[ndnSIM] security issues of the Interest packet
Hu, Xiaoyan
xhbreezehu at gmail.com
Fri Nov 9 04:17:30 PST 2018
Dear Prof. Zhang,
Thanks very much for your information about the update in the NDN protocol
design.
Would you please offer a pointer that explains why the selector field is
deprecated?
Best regards,
Xiaoyan
On Tue, Nov 6, 2018 at 11:36 AM Lixia Zhang <lixia at cs.ucla.edu> wrote:
>
> On Nov 5, 2018, at 7:20 PM, mengxue <mengxue_1224 at 126.com> wrote:
>
> Hi, all
>
> Thank you for your reading!
> I have some doubts about the security issues of the Interest. What I
> have learned is that an Interest packet is not secured by design(such as no
> signature).So I wonder if an attacker can modify the elements of the
> original Interest, such as changing one name component ,or changing the
> Selector part or changing the Nonce part or changing the additional part
> added to the Interest by the developers.
> Thank you very much!
>
>
> first, some nits:
> - there is no more selector (see the current protocol spec)
> - data fetching interests for publicly accessible data are not signed;
> they have no logical side effect on producers in general (and not signing
> has the benefit of obscuring requesters).
> - an interest can and should be signed, if it leads to an effect (e.g. a
> command interest).
>
> second: the above mentioned interests modifications assume that an
> attacker is MIM (man-in-middle, i.e. on interest forwarding path): in this
> case the attacker can already do denial of service by dropping the
> interests; modifying interests is likely leading to the same result
>
> _______________________________________________
> ndnSIM mailing list
> ndnSIM at lists.cs.ucla.edu
> http://www.lists.cs.ucla.edu/mailman/listinfo/ndnsim
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.lists.cs.ucla.edu/pipermail/ndnsim/attachments/20181109/f08f2f32/attachment.html>
More information about the ndnSIM
mailing list