Re: [Mobopts] [IRSG] IRSG Poll forI-D:draft-irtf-mobopts-location-privacy-solutions
Stephen Farrell <stephen.farrell@cs.tcd.ie> Wed, 11 March 2009 16:11 UTC
Return-Path: <stephen.farrell@cs.tcd.ie>
X-Original-To: mobopts@core3.amsl.com
Delivered-To: mobopts@core3.amsl.com
Received: from localhost (localhost [127.0.0.1]) by core3.amsl.com (Postfix) with ESMTP id B451828C17C for <mobopts@core3.amsl.com>; Wed, 11 Mar 2009 09:11:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: 1.256
X-Spam-Level: *
X-Spam-Status: No, score=1.256 tagged_above=-999 required=5 tests=[AWL=-1.550, BAYES_00=-2.599, FH_HOST_EQ_D_D_D_D=0.765, FH_HOST_EQ_D_D_D_DB=0.888, HELO_MISMATCH_COM=0.553, MANGLED_LIST=2.3, RDNS_DYNAMIC=0.1, SARE_SUB_RAND_LETTRS4=0.799]
Received: from mail.ietf.org ([64.170.98.32]) by localhost (core3.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id iC0J7n+TjtF1 for <mobopts@core3.amsl.com>; Wed, 11 Mar 2009 09:11:08 -0700 (PDT)
Received: from mail.newbay.com (87-198-172-198.ptr.magnet.ie [87.198.172.198]) by core3.amsl.com (Postfix) with ESMTP id 6987C28C177 for <mobopts@irtf.org>; Wed, 11 Mar 2009 09:11:08 -0700 (PDT)
Received: from localhost (localhost.localdomain [127.0.0.1]) by mail.newbay.com (Postfix) with ESMTP id 331ED1003F4DA; Wed, 11 Mar 2009 16:11:43 +0000 (GMT)
X-Virus-Scanned: amavisd-new at newbay.com
Received: from mail.newbay.com ([127.0.0.1]) by localhost (mail.newbay.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 552uXBc0QqSR; Wed, 11 Mar 2009 16:11:42 +0000 (GMT)
Received: from [192.168.3.55] (unknown [192.168.3.55]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.newbay.com (Postfix) with ESMTP id 25C5F1003F4D8; Wed, 11 Mar 2009 16:11:41 +0000 (GMT)
Message-ID: <49B7E2D3.3050605@cs.tcd.ie>
Date: Wed, 11 Mar 2009 16:12:03 +0000
From: Stephen Farrell <stephen.farrell@cs.tcd.ie>
User-Agent: Thunderbird 2.0.0.16 (X11/20080707)
MIME-Version: 1.0
To: "Eddy, Wesley M. (GRC-RCN0)[Verizon]" <wesley.m.eddy@nasa.gov>
References: <4D35478224365146822AE9E3AD4A266606FBB312@exchtewks3.starentnetw orks.com> <FAAB54171A6C764E969E6B4CB3C2ADD206E4878DC9@NOK-EUMSG-03.mgdnok.nokia.com> <C304DB494AC0C04C87C6A6E2FF5603DB220C9F0127@NDJSSCC01.ndc.nasa.gov>
In-Reply-To: <C304DB494AC0C04C87C6A6E2FF5603DB220C9F0127@NDJSSCC01.ndc.nasa.gov>
X-Enigmail-Version: 0.95.7
Content-Type: text/plain; charset="ISO-8859-1"
Content-Transfer-Encoding: 7bit
X-Mailman-Approved-At: Sat, 14 Mar 2009 08:53:38 -0700
Cc: "irsg@ISI.EDU" <irsg@ISI.EDU>, "mobopts@irtf.org" <mobopts@irtf.org>, "Basavaraj.Patil@nokia.com" <Basavaraj.Patil@nokia.com>
Subject: Re: [Mobopts] [IRSG] IRSG Poll forI-D:draft-irtf-mobopts-location-privacy-solutions
X-BeenThere: mobopts@irtf.org
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobility Optimizations <mobopts.irtf.org>
List-Unsubscribe: <http://www.irtf.org/mailman/listinfo/mobopts>, <mailto:mobopts-request@irtf.org?subject=unsubscribe>
List-Archive: <http://www.irtf.org/mail-archive/web/mobopts>
List-Post: <mailto:mobopts@irtf.org>
List-Help: <mailto:mobopts-request@irtf.org?subject=help>
List-Subscribe: <http://www.irtf.org/mailman/listinfo/mobopts>, <mailto:mobopts-request@irtf.org?subject=subscribe>
X-List-Received-Date: Wed, 11 Mar 2009 16:11:09 -0000
Eddy, Wesley M. (GRC-RCN0)[Verizon] wrote: > You can record a vote for "ready to publish" from me. Same here. My non-blocking comments are below. Feel free to take 'em on board or not, as you see fit. Stephen. #1 Its a bit surprising that active attackers aren't considered. Maybe adding a justification for that would be good? I guess the danger is that someone goes and implements all of this and claims to have produced a "secure" solution, but in fact has only produced something good against passive attacks. #2 section 5.1, what mode of operation is used for the generation of the encrypted home address? For AES I think ECB is ok, but if a block cipher with a smaller block (e.g. 3DES) is used, then you should probably not use ECB as that'd expose some information if Kpm is re-used and if the home address structure is sensitive. I've no idea if that's significant or not, but specifying CBC mode for shorter-block ciphers would I think remove the potential vulnerability. (3DES with ECB mode might also allow some non-obvious cut'n'paste attacks if Kpm is re-used, though those'd be active attacks and so presumably out of scope.) Nits: #1 1st sentence of section 1 is missing a word, maybe "problem" #2, p12: s/If such/If so/
- Re: [Mobopts] IRSG Poll for I-D:draft-irtf-mobopt… Basavaraj.Patil
- Re: [Mobopts] IRSG Poll forI-D:draft-irtf-mobopts… Eddy, Wesley M. (GRC-RCN0)[Verizon]
- Re: [Mobopts] [IRSG] IRSG Poll forI-D:draft-irtf-… Stephen Farrell
- Re: [Mobopts] [IRSG] IRSG PollforI-D:draft-irtf-m… QIU Ying
- Re: [Mobopts] IRSG Poll forI-D:draft-irtf-mobopts… QIU Ying
- Re: [Mobopts] IRSG Poll forI-D:draft-irtf-mobopts… Koodli, Rajeev
- Re: [Mobopts] IRSG PollforI-D:draft-irtf-mobopts-… Eddy, Wesley M. (GRC-RCN0)[Verizon]
- Re: [Mobopts] [IRSG] IRSG PollforI-D:draft-irtf-m… Rajeev Koodli
- Re: [Mobopts] [IRSG] IRSG PollforI-D:draft-irtf-m… Basavaraj.Patil