Re: [Mobopts] [IRSG] IRSG PollforI-D:draft-irtf-mobopts-location-privacy-solutions

"QIU Ying" <> Mon, 16 March 2009 10:37 UTC

Return-Path: <>
Received: from localhost (localhost []) by (Postfix) with ESMTP id 5E96628C111 for <>; Mon, 16 Mar 2009 03:37:12 -0700 (PDT)
X-Virus-Scanned: amavisd-new at
X-Spam-Flag: NO
X-Spam-Score: 0.96
X-Spam-Status: No, score=0.96 tagged_above=-999 required=5 tests=[AWL=-1.954, BAYES_40=-0.185, MANGLED_LIST=2.3, SARE_SUB_RAND_LETTRS4=0.799, STOX_REPLY_TYPE=0.001]
Received: from ([]) by localhost ( []) (amavisd-new, port 10024) with ESMTP id skkx650zCnKL for <>; Mon, 16 Mar 2009 03:37:11 -0700 (PDT)
Received: from ( []) by (Postfix) with ESMTP id 08AB33A6936 for <>; Mon, 16 Mar 2009 03:37:10 -0700 (PDT)
Received: from ( []) by (8.14.1/8.14.1) with ESMTP id n2GAbjAc014552; Mon, 16 Mar 2009 18:37:45 +0800
Received: from t3400 ([]) by with Microsoft SMTPSVC(6.0.3790.3959); Mon, 16 Mar 2009 18:38:50 +0800
Message-ID: <65C0B939696D45A68AF8962E358A19DE@t3400>
From: "QIU Ying" <>
To: "Stephen Farrell" <>, "Eddy, Wesley M. \(GRC-RCN0\)[Verizon]" <>
References: <4D35478224365146822AE9E3AD4A266606FBB312@exchtewks3.starentnetw> <><> <>
Date: Mon, 16 Mar 2009 18:37:49 +0800
MIME-Version: 1.0
Content-Type: text/plain; format=flowed; charset="iso-8859-1"; reply-type=original
Content-Transfer-Encoding: 7bit
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5512
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5579
X-OriginalArrivalTime: 16 Mar 2009 10:38:50.0122 (UTC) FILETIME=[64C136A0:01C9A623]
X-Proofpoint-Virus-Version: vendor=fsecure engine=1.12.7400:2.4.4, 1.2.40, 4.0.166 definitions=2009-03-16_02:2009-03-13, 2009-03-16, 2009-03-16 signatures=0
X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 ipscore=0 phishscore=0 bulkscore=0 adultscore=0 classifier=spam adjust=0 reason=mlx engine=5.0.0-0811170000 definitions=main-0903160035
Cc: irsg@ISI.EDU,,
Subject: Re: [Mobopts] [IRSG] IRSG PollforI-D:draft-irtf-mobopts-location-privacy-solutions
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: Mobility Optimizations <>
List-Unsubscribe: <>, <>
List-Archive: <>
List-Post: <>
List-Help: <>
List-Subscribe: <>, <>
X-List-Received-Date: Mon, 16 Mar 2009 10:37:12 -0000

Hi, Stephen

Thanks for your review and support.

For the #1 comment regarding to active attacks: we discussed this issue 
before, but it is too difficult to enumerate all of active attacks. In 
fact, if an attacker launches an active attack signaling,  the mobile 
node has 2 choices: 1) simply drop the signaling message according to 
its own access policy, hence it is not much for further discussion. 2) 
accept the signaling messages, then the MN must response the signaling. 
Hence the attacker is treated as a correspondent node and the 
correspondent node is still not able to map the real home address and 
the in-use care-of-address according to our solution.

For the #2 comment regarding to using ECB in DES: since KM is derived 
from Kbm: Kpm = HMAC_SHA1(Kbm, 0), and Kbm is always changed by every RR 
process, a Kpm can not be re-used during the communication. By the way, 
the example you describe here, I prefer to call it as passive attack 
because it does not tempt messages from MN or HA directly.

Please correct me if I am wrong.

Regards and Thanks
Qiu Ying

----- Original Message ----- 
From: "Stephen Farrell" <>
To: "Eddy, Wesley M. (GRC-RCN0)[Verizon]" <>
Cc: <irsg@ISI.EDU>DU>; <>rg>; <>
Sent: Thursday, March 12, 2009 12:12 AM
Subject: Re: [Mobopts] [IRSG] IRSG 

> Eddy, Wesley M. (GRC-RCN0)[Verizon] wrote:
>> You can record a vote for "ready to publish" from me.
> Same here.
> My non-blocking comments are below. Feel free to take 'em
> on board or not, as you see fit.
> Stephen.
> #1 Its a bit surprising that active attackers aren't considered.
> Maybe adding a justification for that would be good? I guess the
> danger is that someone goes and implements all of this and claims
> to have produced a "secure" solution, but in fact has only produced
> something good against passive attacks.
> #2 section 5.1, what mode of operation is used for the generation
> of the encrypted home address? For AES I think ECB is ok, but if
> a block cipher with a smaller block (e.g.  3DES) is used, then you
> should probably not use ECB as that'd expose some information if
> Kpm is re-used and if the home address structure is sensitive.
> I've no idea if that's significant or not, but specifying CBC mode
> for shorter-block ciphers would I think remove the potential
> vulnerability. (3DES with ECB mode might also allow some non-obvious
> cut'n'paste attacks if Kpm is re-used, though those'd be active
> attacks and so presumably out of scope.)
> Nits:
> #1 1st sentence of section 1 is missing a word, maybe "problem"
> #2, p12: s/If such/If so/
> _______________________________________________
> Mobopts mailing list

Institute for Infocomm Research disclaimer:  "This email is confidential and may be privileged. If you are not the intended recipient, please delete it and notify us immediately. Please do not copy or use it for any purpose, or disclose its contents to any other person. Thank you."