Hi Richard, Minor comment – don’t see any text on L2 wireless tracking. All of our wireless devices effectively beacon our location and identity (e.g 802.11 MAC addresses and probing). While not strictly a IETF domain of work (L2), the solutions to this class of problems do require changes in IETF protocols.
I also wonder to what degree this is a "pervasive attack" issue. If the attack involves being physically close to the victim, it's hard to see how the attacker would achieve a pervasive scale. MAC address are readily picked up by any hotspot, mobile device, or by special monitoring devices. Commercial systems already exist to aggregate, track and identify people based on unique identifiers in our radio transmissions. A fun example is the Renew Orb (a trash can that tracks people): http://renewlondon.com/2013/06/renew-release-results-of-smartphone-data-capture/ In one week, 7 trash cans were able to track 530M devices. I’ve seen larger system solutions for sale suitable for country-wide analysis at a security conference in Singapore a few years back … What sorts of changes to IETF protocols are you imagining? Most of the work is IEEE related. Impacts to IETF protocols might include: - IP address assignment and IPv6 usage of MAC address - authentication protocols/framework to bind ephemeral MAC address to longer term identity - RADIUS/EAP usage changes Paul --Richard Paul From: perpass [mailto:[email protected]<mailto:[email protected]>] On Behalf Of Richard Barnes Sent: Monday, January 06, 2014 6:24 PM To: perpass Subject: [perpass] Fwd: New Version Notification for draft-barnes-pervasive-problem-00.txt Dear PERPASS, Stephen asked me to take a stab at a problem statement for PERPASS. With some help from Bruce, Cullen, and Ted, the results have just been published as draft-barnes-pervasive-problem-00. In general, this draft tries to outline at a technical level what we mean by pervasive attack, and what the high level mitigations are. Comments welcome! Thanks, --Richard ---------- Forwarded message ---------- From: <[email protected]<mailto:[email protected]>> Date: Mon, Jan 6, 2014 at 9:17 PM Subject: New Version Notification for draft-barnes-pervasive-problem-00.txt To: Cullen Jennings <[email protected]<mailto:[email protected]>>, Ted Hardie <[email protected]<mailto:[email protected]>>, Bruce Schneier <[email protected]<mailto:[email protected]>>, Richard Barnes <[email protected]<mailto:[email protected]>> A new version of I-D, draft-barnes-pervasive-problem-00.txt has been successfully submitted by Richard Barnes and posted to the IETF repository. Name: draft-barnes-pervasive-problem Revision: 00 Title: Pervasive Attack: A Threat Model and Problem Statement Document date: 2014-01-06 Group: Individual Submission Pages: 23 URL: http://www.ietf.org/internet-drafts/draft-barnes-pervasive-problem-00.txt Status: https://datatracker.ietf.org/doc/draft-barnes-pervasive-problem/ Htmlized: http://tools.ietf.org/html/draft-barnes-pervasive-problem-00 Abstract: Documents published in 2013 have revealed several classes of "pervasive" attack on Internet communications. In this document, we review the main attacks that have been published, and develop a threat model that describes these pervasive attacks. Based on this threat model, we discuss the techniques that can be employed in Internet protocol design to increase the protocols robustness to pervasive attacks. Please note that it may take a couple of minutes from the time of submission until the htmlized version and diff are available at tools.ietf.org<http://tools.ietf.org>. The IETF Secretariat
_______________________________________________ perpass mailing list [email protected] https://www.ietf.org/mailman/listinfo/perpass
