I think we can use Bob's words to show how rare and then explain that collision is inconsequential anyway, so people do not keep rising the point...
Regards, Pascal > Le 20 juil. 2016 à 16:54, Behcet Sarikaya <[email protected]> a écrit : > > Hi Bob, > > On Wed, Jul 20, 2016 at 7:32 AM, Robert Moskowitz > <[email protected]> wrote: >> My numbers show that on a network, the probablity is so small that the >> address is statistically unique. >> >> >> Even with 50,000 devices on a network, the probably would be 6.67E-9% Just >> not there. > > No matter how small, there is still some chance of collision so I > think we should deal it in the draft? > > Regards, > > Behcet >> >> >>> On 07/20/2016 02:27 PM, Pascal Thubert (pthubert) wrote: >>> >>> Thanks Bob! >>> >>> I think the bottom line here is what's the exposure. If the collision >>> occurred on a MAC address that would effectively get packets to the wrong >>> place and would partially cut off devices from the network. >>> >>> No such thing here. The collision has no operational consequence. Both >>> nodes will register their addresses fine and there will be no visible effect >>> unless the IPv6 addresses are also in collision. >>> >>> Is there a security opening then? >>> >>> The exposure is that two devices may be capable of claiming one another's >>> address and the 6LBR will fail to prevent this, putting us back to today's >>> situation for these 2 particular devices. >>> >>> Even in the highly remote chance that they are on a same subnetwork, even >>> if one is a really mean device, L2 crypto does not allow node B to see what >>> UID is used by device A so those 2 devices will not know they are in this >>> situation. >>> >>> It's good to add words to explain all this but the chance of accident are >>> too remote to be of consequence. Instead we need to focus on getting a CGA >>> that is hard enough to attack.... >>> >>> >>> Regards, >>> >>> Pascal >>> >>>> Le 20 juil. 2016 à 13:17, Robert Moskowitz <[email protected]> a >>>> écrit : >>>> >>>> >>>> >>>>> On 07/20/2016 11:59 AM, Mohit Sethi wrote: >>>>> Dear Behcet and Pascal >>>>> >>>>> I have previously reviewed the draft on address protected neighbor >>>>> discovery: draft-sarikaya-6lo-ap-nd-01. >>>>> >>>>> I generally like the idea but still have some questions. I wonder what >>>>> about collisions for cryptographic IDs. The draft defines them as 64-bits >>>>> long. I assume that at a minimum 80 bits are needed to assume that it is >>>>> collision free. Or is it the case that collisions are not an issue in this >>>>> case? >>>> >>>> I just ran some numbers through for another problem with a 64bit number >>>> field. It works out as follows. >>>> >>>> The formula is: 1 - e^{-k^2/(2n)} >>>> >>>> Where n is your maximum popluation size (2^64 here, 1.84E19) and K is >>>> your actual population. >>>> >>>> A .01% probablity of a collision is a bit less than 66M devices. >>>> >>>> If everyone in the world has one device (7B), then you are up to a 73% >>>> probablity of a collision. >>>> >>>> So your risk of a collision on a network is there, but really low. >>>> >>>> ID author, you may want to put this formula into your draft. >>>> >>>> >>>> _______________________________________________ >>>> 6lo mailing list >>>> [email protected] >>>> https://www.ietf.org/mailman/listinfo/6lo >> >> _______________________________________________ 6lo mailing list [email protected] https://www.ietf.org/mailman/listinfo/6lo
