Opened 5 years ago

Last modified 5 years ago

#38 new defect

difficulty to do security, in case messages are mutable

Reported by: charliep@… Owned by: charliep@…
Priority: major Milestone:
Component: aodvv2 Version:
Severity: Active WG Document Keywords:
Cc:

Description

	The most important security mechanisms for AODVv2 routing are
	integrity/authentication and confidentiality.

	In situations where routing information or router identity are
	suspect, integrity and authentication techniques SHOULD be
	applied to AODVv2 messages.  In these situations, routing
	information that is distributed over multiple hops SHOULD also
	verify the integrity and identity of information based on
	originator of the routing information.

This is really difficult to do, in case messages are mutable in-transit, which appears to be the case for this protocol? I think that this issue of mutable messages deserves being called out explicitly in this section, especially if there are known or recommended ways of handling this (as is the case, for example, in the security considerations section of RFC5444 regarding the mutable header fields for hop-count/hop-limit of messages.

Change History (1)

comment:1 Changed 5 years ago by charliep@…

  • Owner changed from draft-ietf-manet-aodvv2@… to charliep@…
Note: See TracTickets for help on using tickets.