Re: [MEXT] MIP threats (Re: re-direction attack on MCoA)

To: Lakshminath Dondeti <ldondeti at qualcomm.com>
Subject: Re: [MEXT] MIP threats (Re: re-direction attack on MCoA)
From: marcelo bagnulo braun <marcelo at it.uc3m.es>
Date: Mon, 11 Feb 2008 10:54:53 +0100
Cc: Julien Laganier <julien.laganier at laposte.net>, mext at ietf.org, Christian Vogt <christian.vogt at ericsson.com>, Charles Clancy <clancy at cs.umd.edu>
Delivered-to: ietfarch-mip6-web-archive at core3.amsl.com
Delivered-to: mext at core3.amsl.com
In-reply-to: <47AB85C3.7060408 at qualcomm.com>
List-archive: <http://www.ietf.org/pipermail/mext>
List-help: <mailto:mext-request@ietf.org?subject=help>
List-id: Mobile IPv6 EXTensions WG <mext.ietf.org>
List-post: <mailto:mext@ietf.org>
List-subscribe: <http://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=subscribe>
List-unsubscribe: <http://www.ietf.org/mailman/listinfo/mext>, <mailto:mext-request@ietf.org?subject=unsubscribe>
References: <7892795E1A87F04CADFCCF41FADD00FC051C02A0 at xmb-ams-337.emea.cisco .com> <4C47BAA9-BA58-45F7-BDCF-2C050118BACE at it.uc3m.es> <Pine.LNX.4.64.080 1 301915130.30941 at rhea.tcs.hut.fi> <F9F7F253-DC2E-4F89-B235-6C00A981425B at it.u c3m.es> <Pine.LNX.4.64.0801302010130.30941 at rhea.tcs.hut.fi> <E4A82F11-1FA6 - 4908-A466-EC839FD7C315 at it.uc3m.es> <6D19CA8D71C89C43A057926FE0D4ADAA232B6D@ ecamlmw720.eamcs.ericsson.se><d3886a520801310308u937f976u214dff17a050d97b@ mail.gmail.com> <47AB85C3.7060408 at qualcomm.com>
Sender: mext-bounces at ietf.org

Hi Lakshminath,

I haven't review the document, but the document that i understand  
George, Wassim and Ben are thinking about is an analysis of residual  
threats in rfc3775 (or more in general in MIPv6). I mean, assuming all  
the security measures currently available, what threats are still  
there and whether we need to address them. One clear case if the case  
of flooding attack towards a given using the HA, as Ben and other  
folks have noticed

Regards, marcelo


El 07/02/2008, a las 23:27, Lakshminath Dondeti escribió:

