Re: [Seamoby] [issue30] How to handle bad MN's authorization Token?
Rajeev Koodli <rajeev@iprg.nokia.com> Mon, 15 December 2003 22:22 UTC
Received: from optimus.ietf.org ([132.151.1.19]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA03207 for <seamoby-archive@odin.ietf.org>; Mon, 15 Dec 2003 17:22:30 -0500 (EST)
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AW16J-0002Lo-BT for seamoby-archive@odin.ietf.org; Mon, 15 Dec 2003 17:22:03 -0500
Received: (from exim@localhost) by www1.ietf.org (8.12.8/8.12.8/Submit) id hBFMM3Li009030 for seamoby-archive@odin.ietf.org; Mon, 15 Dec 2003 17:22:03 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AW16J-0002LZ-7t for seamoby-web-archive@optimus.ietf.org; Mon, 15 Dec 2003 17:22:03 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA03189 for <seamoby-web-archive@ietf.org>; Mon, 15 Dec 2003 17:21:59 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AW16G-0003fw-00 for seamoby-web-archive@ietf.org; Mon, 15 Dec 2003 17:22:00 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1AW16F-0003fp-00 for seamoby-web-archive@ietf.org; Mon, 15 Dec 2003 17:22:00 -0500
Received: from [132.151.1.19] (helo=optimus.ietf.org) by ietf-mx with esmtp (Exim 4.12) id 1AW16F-0003fm-00 for seamoby-web-archive@ietf.org; Mon, 15 Dec 2003 17:21:59 -0500
Received: from localhost.localdomain ([127.0.0.1] helo=www1.ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AW16G-0002Ku-CT; Mon, 15 Dec 2003 17:22:00 -0500
Received: from odin.ietf.org ([132.151.1.176] helo=ietf.org) by optimus.ietf.org with esmtp (Exim 4.20) id 1AW160-0002Ka-IV for seamoby@optimus.ietf.org; Mon, 15 Dec 2003 17:21:44 -0500
Received: from ietf-mx (ietf-mx.ietf.org [132.151.6.1]) by ietf.org (8.9.1a/8.9.1a) with ESMTP id RAA03183 for <seamoby@ietf.org>; Mon, 15 Dec 2003 17:21:41 -0500 (EST)
Received: from ietf-mx ([132.151.6.1]) by ietf-mx with esmtp (Exim 4.12) id 1AW15y-0003fO-00 for seamoby@ietf.org; Mon, 15 Dec 2003 17:21:42 -0500
Received: from exim by ietf-mx with spam-scanned (Exim 4.12) id 1AW15x-0003fH-00 for seamoby@ietf.org; Mon, 15 Dec 2003 17:21:41 -0500
Received: from darkstar.iprg.nokia.com ([205.226.5.69]) by ietf-mx with esmtp (Exim 4.12) id 1AW15w-0003ec-00 for seamoby@ietf.org; Mon, 15 Dec 2003 17:21:40 -0500
Received: (from root@localhost) by darkstar.iprg.nokia.com (8.11.0/8.11.0-DARKSTAR) id hBFML2G17087; Mon, 15 Dec 2003 14:21:02 -0800
X-mProtect: <200312152221> Nokia Silicon Valley Messaging Protection
Received: from rajeev.iprg.nokia.com (205.226.2.90, claiming to be "iprg.nokia.com") by darkstar.iprg.nokia.com smtpdWrZfvF; Mon, 15 Dec 2003 14:21:01 PST
Message-ID: <3FDE33C3.B14A89FC@iprg.nokia.com>
Date: Mon, 15 Dec 2003 14:20:51 -0800
From: Rajeev Koodli <rajeev@iprg.nokia.com>
Organization: Nokia Research Center
X-Mailer: Mozilla 4.7 [en] (X11; I; FreeBSD 3.4-RELEASE i386)
X-Accept-Language: en
MIME-Version: 1.0
To: Nakhjiri Madjid-MNAKHJI1 <Madjid.Nakhjiri@motorola.com>
CC: Seamoby CTP Issues <ctp_issues@danforsberg.info>, seamoby@ietf.org
Subject: Re: [Seamoby] [issue30] How to handle bad MN's authorization Token?
