IETF Logo Mail Archive

[manet] AB#2 Comments for WGLC draft-ietf-manet-nhdp-sec-threats-02

Abdussalam Baryun <abdussalambaryun@gmail.com> Tue, 09 April 2013 03:47 UTC

Return-Path: <abdussalambaryun@gmail.com>
X-Original-To: manet@ietfa.amsl.com
Delivered-To: manet@ietfa.amsl.com
Received: from localhost (localhost [127.0.0.1]) by ietfa.amsl.com (Postfix) with ESMTP id 2764C21F8F4D for <manet@ietfa.amsl.com>; Mon, 8 Apr 2013 20:47:09 -0700 (PDT)
X-Virus-Scanned: amavisd-new at amsl.com
X-Spam-Flag: NO
X-Spam-Score: -2.6
X-Spam-Level:
X-Spam-Status: No, score=-2.6 tagged_above=-999 required=5 tests=[BAYES_00=-2.599, NO_RELAYS=-0.001]
Received: from mail.ietf.org ([12.22.58.30]) by localhost (ietfa.amsl.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id sTpnK-jZfOXZ for <manet@ietfa.amsl.com>; Mon, 8 Apr 2013 20:47:08 -0700 (PDT)
Received: from mail-wi0-x233.google.com (mail-wi0-x233.google.com [IPv6:2a00:1450:400c:c05::233]) by ietfa.amsl.com (Postfix) with ESMTP id E52F521F8F4A for <manet@ietf.org>; Mon, 8 Apr 2013 20:47:07 -0700 (PDT)
Received: by mail-wi0-f179.google.com with SMTP id hn17so3221297wib.6 for <manet@ietf.org>; Mon, 08 Apr 2013 20:47:07 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:x-received:date:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=wcommXRClPXDNa0//0VrcLmYVpesRYIIYNYwbC0lPLo=; b=WqnCE35nHJ5/e3pyGQGMtF10D2dH4NBo33PPbQSkWT4Sm3VDh8tbdLWFXO8p0ex5Ui B5DNt+m6ukgUzTI5yw1vtlt12NaW9oMjGaiajG4KL6bG2Ucaqcor0la5XvmX1J5MCPsC y5wWtzI4lits0gyV3a0tSTYaCjkDzpRSI9tUEV5pVeP8E/IIt6OsY7ydIapGZZxQvgUp ZZQLCtsmvWti+LQOiXOUv+vkXa65AlBGnj0kPPTqEJhTWEUWiSjTywJ2YIxx5kEUQfef T7PEhDgymZZiq375Tpg0r3sHJKKmsgUa7Hv0bVv3FKxpNTfzdAOqbKJT1izKRw9cYX0g JuOQ==
MIME-Version: 1.0
X-Received: by 10.180.187.129 with SMTP id fs1mr16784886wic.5.1365479226959; Mon, 08 Apr 2013 20:47:06 -0700 (PDT)
Received: by 10.180.76.209 with HTTP; Mon, 8 Apr 2013 20:47:06 -0700 (PDT)
Date: Tue, 09 Apr 2013 05:47:06 +0200
Message-ID: <CADnDZ88jWjycMn93ai7Mes9Yu79QjbV_tjFmBsd-US7qkOrw=w@mail.gmail.com>
From: Abdussalam Baryun <abdussalambaryun@gmail.com>
To: manet <manet@ietf.org>
Content-Type: text/plain; charset="windows-1252"
Content-Transfer-Encoding: quoted-printable
Cc: draft-ietf-manet-nhdp-sec-threats@tools.ietf.org
Subject: [manet] AB#2 Comments for WGLC draft-ietf-manet-nhdp-sec-threats-02
X-BeenThere: manet@ietf.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Mobile Ad-hoc Networks <manet.ietf.org>
List-Unsubscribe: <https://www.ietf.org/mailman/options/manet>, <mailto:manet-request@ietf.org?subject=unsubscribe>
List-Archive: <http://www.ietf.org/mail-archive/web/manet>
List-Post: <mailto:manet@ietf.org>
List-Help: <mailto:manet-request@ietf.org?subject=help>
List-Subscribe: <https://www.ietf.org/mailman/listinfo/manet>, <mailto:manet-request@ietf.org?subject=subscribe>
X-List-Received-Date: Tue, 09 Apr 2013 03:47:09 -0000

This message Author: Abdussalam Baryun
Classified: I-D Review

Second Message Reply to your WGLC request dated 25/03/2013
The I-D Reviewed By: Abdussalam Baryun (AB)         Dated: 08/04/2013
Reviewer Comment AB#2: Questions and Comments
++++++++++++++++++++++++++++++++++++

Copyright Notice:
Copyright (c) 2012 IETF Trust and the person identified as the
message author. All rights reserved.
This message is to comment on the MANET WG work in progress I-D:
draft-ietf-manet-nhdp-sec-threats-02 [I-D], which means this message
may contain parts/texts of the I-D under review
=======================================

[Overall]

AB> The I-D structure approach is a little not clear, because it
states threats, but mostly describes the attacker possibility not the
way attacker uses the NHDP to make threat. I suggest focus on: 1) NHDP
messages, 2)IIB and NIB, then 3)Impact routing using NHDP (as you
mentioned in section-5). Both point 1 and 2 are not clear in I-D (they
were mentioned in RFC6130 security consideration section). I don’t
find in I-D about; threats against NHDP confidentiality, integrity,
Info-Freshness, and availability (may be in other words or meanings,
but these words are mostly used).

