draft-ietf-manet-nhdp-sec-threats-02.txt   draft-ietf-manet-nhdp-sec-threats-03.txt 
Mobile Ad hoc Networking (MANET) U. Herberg Mobile Ad hoc Networking (MANET) U. Herberg
Internet-Draft Fujitsu Laboratories of America Internet-Draft Fujitsu Laboratories of America
Intended status: Informational J. Yi Intended status: Informational J. Yi
Expires: September 21, 2013 T. Clausen Expires: October 12, 2013 T. Clausen
LIX, Ecole Polytechnique LIX, Ecole Polytechnique
March 20, 2013 April 10, 2013
Security Threats for NHDP Security Threats for NHDP
draft-ietf-manet-nhdp-sec-threats-02 draft-ietf-manet-nhdp-sec-threats-03
Abstract Abstract
This document analyses common security threats of the Neighborhood This document analyses common security threats of the Neighborhood
Discovery Protocol (NHDP), and describes their potential impacts on Discovery Protocol (NHDP), and describes their potential impacts on
MANET routing protocols using NHDP. MANET routing protocols using NHDP.
Status of this Memo Status of this Memo
This Internet-Draft is submitted in full conformance with the This Internet-Draft is submitted in full conformance with the
skipping to change at page 1, line 34 skipping to change at page 1, line 34
Internet-Drafts are working documents of the Internet Engineering Internet-Drafts are working documents of the Internet Engineering
Task Force (IETF). Note that other groups may also distribute Task Force (IETF). Note that other groups may also distribute
working documents as Internet-Drafts. The list of current Internet- working documents as Internet-Drafts. The list of current Internet-
Drafts is at http://datatracker.ietf.org/drafts/current/. Drafts is at http://datatracker.ietf.org/drafts/current/.
Internet-Drafts are draft documents valid for a maximum of six months Internet-Drafts are draft documents valid for a maximum of six months
and may be updated, replaced, or obsoleted by other documents at any and may be updated, replaced, or obsoleted by other documents at any
time. It is inappropriate to use Internet-Drafts as reference time. It is inappropriate to use Internet-Drafts as reference
material or to cite them other than as "work in progress." material or to cite them other than as "work in progress."
This Internet-Draft will expire on September 21, 2013. This Internet-Draft will expire on October 12, 2013.
Copyright Notice Copyright Notice
Copyright (c) 2013 IETF Trust and the persons identified as the Copyright (c) 2013 IETF Trust and the persons identified as the
document authors. All rights reserved. document authors. All rights reserved.
This document is subject to BCP 78 and the IETF Trust's Legal This document is subject to BCP 78 and the IETF Trust's Legal
Provisions Relating to IETF Documents Provisions Relating to IETF Documents
(http://trustee.ietf.org/license-info) in effect on the date of (http://trustee.ietf.org/license-info) in effect on the date of
publication of this document. Please review these documents publication of this document. Please review these documents
skipping to change at page 3, line 11 skipping to change at page 3, line 11
9.1. Normative References . . . . . . . . . . . . . . . . . . . 15 9.1. Normative References . . . . . . . . . . . . . . . . . . . 15
9.2. Informative References . . . . . . . . . . . . . . . . . . 16 9.2. Informative References . . . . . . . . . . . . . . . . . . 16
Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16 Authors' Addresses . . . . . . . . . . . . . . . . . . . . . . . . 16
1. Introduction 1. Introduction
The Neighborhood Discovery Protocol (NHDP) [RFC6130] allows routers The Neighborhood Discovery Protocol (NHDP) [RFC6130] allows routers
to acquire topological information up to two hops away from to acquire topological information up to two hops away from
themselves, by way of periodic HELLO message exchanges. The themselves, by way of periodic HELLO message exchanges. The
information acquired by NHDP is used by other protocols, such as information acquired by NHDP is used by other protocols, such as
OLSRv2 [OLSRv2] and SMF [RFC6621]. The topology information, OLSRv2 [I-D.ietf-manet-olsrv2] and SMF [RFC6621]. The topology
acquired by way of NHDP, serves these routing protocols for information, acquired by way of NHDP, serves these routing protocols
calculating paths to all destinations in the MANET, for relay set for calculating paths to all destinations in the MANET, for relay set
selection for network-wide transmissions, etc. selection for network-wide transmissions, etc.
