IETF Logo Mail Archive

RE: SigComp Requirements (was Re: [rohc] RE: Default decompression algorithms)

"Dr. Carsten Bormann" <cabo@tzi.org> Thu, 28 February 2002 16:41 UTC

Received: from optimus.ietf.org (ietf.org [132.151.1.19] (may be forged)) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA02933 for <rohc-archive@odin.ietf.org>; Thu, 28 Feb 2002 11:41:40 -0500 (EST)
Received: from optimus.ietf.org (localhost [127.0.0.1]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id LAA11335; Thu, 28 Feb 2002 11:39:04 -0500 (EST)
Received: from ietf.org (odin [132.151.1.176]) by optimus.ietf.org (8.9.1a/8.9.1) with ESMTP id LAA11302 for <rohc@optimus.ietf.org>; Thu, 28 Feb 2002 11:39:02 -0500 (EST)
Received: from nmh.informatik.uni-bremen.de (root@nmh.informatik.uni-bremen.de [134.102.224.3]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id LAA02720 for <rohc@ietf.org>; Thu, 28 Feb 2002 11:38:57 -0500 (EST)
Received: from cabo3 (root@nmh.informatik.uni-bremen.de [134.102.224.3]) by nmh.informatik.uni-bremen.de (8.10.1/8.10.1) with SMTP id g1SGcpI20101; Thu, 28 Feb 2002 17:38:51 +0100 (MET)
From: "Dr. Carsten Bormann" <cabo@tzi.org>
To: "Price, Richard" <richard.price@roke.co.uk>
Cc: <rohc@ietf.org>
Subject: RE: SigComp Requirements (was Re: [rohc] RE: Default decompression algorithms)
Date: Thu, 28 Feb 2002 17:38:51 +0100
Message-ID: <NFBBJFHGMCFINEMHAMBGIEJDHHAA.cabo@tzi.org>
MIME-Version: 1.0
Content-Type: text/plain; charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
X-Priority: 3 (Normal)
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook IMO, Build 9.0.2416 (9.0.2911.0)
Importance: Normal
X-MimeOLE: Produced By Microsoft MimeOLE V5.50.4807.1700
In-reply-to: <76C92FBBFB58D411AE760090271ED4186F9FDE@rsys002a.roke.co.uk>
Content-Transfer-Encoding: 7bit
Sender: rohc-admin@ietf.org
Errors-To: rohc-admin@ietf.org
X-Mailman-Version: 1.0
Precedence: bulk
List-Id: Robust Header Compression <rohc.ietf.org>
X-BeenThere: rohc@ietf.org
Content-Transfer-Encoding: 7bit

> Agreed. But since the current SigComp draft allows my proposal to be
> implemented, we need to decide whether this is OK or not. Are there any
> technical reasons for enforcing that application-defined state
> should always
> be referenced by a hash?

Not really.  We just have to add some text to the security considerations.
Currently a decompressor can rely*) that the state it references is correct,
as it actually hashes correctly (because there is no other way to create
it); with your addition, it can't.
*) Of course, if the UDVM is malicious, it can't, but then, this is
equivalent to the recipient system being malicious, and there is no way to
ensure packet integrity in this case, either.

What's wrong about hashes, btw?

We may want to restrict the size of the identifiers to a sensible range,
though (6 to 12, with 9 as the "general Internet" default).

To add some technical substance, here are some real work items (with
identifiers on them):

cabo-1) We need to decide what hash to use; people have pointed out that
SHA-1 may be a better choice than MD5.

cabo-2) We need to decide how to do the truncation -- I believe it should be
done uniformly (i.e., the identifier size should be a UDVM parameter); if
not, it should be possible to use different state identifier sizes to
reference the same state (substring match).

cabo-3) We need to add security analysis for the capability announcement
(hard!); again, I'd rather get rid of it by just setting values.

Gruesse, Carsten


_______________________________________________
Rohc mailing list
Rohc@ietf.org
https://www1.ietf.org/mailman/listinfo/rohc

v2.8.7 | Report a Bug | By Email