Hi Bob, On Wed, Jul 20, 2016 at 7:32 AM, Robert Moskowitz <[email protected]> wrote: > My numbers show that on a network, the probablity is so small that the > address is statistically unique. > > > Even with 50,000 devices on a network, the probably would be 6.67E-9% Just > not there. >
No matter how small, there is still some chance of collision so I think we should deal it in the draft? Regards, Behcet > > > On 07/20/2016 02:27 PM, Pascal Thubert (pthubert) wrote: >> >> Thanks Bob! >> >> I think the bottom line here is what's the exposure. If the collision >> occurred on a MAC address that would effectively get packets to the wrong >> place and would partially cut off devices from the network. >> >> No such thing here. The collision has no operational consequence. Both >> nodes will register their addresses fine and there will be no visible effect >> unless the IPv6 addresses are also in collision. >> >> Is there a security opening then? >> >> The exposure is that two devices may be capable of claiming one another's >> address and the 6LBR will fail to prevent this, putting us back to today's >> situation for these 2 particular devices. >> >> Even in the highly remote chance that they are on a same subnetwork, even >> if one is a really mean device, L2 crypto does not allow node B to see what >> UID is used by device A so those 2 devices will not know they are in this >> situation. >> >> It's good to add words to explain all this but the chance of accident are >> too remote to be of consequence. Instead we need to focus on getting a CGA >> that is hard enough to attack.... >> >> >> Regards, >> >> Pascal >> >>> Le 20 juil. 2016 à 13:17, Robert Moskowitz <[email protected]> a >>> écrit : >>> >>> >>> >>>> On 07/20/2016 11:59 AM, Mohit Sethi wrote: >>>> Dear Behcet and Pascal >>>> >>>> I have previously reviewed the draft on address protected neighbor >>>> discovery: draft-sarikaya-6lo-ap-nd-01. >>>> >>>> I generally like the idea but still have some questions. I wonder what >>>> about collisions for cryptographic IDs. The draft defines them as 64-bits >>>> long. I assume that at a minimum 80 bits are needed to assume that it is >>>> collision free. Or is it the case that collisions are not an issue in this >>>> case? >>> >>> I just ran some numbers through for another problem with a 64bit number >>> field. It works out as follows. >>> >>> The formula is: 1 - e^{-k^2/(2n)} >>> >>> Where n is your maximum popluation size (2^64 here, 1.84E19) and K is >>> your actual population. >>> >>> A .01% probablity of a collision is a bit less than 66M devices. >>> >>> If everyone in the world has one device (7B), then you are up to a 73% >>> probablity of a collision. >>> >>> So your risk of a collision on a network is there, but really low. >>> >>> ID author, you may want to put this formula into your draft. >>> >>> >>> _______________________________________________ >>> 6lo mailing list >>> [email protected] >>> https://www.ietf.org/mailman/listinfo/6lo > > _______________________________________________ 6lo mailing list [email protected] https://www.ietf.org/mailman/listinfo/6lo
