[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: addition of TLV to locator ID or locator ID set
On Mon, 3 Oct 2005, Iljitsch van Beijnum wrote:
However, without HBA or CGA it would be possible to redirect
packets (assuming the shim is used) even in the presence of IPsec.
CGA would not make that impossible AIUI, it'd make it impossible to
redirect an /existing/ shim state, AIUI (which is same as you'd get
HBA (a special case of CGA right?) makes it impossible by binding
locator prefixes to ULIDs uniquely (ie permanently).
CGA simply ties a public key / certificate to an address. This key
or certificate can then be used to authenticate further exchanges
so an attacker can't successfully inject shim signalling.
That's the same thing you could achieve with anonymous IPSec.
(Though, IPSec associates state with a 'security association' rather
than address, which could be more fine-grained than CGA). It's an
anonymous key either way, unless there is some other way to verify
the authenticity of a key and what it may be used for / who it is
issued for (who in terms of IP addresses).
can execute any valid signalling exchange. However, the HBA limits
the set of valid exchanges to the ones related to a prefix where
that prefix is one of the set for which there is a valid hash in
the interface identifier.
if the only security is HBA and the shim protocol is stateless (without
having to observe packets obviously).
shouldn't be an issue.
Ok, in which case you'll need a handshake before you accept the
cookie as valid, to establish two-way communication (two-way at shim6
level, each direction might use a different path).
Suppose C now initates a rehoming. C would also have to be present
at the new address A' in order for E to accept the change. And A'
must be an address that belongs to A because otherwise A wouldn't
have included the prefix in question in its HBA.
Obviously, if renumbering were to be allowed, then C could redirect
the mapping completely away from A (the only part supposed to be
using that HBA).
The security issues are quite interesting. :)
I suppose this attack might be useful for C if C can only be a man
in the middle between A and E for a short time, but be a man in the
middle between A' and E for a longer period. As long as C keeps the
A' - E association alive, A is going to have a hard time connecting
to E using A - E.
It does preclude renumbering though, which is an interesting
Sorry for being so annoying btw, I just can't help questioning things
as a means to gaining understanding.. ;)
Paul Jakma firstname.lastname@example.org email@example.com Key ID: 64A2FF6A
A gathering where you meet people who drink
so much you can't even remember their names.