IETF Logo Mail Archive

Re: [manet] New AODVv2 draft and status

Thomas Heide Clausen <ietf@thomasclausen.org> Thu, 21 April 2016 21:49 UTC

Return-Path: <ietf@thomasclausen.org>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 1AD5D12E115 for <manet@ietfa.amsl.com>; Thu, 21 Apr 2016 14:49:19 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.7
X-Spam-Level:
X-Spam-Status: No, score=-2.7 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, HTML_MESSAGE=0.001, MIME_QP_LONG_LINE=0.001, RCVD_IN_DNSWL_LOW=-0.7, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no
Authentication-Results: ietfa.amsl.com (amavisd-new); dkim=pass (1024-bit key) header.d=thomasclausen.org
Received: from mail.ietf.org ([4.31.198.44]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 3KoSP58AFvDJ for <manet@ietfa.amsl.com>; Thu, 21 Apr 2016 14:49:16 -0700 (PDT)
Received: from maila2.tigertech.net (maila2.tigertech.net [208.80.4.152]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ietfa.amsl.com (Postfix) with ESMTPS id 9B4B812D50D for <manet@ietf.org>; Thu, 21 Apr 2016 14:49:15 -0700 (PDT)
Received: from localhost (localhost [127.0.0.1]) by maila2.tigertech.net (Postfix) with ESMTP id AF3A724E0BB; Thu, 21 Apr 2016 14:49:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=thomasclausen.org; s=1.tigertech; t=1461275355; bh=YciNdWNGgY850Qey/qf3BjhD8uvUIKDsU1YmK6rkinE=; h=Subject:From:In-Reply-To:Date:Cc:References:To:From; b=C4RUZABcAEI++Lws1CVWjvNyWDrsFKZ5WAWEZPPSwBTpKtx+3E5gKbUDPH6LSG9f3 UGBTRk1J6CPRai0jSgDq6Nvf7024cb6OPEq9+jqQ/ufpnJ7pc6CYmU82KPwADLfSyQ A6pndC21pxSc9jTNbK5F7HUkRvfr89R6Osdr7nIc=
X-Virus-Scanned: Debian amavisd-new at maila2.tigertech.net
Received: from [192.168.147.246] (mtg91-1-82-227-24-173.fbx.proxad.net [82.227.24.173]) (using TLSv1 with cipher ECDHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by maila2.tigertech.net (Postfix) with ESMTPSA id E78BC24B534; Thu, 21 Apr 2016 14:49:14 -0700 (PDT)
Content-Type: multipart/alternative; boundary="Apple-Mail-7C93B10E-E4F3-4017-858E-9072AAD0311A"
Mime-Version: 1.0 (1.0)
From: Thomas Heide Clausen <ietf@thomasclausen.org>
X-Mailer: iPad Mail (13F51a)
In-Reply-To: <5719443D.8020801@earthlink.net>
Date: Thu, 21 Apr 2016 23:49:12 +0200
Content-Transfer-Encoding: 7bit
Message-Id: <6C9B7B54-B62C-463C-B851-0C951F9C159E@thomasclausen.org>
References: <CA+-pDCdh2O1iuVKTj+=kV=52Mx7qLNE3PB7M=WbPLCv4Vd9KoQ@mail.gmail.com> <CAN1bDFxMu4P6q1HOsGwELx1Y9fEigWYcwWUQqFXSMEa0BvCf8Q@mail.gmail.com> <CADnDZ8-2cCoPVDAr9g0q3ir0J5bJKYK1udYd2TzE82HOcpBkLg@mail.gmail.com> <927E6489-D927-4670-A24C-5A5D9B58C05D@gmail.com> <57191FDD.5010707@earthlink.net> <CAN1bDFyLdnkRBe_qQLW4JFNJxGzOs8=kTTCbRwrnRh+0WprDyQ@mail.gmail.com> <5719443D.8020801@earthlink.net>
To: Charlie Perkins <charles.perkins@earthlink.net>
Archived-At: <http://mailarchive.ietf.org/arch/msg/manet/hCFGoxEkQtxefp-b80AV2iy3pj4>
Cc: "manet@ietf.org" <manet@ietf.org>
Subject: Re: [manet] New AODVv2 draft and status
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.17
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <https://mailarchive.ietf.org/arch/browse/manet/>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Apr 2016 21:49:19 -0000

> On 21 Apr 2016, at 23:21, Charlie Perkins <charles.perkins@earthlink.net> wrote:
> 
> Hello Jiazi,
> 
> Follow-up below...  notably I probably should not be doing email today since I am ill,

First: take care of yourself, and do get well!

