[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: address pair exploration, flooding and state loss
On 26-mei-2005, at 5:39, Greg Daley wrote:
For self-authentication, you'd basically require the original
data sender to have enough context left to authenticate the peer,
based on their IP address information (For example if CGA
addresses were locators, and the public key was known).
Timestamp information gathered previously for the CGA address
may be able to be used to ensure freshness.
Some of these mechanisms were used in SEND, but become suspect
for devices which have lost context state on the other side of the
Internet. It's possible to say though, that if the error message
contains a valid signature and timestamp, it's immediately verified.
Signature checks are relatively expensive: these are exactly the
operations you want to avoid for suspect packets.
However, this could easily be done by having A give B a nonce that is
(for instance) a timestamp and a hash over B's IP address, the
timestamp and some secret data. If A then loses its state for B, B
can prove to A it talked to A at the indicated time, and A can check
this as long as it still has its piece of secret data. Since this
doesn't have to change often, that will be likely.