[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [DNA] Small security flaw in Hash FastRA (with proposal)

To: Christian Vogt <chvogt@tm.uka.de>
Subject: Re: [DNA] Small security flaw in Hash FastRA (with proposal)
From: Greg Daley <gregd@research.panasonic.com>
Date: Tue, 18 Apr 2006 10:45:43 -0400
Cc: dna@eng.monash.edu.au
In-reply-to: <44443022.6030005@tm.uka.de>
References: <442D9354.9060000@research.panasonic.com><444407E1.8030603@tm.uka.de> <44440B4E.8010501@research.panasonic.com><44443022.6030005@tm.uka.de>
Sender: owner-dna@ecselists.eng.monash.edu.au
User-Agent: Thunderbird 1.5 (Windows/20051201)

Christian Vogt wrote:
> Hi Greg!
> 
>> I think that we have been trying very hard to not require explicit
>> trust between routers, as we already had a solution which did that, 
>> called Deterministic FastRA.
> 
> I see, so much the better.
> 
> Deterministic FastRA could be an option for networks where RA ordering
> is important and routers can mutually authenticate each other, such as
> NETLMM.  This wouldn't break things; the routers would just ignore the
> Nonce option used by MNs in RSs and come up with their own,
> deterministic RA ordering.

That's not exactly what I meant :)

I'd really prefer there's one solution, if possible.

The solution would drop straight in to a constrained
network scenario, but wouldn't work in a scenario
with any form of mixed deployment (caveat deployer!).

At this stage, let's see what the issues are which
need resolving, and we'll work out what the solutions
are from there (I really like HashFastRA, and it has
the blessing of DT and WG).

Greg

Follow-Ups:
- Re: [DNA] Small security flaw in Hash FastRA (with proposal)
  - From: Christian Vogt <chvogt@tm.uka.de>

References:
- [DNA] Small security flaw in Hash FastRA (with proposal)
  - From: Greg Daley <gregd@research.panasonic.com>
- Re: [DNA] Small security flaw in Hash FastRA (with proposal)
  - From: Christian Vogt <chvogt@tm.uka.de>
- Re: [DNA] Small security flaw in Hash FastRA (with proposal)
  - From: Greg Daley <gregd@research.panasonic.com>
- Re: [DNA] Small security flaw in Hash FastRA (with proposal)
  - From: Christian Vogt <chvogt@tm.uka.de>

Prev by Date: Re: [DNA] Small security flaw in Hash FastRA (with proposal)
Next by Date: Re: [DNA] Small security flaw in Hash FastRA (with proposal)
Prev by thread: Re: [DNA] Small security flaw in Hash FastRA (with proposal)
Next by thread: Re: [DNA] Small security flaw in Hash FastRA (with proposal)
Index(es):
- Date
- Thread