[e2e] It's all my fault

Damien Miller djm at mindrot.org
Tue May 15 18:33:29 PDT 2007

On Tue, 15 May 2007, David P. Reed wrote:

> Damien Miller wrote:
> > On Mon, 14 May 2007, David P. Reed wrote:
> > 
> >   http://www.secdev.org/conf/IPv6_RH_security-csw07.pdf
> > 
> > It is a simple consequence of the fact that you can stuff over 40 address
> > pairs into a RH0, and each pair causes a round trip.
> >   
> A round trip is a security hole?   Is every packet I send 1/80th of an attack?

Are you being facetious or did you not read the presentation? An 80x
traffic amplification on each packet yields a wonderful denial of
service. The paper demonstrates an attacker keeping hosts/gateways
occupied for *30 seconds* with a single packet. Do you regard this as a
desirable behaviour?

> If so, if I send 80 packets without RH0, then that is equally bad!

To the victim there is no difference. However the cost to the attacker is
80x higher. 

> The issue here is that the network making a judgement about what
> packets should and should not be delivered as requested requires that
> the network be omniscient. If it were, it might as well figure out
> which packets I will send, send them, and then I need not bother to
> write the code to send them in the first place!

I'm not sure that I parse this, or what relevance it has. The networks that
I use daily are neither omniscient nor support source routing and they seem
to function just fine.

> Do time-sharing systems refuse to run code that implements sorting using a
> bubble sort?

Bad analogy, an inefficient algorithm doesn't (shouldn't) waste others'


More information about the end2end-interest mailing list