions and comments made, reflected or considered in revision -15 of
the draft. Especially, the current design based on message regeneration
makes the future extension to the security very hard, as has been
reiterated repeatedly.

Abdussalam doesn't agree with me on my observation on "Lack of response
from the author team on the comments. " -- this is an example.

regards

Jiazi

btw, I would like to confirm with the WG chair: the WGLC is from April 20th
to May 4th, right?



>
> Regards,
> Charlie P.
>
>
>
> On 4/21/2016 11:24 AM, John Dowdell wrote:
>
>> All
>>
>> I believe we’re going about this the wrong way, and we’re setting
>> ourselves an impossible target at which we are bound to fail.
>>
>> BCP 9, governing the Internet Standards process, section 4.1.1 deals with
>> the first level of maturity, termed Proposed Standard. To paraphrase, a
>> Proposed Standard is supposed to be as correct as we can make it, but there
>> is no requirement to have made an implementation. Since no engineer has
>> ever written a fully correct specification before cutting metal, it may be
>> expected that there are some areas which will need attention later on, at
>> Draft Standard if we ever wanted to go that far. I’ll say now that one area
>> in AODVv2 will need some work later, that of hop-by-hop security in an ad
>> hoc network. This is because nobody has really cracked that problem yet;
>> some real bright people are grappling with that right now over in DTN. The
>> work in our own group on Identity Based Signatures will help but there is
>> still ground to cover. However the actual level of security is not for
>> AODVv2 to mandate, it is for the implementor and system integrator, based
>> on an assessment of the likely risk and the thickness of their wallet.
>>
>> It is clear to me that few will make an independent implementation
>> without the RFC stamp. This much is obvious in modems fitted with DLEP;
>> there are just four such implementations I know of, and two of those were
>> written with the encouragement of author team members, but I know of many
>> more who are just waiting for the dust to settle so they can make the
>> business case to proceed. Allow AODVv2 to get to RFC and we’ll encourage
>> others to use it and get some feedback.
>>
>> Regards
>> John
>> _______________________________________________
>> manet mailing list
>> manet@ietf.org
>> https://www.ietf.org/mailman/listinfo/manet
>>
>
>
> _______________________________________________
> manet mailing list
> manet@ietf.org
> https://www.ietf.org/mailman/listinfo/manet
>

v2.23.0 | Report a Bug | By Email