> Hi Suresh, George, all,
>
> Please see
> draft-vidya-ip-mobility-threats-01
> draft-vidya-ip-mobility-sec-reqs-01
>
> Christian, Charles, Vidya and I have been working on the same topic  
> and
> wrote those documents (we hope to prepare an update before the next
> meeting).  Perhaps these could be a starting point?
>
> regards,
> Lakshminath
>
> On 1/31/2008 3:08 AM, George Tsirtsis wrote:
>> I am of course also interested in this work. I guess we already have
>> enough people to get the ball rolling on this.
>>
>> Thanks
>> George
>>
>> On Jan 31, 2008 10:59 AM, Suresh Krishnan <suresh.krishnan at ericsson.com 
>> > wrote:
>>> Hi Marcelo,
>>>  I am willing to work on a generic MIPv6 threats document along  
>>> with the other interested people.
>>>
>>> Cheers
>>> Suresh
>>>
>>> -----Original Message-----
>>> From: marcelo bagnulo braun [mailto:marcelo at it.uc3m.es]
>>> Sent: January 31, 2008 11:13 AM
>>> To: Wassim Haddad
>>> Cc: Julien Laganier; mext at ietf.org
>>>
>>> Subject: Re: [MEXT] re-direction attack on MCoA
>>>
>>>
>>> El 30/01/2008, a las 19:16, Wassim Haddad escribió:
>>>> => As there is a clear interest in the redirection attack on the HA
>>>> side, I volunteer to do some work on this one.
>>>>
>>> I think the work should be general to all residual threats on MIP as
>>> George mentioned, i think this would be more interesting since it
>>> would allow us to put the different threats in perspective and  
>>> figure
>>> out which ones we should address.
>>>
>>>
>>>
>>>> Regards,
>>>>
>>>> Wassim H.
>>>>
>>>>
>>>>> El 30/01/2008, a las 18:19, Wassim Haddad escribió:
>>>>>
>>>>>> Hi Marcelo,
>>>>>> IMHO, this topic has to be included as a new item in the new
>>>>>> charter and
>>>>>> should not be limited to MCoA.
>>>>>> Regards,
>>>>>> Wassim H.
>>>>>> On Wed, 30 Jan 2008, marcelo bagnulo braun wrote:
>>>>>>> Pascal,
>>>>>>> The question at this point is the following one: do you think
>>>>>>> that this threat should be addressed in the MCoA draft itself?
>>>>>>> comments?
>>>>>>> Regards, marcelo
>>>>>>> El 30/01/2008, a las 10:09, Pascal Thubert (pthubert) escribió:
>>>>>>>> I agree with Wassim on both mails.
>>>>>>>> There's also the situation where the MN/MR might be fooled by  
>>>>>>>> the
>>>>>>>> visited network into believing that the CoA (or its prefix if a
>>>>>>>> network
>>>>>>>> is attacked as opposed to a host) is on the visited link. DSMIP
>>>>>>>> is also
>>>>>>>> exposed, in particular with IPv4 CoAs.
>>>>>>>> There are many scenarios that do not involve high mobility were
>>>>>>>> a 3-way
>>>>>>>> or a 4-way handshake could be used to verify the CoA. We have
>>>>>>>> proposed
>>>>>>>> such a test in section 6 of the RRH draft that uses a triggered
>>>>>>>> 2nd BU
>>>>>>>> flow to verify the CoA in the first one:
>>>>>>>> http://tools.ietf.org/html/draft-thubert-nemo-reverse-routing-header-07#
>>>>>>>> section-6
>>>>>>>> Pascal
>>>>>>>>> -----Original Message-----
>>>>>>>>> From: Wassim Haddad [mailto:whaddad at tcs.hut.fi]
>>>>>>>>> Sent: mercredi 30 janvier 2008 09:32
>>>>>>>>> To: Benjamin Lim
>>>>>>>>> Cc: 'Julien Laganier'; mext at ietf.org
>>>>>>>>> Subject: RE: [MEXT] re-direction attack on MCoA
>>>>>>>>> On Wed, 30 Jan 2008, Benjamin Lim wrote:
>>>>>>>>>> All in all, what I am trying to say is that tracing only
>>>>>>>>>> limits the
>>>>>>>>>> effect of the attack from escalating further and not
>>>>>>>>>> preventing it.
>>>>>>>>> => which (again) also perfectly applies to a single CoA.
>>>>>>>>> Regards,
>>>>>>>>> Wassim H.
>>>>>>>>> _______________________________________________
>>>>>>>>> MEXT mailing list
>>>>>>>>> MEXT at ietf.org
>>>>>>>>> https://www1.ietf.org/mailman/listinfo/mext
>>>>>>>> _______________________________________________
>>>>>>>> MEXT mailing list
>>>>>>>> MEXT at ietf.org
>>>>>>>> https://www1.ietf.org/mailman/listinfo/mext
>>>>>> _______________________________________________
>>>>>> MEXT mailing list
>>>>>> MEXT at ietf.org
>>>>>> https://www1.ietf.org/mailman/listinfo/mext
>>>> _______________________________________________
>>>> MEXT mailing list
>>>> MEXT at ietf.org
>>>> https://www1.ietf.org/mailman/listinfo/mext
>>>
>>> _______________________________________________
>>> MEXT mailing list
>>> MEXT at ietf.org
>>> https://www1.ietf.org/mailman/listinfo/mext
>>>
>>> _______________________________________________
>>> MEXT mailing list
>>> MEXT at ietf.org
>>> https://www1.ietf.org/mailman/listinfo/mext
>>>
>>
>> _______________________________________________
>> MEXT mailing list
>> MEXT at ietf.org
>> https://www1.ietf.org/mailman/listinfo/mext
>>
> _______________________________________________
> MEXT mailing list
> MEXT at ietf.org
> http://www.ietf.org/mailman/listinfo/mext

_______________________________________________
MEXT mailing list
MEXT at ietf.org
http://www.ietf.org/mailman/listinfo/mext

Follow-Ups:
- Re: [MEXT] MIP threats (Re: re-direction attack on MCoA)
  - From: George Tsirtsis

References:
- Re: [MEXT] re-direction attack on MCoA
  - From: marcelo bagnulo braun
- Re: [MEXT] re-direction attack on MCoA
  - From: Wassim Haddad
- [MEXT] MIP threats (Re: re-direction attack on MCoA)
  - From: Lakshminath Dondeti

Prev by Date: [MEXT] Fwd: MEXT - Requested sessions have been scheduled for IETF 71
Next by Date: Re: [MEXT] MIP threats (Re: re-direction attack on MCoA)
Previous by thread: [MEXT] MIP threats (Re: re-direction attack on MCoA)
Next by thread: Re: [MEXT] MIP threats (Re: re-direction attack on MCoA)
Index(es):
- Date
- Thread

Re: [MEXT] MIP threats (Re: re-direction attack on MCoA)

Note: Messages sent to this list are the opinions of the senders and do not imply endorsement by the IETF.