Dear Gang, The logic we adopted for guessing complexity of a valid port and for the whole range is as mentioned in http://tools.ietf.org/html/draft-bsd-softwire-stateless-port-index-analysis-00#section-2:
" In each analyzed port derivation algorithm, an attacker may implement a redirection loop to detect a significant amount of allowed ports. For all monotonously scattered schemes, the whole Port-Set may be deduced by extrapolation while this is not applicable for contiguous port ranges (because no information about port bounds is leaked in the IPv4-translatable IPv6 address)." Cheers, Med -----Message d'origine----- De : [email protected] [mailto:[email protected]] De la part de GangChen Envoyé : jeudi 8 septembre 2011 18:19 À : Simon Perreault Cc : [email protected] Objet : Re: [Softwires] Analysis of Port Indexing Algorithms (draft-bsd-softwire-stateless-port-index-analysis) 2011/9/7, Simon Perreault <[email protected]>: > [email protected] wrote, on 09/07/2011 03:28 AM: >> What I have done is I clarified the text as follows: >> >> " >> o Complexity: Reflects the complexity level of understanding the >> algorithm and the expected complexity to configure an >> implementation. >> " > > A subjective criteria is not very useful for comparing algorithms. +1 > Here's a suggestion: configuration complexity could be measured in terms of > the > number of parameters necessary. This is an objective criteria. Criteria should be as objective as possible, especially for "Guessing Complexity of a Valid Port" .... Not sure whether there are some mathematical guidance could help to evaluate computational complexity? Maybe time complexity is a candidate BRs Gang _______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires _______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