> but nevertheless you certainly deserve answers...
> 
>> On 4/21/2016 1:38 PM, Jiazi YI wrote:
>> Hi, 
>> 
>> 
>> On Thu, Apr 21, 2016 at 8:45 PM, Charlie Perkins <charles.perkins@earthlink.net> wrote:
>>> <snip>
>>> 
>>> Regarding security: if AODVv2 were to solve all the possible security exposures of ad hoc networks, it would be historic and worthy of publication -- probably would win paper of the year. Needless to say, that was never part of the charter.
>> 
>> 
>> But security and its consideration are part of every specification.
> 
> And also part of AODVv2 specification.
> 

For having relatively recently seen an I-D through to RFC, as I have stated multiple times, the requirements for the security considerations have evolved considerably, since what you may be familiar with, or what you have been reading in the past.

> 
>> 
>> As one who co-authored several vulnerability analysis drafts/RFCs (ndhp-sec-threats, smf-sec-threats, olsrv2-sec-threats), what we always do for a protocol is:
>> 
>>   - assuming that we have a compromised router in the network, what can it do to break the network? What's the consequences? What about if there are several of them?
>> 
>>   - what about if there are mis-configured routers or wrong-implemented routers?
>> 
>>   - what kind of threats can be mitigated by existed security measurements (like RFC 7182/7183)? 
>> 
>>   - what kind of future work can be done to make the protocol more secure?
> 
> We have tried to do exactly these things, except for the last one.  I have read a lot of Security Considerations sections,

I repeat, for having relatively recently seen an I-D through to RFC, as I have stated multiple times, the requirements for the security considerations have evolved considerably, since what you may be familiar with, or what you have been reading in the past.

> and that last one is by no means universally included.
> 
>> 
>> With the current AODVv2 specification, if I was to produce a aodvv2-sec-threats draft, it would be much simpler: 
>> 
>>    - one single compromised router can easily jam the whole network (RREQ flooding), or even bring down the whole network (remember the multicast RERR?) because of the transit-trust model used. 
>> 
>>   - with my limited knowledge, as future work, there is no easy way to protect the message because of the reconstructed and length-varied message regenerated in every hop.
> 
> Well, I am somewhat happy to see that you are agreeing with me.  I did produce an e2e draft that has some protections, and asked for comments, and offered it as an adjunct to the current draft.

As I have also pointed out repeatedly, the e2e draft that you propose inhibits extensibility-without-also-updating-the-e2e-draft - I.e., each possible future extension requires also respinning / updating / replacing that draft. And, as it would be, I am not actually sure that the e2e draft suffices, even without considering extensions, given the things that can happen in a "regeneration of a message". Either way, even *if* the e2e draft was a solution, experience shows that it would have to advance in parallel with the protocol specification, and not as "a promised afterthought". The SEC-ADs won't have the latter.

As I have also pointed out repeatedly, the solution to this problem is to do away with "message regeneration". I have described *how* as well as the security model that would go with that, in several  emails in the past -- emails which so far have not been considered by the authors..

>> Even *if* security was acceptable as future work (it is not, but as a thought experiment, let's assume), there is no easy way to protect the message because of the reconstructed and length-varied message regenerated in every hop.
> 
> This is not true.  As is usual in such cases, one has to identify the parts that may modified as the packet goes from source to destination, and provide some way to verify the authenticity of those fields.
> 

Which is greatly simplified if doing away with both the regeneration and the e2e- Draft, as previously proposed, and repeatedly.

>> Securing a reactive protocol requires different considerations than does securing a proactive protocol, but there has been work done in this area, and other WG participants have raised both their concerns, and suggestions to security architectures, and protocol architectures (better) able to accommodate security, a long time ago. I don't see those works, nor the suggestions and comments made, reflected or considered in revision -15 of the draft. Especially, the current design based on message regeneration makes the future extension to the security very hard, as has been reiterated repeatedly.
>> 
>> Abdussalam doesn't agree with me on my observation on "Lack of response from the author team on the comments. " -- this is an example. 
> 
> If we missed some things, please be more specific. 

Done, for this subject, above. 

> But it is factually incorrect to suggest that we have not been responsive to the comments. 

No, that is factually accurate.

Several comments have been made, by myself and others, including proposals for how to address security, as indicated in the above,  which (demonstrably, least security would have been resolved) have not been addressed.

Thomas

> I have personally rewritten large parts of the Security Considerations twice in response, as well as offered a lot of text during the time when other co-authors have held the editorial pen.
> 
> Please excuse if I must delay further comment.
> 
> Regards,
> Charlie P.
> 
> _______________________________________________
> manet mailing list
> manet@ietf.org
> https://www.ietf.org/mailman/listinfo/manet

v2.23.0 | Report a Bug | By Email