Dear Med, Embedding IPv4 address and port set in IPv6 address is a kind of port set algorithm as well. The attacker can also deduce the port set once the embedding algorithm is learned. IMHO, this may not increase security comparing to other port set allocation algorithms. Now that the effect on security would be minimal (at lease in my opinion), more attention can be paid to the simplicity and less modification to the current Internet elements.
Please correct me if my understanding is wrong :) Best Regards, Qi Sun On 2013-2-19, at 下午10:06, <[email protected]> <[email protected]> wrote: > Hi Tom, > > You may be interested in reading this document: > http://tools.ietf.org/html/draft-bsd-softwire-stateless-port-index-analysis-00, > in particular: > > In each analyzed port derivation algorithm, an attacker may implement > a redirection loop to detect a significant amount of allowed ports. > For all monotonously scattered schemes, the whole Port-Set may be > deduced by extrapolation while this is not applicable for contiguous > port ranges (because no information about port bounds is leaked in > the IPv4-translatable IPv6 address). > > Cheers, > Med > >> -----Message d'origine----- >> De : [email protected] >> [mailto:[email protected]] De la part de Tom Taylor >> Envoyé : lundi 18 février 2013 17:40 >> À : Softwires >> Objet : [Softwires] Port set algorithm for LW4o6 >> >> Would it be possible to specify the same port set algorithm in >> LW4o6 as >> in MAP-E? This would simplify the description of the unified CPE. The >> effect on security of using a deterministic algorithm for the complete >> set (but not precluding random assignment within that set) would >> probably be minimal. >> >> Tom Taylor >> _______________________________________________ >> Softwires mailing list >> [email protected] >> https://www.ietf.org/mailman/listinfo/softwires >> > _______________________________________________ > Softwires mailing list > [email protected] > https://www.ietf.org/mailman/listinfo/softwires
_______________________________________________ Softwires mailing list [email protected] https://www.ietf.org/mailman/listinfo/softwires
