On 05/29/10 06:07 AM, Zach Shelby wrote:
Hi Robert,
Thanks for the comments, below you'll find merged comments from the authors. On
the nit and grammar related comments I will check those though while doing
editing on nd-10 so don't be bothered that I skip them below. We have started
creating tickets on changes in progress for nd-10.
On May 14, 2010, at 6:26 PM, Robert Cragie wrote:
page 7:
"EUI-64s are globally unique" - What about the case of spoofed/cloned EUI-64s?
What would be the effect using this ND? Would it be significant? My guess is probably not
but it might be worth making this clear
We decided it might take a whole bunch of text to discuss all the issues that
might happen with duplicate EUI-64s. For this spec we simply assume that
EUI-64s are unique thus we don't try to detect duplicates.
Just to clarifiy, this stance isn't just because we are lazy.
I believe that detecting cloned/spoofed hosts in a 6lowpan environment
is impossible. We assume that the clone is identical to the original
host. Thus not only is the EUI-64 identical, but any other factory or
configuration information is assumed to be identical.
Suppose a simple topology with a single 6LBR, and the original and
cloned hosts attach to this 6LBR.
1. How can the 6LBR tell the difference between a packet from the
original and the clone? It can't, because they look the same and they
arrive on the same interface on the 6LBR. For instance, if it receives a
packet from the original with a high signal strength, and a millisecond
later receives a low strength packet from the clone, that wouldn't
indicate they there are two different hosts since the change in signal
strength could happen with a single host and changing radio conditions.
2. Can the 6LBR do some challenge-response against the host(s) to see
whether there is one host or two? That doesn't seem possible since the
6LBR can choose to target a transmission to only one of them (they are
both within radio range and use the same MAC address). Thus any
challenge would be heard by both of the hosts, and in many cases the
clone might hear the response from the original host (and vice versa).
Note that there other types of networks can detect duplicates.
For example, if a cell phone is in Chicago and San Francisco at the same
time one can assume that one of them is a clone.
Or if the same source MAC address appears on different wired Ethernet
switch ports at the same time, then it is probably a duplicate (or could
be a single host which has two NICs, or that disconnected and the
reconnected to the switch). In this case, the Ethernet switch can target
some form of challenge by selectively sending out each of the ports, to
be able to tell whether it is a move, a dual-attached single host, or a
case of two hosts.
If the link-layer creates some form of session keys as part of some
association protocol, then I suspect one can also tell the there is a
clone. But I don't know if anybody has studied the security of such
approach.
In any case, we assume none of those capabilities for 6lowpans.
Erik
_______________________________________________
6lowpan mailing list
[email protected]
https://www.ietf.org/mailman/listinfo/6lowpan