As NHDP is typically used in wireless environments, it is potentially As NHDP is typically used in wireless environments, it is potentially
exposed to different kinds of security threats, some of which are of exposed to different kinds of security threats, some of which are of
particular significance as compared to wired networks. As wireless particular significance as compared to wired networks. As radio
radio waves can be captured as well as transmitted by any wireless signals can be received as well as transmitted by any compatible
device within radio range, there is commonly no physical protection wireless device within radio range, there is commonly no physical
as otherwise known for wired networks. NHDP does not define any protection as otherwise known for wired networks. NHDP does not
explicit security measures for protecting the integrity of the define any explicit security measures for protecting the integrity of
information it acquires, however suggests that this be addressed in a the information it acquires, however suggests that this be addressed
fashion appropriate to the deployment of the network. in a fashion appropriate to the deployment of the network.
This document is based on the assumption that no additional security This document is based on the assumption that no additional security
mechanism (such as IPsec) is used in the IP layer. The document mechanism (such as IPsec) is used in the IP layer. The document
analyses possible attacks and mis-configurations on NHDP and outlines analyses possible attacks and mis-configurations on NHDP and outlines
the consequences of such attacks/mis-configurations to the state the consequences of such attacks/mis-configurations to the state
maintained by NHDP in each router (and, thus, made available to maintained by NHDP in each router (and, thus, made available to
protocols using this state). protocols using this state).
2. Terminology 2. Terminology
The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT",
"SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and "SHOULD", "SHOULD NOT", "RECOMMENDED", "NOT RECOMMENDED", "MAY", and
"OPTIONAL" in this document are to be interpreted as described in "OPTIONAL" in this document are to be interpreted as described in
[RFC2119]. [RFC2119].
This document uses the terminology and notation defined in [RFC5444] This document uses the terminology and notation defined in [RFC5444],
and NHDP [RFC6130]. NHDP [RFC6130] and [RFC4949].
Additionally, this document introduces the following terminology: Additionally, this document introduces the following terminology:
NHDP Router: A MANET router, running NHDP as specified in [RFC6130]. NHDP Router: A MANET router, running NHDP as specified in [RFC6130].
Attacker: A device, present in the network and which intentionally Attacker: A device, present in the network and which intentionally
seeks to compromise the information bases in NHDP routers. seeks to compromise the information bases in NHDP routers.
Compromised NHDP Router: An attacker, present in the network and Compromised NHDP Router: An attacker, present in the network and
which generates syntactically correct NHDP control messages. which generates syntactically correct NHDP control messages.
skipping to change at page 11, line 10 skipping to change at page 11, line 10
NHDP Router receiving the spoofed packets may degrade the link NHDP Router receiving the spoofed packets may degrade the link
quality as it appears that several packets have been dropped. quality as it appears that several packets have been dropped.
Eventually, the router remove the neighbor when the link quality Eventually, the router remove the neighbor when the link quality
drops below HYST_REJECT. drops below HYST_REJECT.
5. Impact of inconsistent Information Bases on Protocols using NHDP 5. Impact of inconsistent Information Bases on Protocols using NHDP
This section describes the impact on protocols, using NHDP, of NHDP This section describes the impact on protocols, using NHDP, of NHDP
failing to obtain and represent accurate information, possibly as a failing to obtain and represent accurate information, possibly as a
consequence of the attacks described in Section 4. This description consequence of the attacks described in Section 4. This description
emphasizes the impacts on the MANET protocols OLSRv2 [OLSRv2], and emphasizes the impacts on the MANET protocols OLSRv2
SMF [RFC6621]. [I-D.ietf-manet-olsrv2], and SMF [RFC6621].
