Issue185

Issues
Show Unassigned
Show All
Search

Documents

Login




Register
E-mail the Administrator
Issue Title Significance of Upstream Node Attacks
Document: GIST Protocol Specification v11 Section: 3.5, 8.3
Category: Editorial Priority: Should Fix
Status: Text Proposed

Created on 2007-02-20.22:27:55 by reh, last changed 2007-02-22.15:22:59.

Messages
msg522 Author: reh Date: 2007-02-22.15:22:59 
Revised text in 3.5 as follows:

                                                    ... However,
   if the routing state is keyed only by (MRI, NSLP), there is a trivial
   denial of service attack (see Section 8.3) where a malicious off-path
   node asserts that it is the peer for a particular flow.  Such an
   attack would not redirect the traffic but would reroute the
   signalling.  Instead, the routing state is also segregated between
   different SIDs, which means that the attacking node can only disrupt
   a signalling session if it can guess the corresponding SID.

and in 8.3:

   SID segregation:  The routing state lookup for a given MRI and NSLPID
      MUST also take the SID into account.  A malicious node can only
      overwrite existing GIST routing state if it can guess the
      corresponding SID; it can insert state with random SID values, but
      generally this will not be used to route signalling messages for
      which state has already been legitimately established.
msg511 Author: reh Date: 2007-02-20.22:27:55 
From Sam Hartman:

I don't understand the attack regarding off-path nodes inserting routing state
discussed briefly at the end of sections 3.5 and 8.3. Is the attack that you
could send a bogus query from off-path and get the upstream directed traffic
associated with a session?
History
Date User Action Args
2007-02-22 15:23:00rehsetstatus: No Discussion -> Text Proposed
messages: + msg522
2007-02-20 22:27:56rehcreate