[ndnSIM] security issues of the Interest packet

mengxue mengxue_1224 at 126.com
Thu Nov 8 18:30:10 PST 2018


Hi,
   Thank you very much for helping me solve this problem.
 
Best regards,
Xue Meng




On 11/06/2018 11:36, Lixia Zhang wrote:

On Nov 5, 2018, at 7:20 PM, mengxue <mengxue_1224 at 126.com> wrote:

Hi, all 

   Thank you for your reading!
    I have some doubts about the security issues of the Interest. What I have learned is that an Interest packet is not secured by design(such as no signature).So I wonder if an attacker can modify the elements of the original Interest, such as changing one name component ,or changing  the Selector part or changing the Nonce part or changing the additional part added to the Interest by the developers.
  Thank you very much!

first, some nits: 
- there is no more selector (see the current protocol spec)
- data fetching interests for publicly accessible data are not signed; they have no logical side effect on producers in general (and not signing has the benefit of obscuring requesters).
- an interest can and should be signed, if it leads to an effect (e.g. a command interest).

second: the above mentioned interests modifications assume that an attacker is MIM (man-in-middle, i.e. on interest forwarding path): in this case the attacker can already do denial of service by dropping the interests; modifying interests is likely leading to the same result


| |
mengxue
|
|
邮箱:mengxue_1224 at 126.com
|

签名由 网易邮箱大师 定制
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndnsim/attachments/20181109/2e4c4267/attachment.html>


More information about the ndnSIM mailing list