References: <EBF631554F9CD7118D0B00065BF34DCB03D2A79B@il27exm03.cig.mot.com>
Content-Type: text/plain; charset="us-ascii"
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Sender: seamoby-admin@ietf.org
Errors-To: seamoby-admin@ietf.org
X-BeenThere: seamoby@ietf.org
X-Mailman-Version: 2.0.12
Precedence: bulk
List-Unsubscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=unsubscribe>
List-Id: Context Transfer, Handoff Candidate Discovery, and Dormant Mode Host Alerting <seamoby.ietf.org>
List-Post: <mailto:seamoby@ietf.org>
List-Help: <mailto:seamoby-request@ietf.org?subject=help>
List-Subscribe: <https://www1.ietf.org/mailman/listinfo/seamoby>, <mailto:seamoby-request@ietf.org?subject=subscribe>
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on ietf-mx.ietf.org
X-Spam-Status: No, hits=0.0 required=5.0 tests=none autolearn=no version=2.60
Content-Transfer-Encoding: 7bit
Content-Transfer-Encoding: 7bit
Nakhjiri Madjid-MNAKHJI1 wrote: > Hi Rajeev, > > If you want the pAR to do something for every failed authentication > token, then you are setting yourself for trouble (DoS attacks), especially > since CT has to happen so quickly. Does the nAR has to keep any state? > each malicious MN can send one such bogus token. I think a DoS attack would probably need a bigger incentive. FYI: in Fast Handovers, a MN is allowed to send an FBU with a request to send an Ack. In Mobile IPv6, the 'A' bit in BU requests the HA to send a Binding Ack. I don't see this as a loophole to launch an attack. Am I missing something ? The CT Request from nAR to pAR is in response to CTAR which includes the MN's authorization token. The nAR has to match that with what pAR supplies. The size of the token is 4 bytes. If a malicious MN is wants launch a DoS attack on nAR's buffers, nAR can essentially stop being a router for that MN after the token verification fails (after couple of tens of milliseconds). I think the downside of not including the token opens up the possibility to steal some other MN's contexts, which we must avoid. -Rajeev > > Madjid > > -----Original Message----- > From: rajeev@darkstar.iprg.nokia.com > [mailto:rajeev@darkstar.iprg.nokia.com]On Behalf Of Rajeev Koodli > Sent: Friday, December 12, 2003 6:02 PM > To: Nakhjiri Madjid-MNAKHJI1 > Cc: Seamoby CTP Issues; seamoby@ietf.org > Subject: Re: [Seamoby] [issue30] How to handle bad MN's authorization > Token? > > Hi, > > is your concern message tampering between pAR and nAR ? > If so, that should apply to all contexts. I think we address that > by saying the routers SHOULD have SAs. > > Regards, > > -Rajeev > > Nakhjiri Madjid-MNAKHJI1 wrote: > > > Rajeev, > > > > I don't recall whether there was a message authentication procedure between > > the pAR and nAR, if there is none, and the pAR can't verify the authorization > > token, then we may open the door to DoS attacks on the pAR. So responding to > > nAR may have bad consequences... > > If there is no message authentication between nAR and pAR, while you are expecting > > the MN to authenticate itself to pAR (to me this is half way solution), then the > > pAR should ignore the request. > > > > Madjid > > > > -----Original Message----- > > From: seamoby-admin@ietf.org [mailto:seamoby-admin@ietf.org]On Behalf Of > > Rajeev Koodli > > Sent: Monday, December 08, 2003 1:14 PM > > To: Seamoby CTP Issues > > Cc: seamoby@ietf.org > > Subject: Re: [Seamoby] [issue30] How to handle bad MN's authorization > > Token? > > > > John Loughney SEAMOBY-Issues wrote: > > > > > New submission from John Loughney <john.loughney@nokia.com>: > > > > > > In case nAR requests the transfer by a CTR message, the pAR must verify > > > the MN's authorization token. If this token is unvalid, what do we do ? > > > > > > Possible solutions: > > > > > > - nothing ? the pAR does not answer to nAR. > > > - pAR indicates the error to nAR: > > > * In the CTD message. > > > * In a error message which could carry error information. > > > > > > > pAR MUST respond to nAR with an appropriate error. > > nAR SHOULD convey the result to the MN. > > > > -Rajeev > > > > > > > > others ? > > > > > > ---------- > > > category: Editorial > > > document: draft-ietf-seamoby-ctp-05.txt > > > messages: 39 > > > nosy: jloughney > > > priority: Should Fix > > > status: No Discussion > > > title: How to handle bad MN's authorization Token? > > > _____________________________________________________________ > > > Seamoby CTP Issues <ctp_issues@danforsberg.info> > > > <http://danforsberg.info:8080/draft-ietf-seamoby-ctp/issue30> > > > _____________________________________________________________ > > > > > > _______________________________________________ > > > Seamoby mailing list > > > Seamoby@ietf.org > > > https://www1.ietf.org/mailman/listinfo/seamoby > > > > _______________________________________________ > > Seamoby mailing list > > Seamoby@ietf.org > > https://www1.ietf.org/mailman/listinfo/seamoby _______________________________________________ Seamoby mailing list Seamoby@ietf.org https://www1.ietf.org/mailman/listinfo/seamoby
- RE: [Seamoby] [issue30] How to handle bad MN's au… Nakhjiri Madjid-MNAKHJI1
- RE: [Seamoby] [issue30] How to handle bad MN's au… Nakhjiri Madjid-MNAKHJI1
- Re: [Seamoby] [issue30] How to handle bad MN's au… Rajeev Koodli
- RE: [Seamoby] [issue30] How to handle bad MN's au… Nakhjiri Madjid-MNAKHJI1
- Re: [Seamoby] [issue30] How to handle bad MN's au… Rajeev Koodli
- Re: [Seamoby] [issue30] How to handle bad MN's au… Julien Bournelle