Michael Richardson writes: > hmm. Or, it sees a new beacon, which it can integrity check, and then sees > the ASN jump forward. This would be the same as if it had slept for awhile. > > Unless the attacker can continuously *block* the node from seeing > the latest beacons, and continuously feeds it old beacons, the > problem should go away.
Note, that if attacker forces joining node to be offsetted from real network, then node will never see real beacon, and attacker has easy task of replaying old beacons forever. I.e., real network sends beacon with ASN 12345 on channel 1 at time t. Then on time t+20 attacker replies that beacon on channel 1 with ASN 12345 for attacked node. Then real network sends its next beacon with ASN 12445 on channel=8 at time t+100. Attacker replays that at time t+120 on channnel 8 for the attacked node. The real network would use channel 11 at time t+120, so those two networks will never hear from each other. -- [email protected] _______________________________________________ 6tisch mailing list [email protected] https://www.ietf.org/mailman/listinfo/6tisch
