[rrg] Rejecting all but Strategy A
Tobias Heer
heer at cs.rwth-aachen.de
Thu Jan 8 08:25:29 PST 2009
Am 08.01.2009 um 11:48 schrieb Pekka Nikander:
>> With respect to security in LHIP by using hash-chains, we consider
>> them for LISP, but requires 3 to 4 packet exchanges, so a non-
>> starter.
>
> I don't think so, but I'm no longer an expert there. (I used to
> know crypto protocols around 1998-2002, but I no longer can claim
> so.) For unprotected opportunistic case, I think you can simply
> send your hash anchors in the opening packet.
>
Regarding LHIP and authentication delay: The question is if this is
about the payload channel (1), the signaling (2), or the initial
handshake (as done by HIP) (3).
1. LHIP does not protect payload. Hence, there is no added security as
well as no penalty in terms of additional packets and delay (in
comparison to plain IP).
2. For signaling messages, LHIP uses delayed secret disclosure and
requires three packets to be sent. Signaling events are quite rare for
HIP.
3. Regarding the initial handshake: If one doesn't care about
compatibility/interoperability between LHIP and HIP hosts, one could
probably reduce the number of required handshake packets. LHIP uses
the 4-way handshake for being as close to HIP as possible. When moving
away from HIP one could indeed just send the anchors in the first data
packet and still have hash-chain-signature protected signaling later
but that is not what LHIP does right now.
Tobias
>
>
> _______________________________________________
> rrg mailing list
> rrg at irtf.org
> https://www.irtf.org/mailman/listinfo/rrg
--
Dipl.-Inform. Tobias Heer, Ph.D. Student
Distributed Systems Group
RWTH Aachen University, Germany
tel: +49 241 80 207 76
web: http://ds.cs.rwth-aachen.de/members/heer
More information about the rrg
mailing list