AB> Using the words *Exploits Allowed by protocol* by Sanzgiri et al.
(2002)[2] is better to clarify threats. In your approach you describe
attacks as the threats. They are not the same thing. Please read to
compare this I-D approach with [2]. I recommend editing *Exploits
Allowed by NHDP* into the work to clarify threats, making it easier to
read.

[I-D][section 4.3] Eavesdropping does not pose a direct threat to the
network nor to NHDP,

AB> From above text, what is an *indirect threat* mentioned? How can
we know if direct or indirect while information was accessed (lost
privacy), means a threat, don’t you think? Elsewhere you mention
passive threat/attack where is that definition?

AB> section 4.8 mentions my comments on the list before regarding
attacks on sequence number, just you named it attack on link quality.
It is ok.
------------------------

[Layer Protocol affects]

AB> Does attacks on IP layer increase threats to NHDP? Not understood from I-D.
AB> Does attacks on MAC, L2 or L2.5 increase threats to L3-NHDP?
Does/Can NHDP possible depend on the lower layers, if yes, what are
the threats? Please note that these issues mentioned in RFC6130 but
not in this I-D.
----------------------

[The use of NHDP]

AB> If there is an attack on NHDP does that mostly mean that its users
are attacked as well?
AB> In AODVv2 mentions that NHDP used to monitor and assure
bi-directional links, does that use have threats, why not mentioned,
please do.
AB> Does the NHDP detect the attack neighbor? IMO, it can, please mention this.
AB> Is the NHDP using an unreliable communication? If yes then should
explain the threats of that. In high density of neighbors/malicious
what is the threat?
AB> Does the threat increase if packets have more neighbor messages
packed in one packet?

[I-D] [section 3] An Attacker has several ways of harming this
neighbor discovery process: It can announce "wrong" information about
its identity,
postulate non-existent links, and replay HELLO messages.

AB> wrong identity!, what about interface address, network address?
-----------------------------

[NHDP-Messaging]
AB> This I-D does not distinguish between IP packets and RFC5444
Packets, as to describe the influence of the attacks on both packets.

AB> Regarding Invalid Hello Messages of:  interface addresses or its
IP addresses, and network addresses relate to threats, what are their
influences to NHDP threats?
AB> Please consider the Scenarios of RFC6130 Appendix F [Topology
Picture] (from 1 to 11, if related). You need to explain how the
threats in different topologies, as mentioned topology positions in
introduction of this I-D. If no NHDP threats due to those different
topologies then please mention no threats. IMHO, is important to
mention, they are same number of neighbors, but different topologies
with different NHDP threat levels.
[RFC6130] This is acquired through HELLO message exchange between
neighboring routers. This information is made available through the
Interface Information Bases and Neighbor Information Base, describing
the router’s 1-hop neighborhood and symmetric 2-hop neighborhood.

AB> As per above text of 6130, please explain threats of invalid IIB
and NIB in the I-D.

AB> In the I-D security consideration, you mention that you in this
I-D make security consideration for NHDP, but in RFC6130 one of its
security consideration mentions invalid messages. I expected to see
Invalid Hello Messages as mentioned in RFC6130 security section 17.1,
why not consider as an NHDP threat?

AB> If a node receives the NHDP messages that are not as specified in
procedure of RFC6130 section 10 and 10.1, then is that a threat? IMO,
yes it is, please mention it.
-------------------------------

[NHDP Security Considerations]

[RFC6622][section 4] security in MANETs, "one size rarely fits all"
and that MANET routing protocol deployment domains have varying
security requirements ranging from "unbreakable" to "virtually none".

AB> Different deployment domains, which make the security requirement
different. So could we say threats are different also in different
deployment domains. Please mention in this I-D.
AB> wrong behavior can come from a malicious node, but it can also
come from a neighbor that is malfunctioning. Do you consider both as
same threats? This should be clear in I-D.


This Message Reference:
------------------------------------
[2] Sanzgiri, K., et al., A Secure Routing Protocol for Ad Hoc
Network, IEEE ICNP, 2002.

=======================================
This is last message comment, I really hope this is useful, thanking you.

Best Regards,

Abdussalam Baryun

---------------------------------------------------------------------------------------
This message is not sent to private email boxes, but sent to IETF
MANET mail box.
This message and any attachments are confidential to the intended
recipient and may also be privileged. If you are not the intended
recipient please delete it from your system and notify the sender.
This message is in compliance with the IETF regulations.
---------------------------------------------------------------------------------------

> On 3/25/13, Stan Ratliff (sratliff) <sratliff@cisco.com> wrote:
>> WG,
>>
>> I've re-started the WGLC on this document. There's a 2-week WGLC period,
>> ending on April 8, 2013.
>>
>> Regards,
>> Stan
>> _______________________________________________
>> manet mailing list
>> manet@ietf.org
>> https://www.ietf.org/mailman/listinfo/manet
>

v2.23.0 | Report a Bug | By Email