5.1. MPR Calculation 5.1. MPR Calculation
MPR selection (as used in e.g., [OLSRv2] and [RFC6621]) uses MPR selection (as used in e.g., [I-D.ietf-manet-olsrv2] and
information about a router's 1-hop and 2-hop neighborhood, assuming [RFC6621]) uses information about a router's 1-hop and 2-hop
that (i) this information is accurate, and (ii) all 1-hop neighbors neighborhood, assuming that (i) this information is accurate, and
are apt to act as as MPR, depending on the willingness they report. (ii) all 1-hop neighbors are apt to act as as MPR, depending on the
Thus, a Compromised NHDP router will seek to manipulate the 1-hop and willingness they report. Thus, a Compromised NHDP router will seek
2-hop neighborhood information in a router such as to cause the MPR to manipulate the 1-hop and 2-hop neighborhood information in a
selection to fail, leading to a flooding disruption of TC messages. router such as to cause the MPR selection to fail, leading to a
flooding disruption of TC messages.
5.1.1. Flooding Disruption due to Identity Spoofing 5.1.1. Flooding Disruption due to Identity Spoofing
A Compromised NHDP router can spoof the identify of other routers, to A Compromised NHDP router can spoof the identify of other routers, to
disrupt the MPR selection, so as to cache certain parts of the disrupt the MPR selection, so as to cache certain parts of the
network from the flooding traffic. network from the flooding traffic.
In Figure 4, a Compromised NHDP router X spoofs the identity of B. In Figure 4, a Compromised NHDP router X spoofs the identity of B.
The link between X and C is correctly detected and listed in X's The link between X and C is correctly detected and listed in X's
HELLOs. Router A will receive HELLOs indicating links from, HELLOs. Router A will receive HELLOs indicating links from,
skipping to change at page 15, line 43 skipping to change at page 15, line 43
participants of IETF MANET working group. participants of IETF MANET working group.
9. References 9. References
9.1. Normative References 9.1. Normative References
[RFC2119] Bradner, S., "Key words for use in RFCs to Indicate [RFC2119] Bradner, S., "Key words for use in RFCs to Indicate
Requirement Levels", BCP 14, RFC 2119, March 1997. Requirement Levels", BCP 14, RFC 2119, March 1997.
[RFC5444] Clausen, T., Dearlove, C., Dean, J., and C. Adjih, [RFC5444] Clausen, T., Dearlove, C., Dean, J., and C. Adjih,
"Generalized MANET Packet/Message Format", RFC 5444, "Generalized Mobile Ad Hoc Network (MANET) Packet/Message
February 2009. Format", RFC 5444, February 2009.
[RFC5497] Clausen, T. and C. Dearlove, "Representing Multi-Value [RFC5497] Clausen, T. and C. Dearlove, "Representing Multi-Value
Time in Mobile Ad Hoc Networks (MANETs)", RFC 5497, Time in Mobile Ad Hoc Networks (MANETs)", RFC 5497,
March 2009. March 2009.
[RFC6130] Clausen, T., Dean, J., and C. Dearlove, "MANET [RFC6130] Clausen, T., Dearlove, C., and J. Dean, "Mobile Ad Hoc
Neighborhood Discovery Protocol (NHDP)", RFC 6130, Network (MANET) Neighborhood Discovery Protocol (NHDP)",
April 2011. RFC 6130, April 2011.
9.2. Informative References 9.2. Informative References
[OLSRv2] Clausen, T., Dearlove, C., Philippe, P., and U. Herberg, [I-D.ietf-manet-olsrv2]
Clausen, T., Dearlove, C., Jacquet, P., and U. Herberg,
"The Optimized Link State Routing Protocol version 2", "The Optimized Link State Routing Protocol version 2",
work in progress draft-ietf-manet-olsrv2-18.txt, draft-ietf-manet-olsrv2-19 (work in progress), March 2013.
March 2013.
[RFC4949] Shirey, R., "Internet Security Glossary, Version 2",
RFC 4949, August 2007.
[RFC6621] Macker, J., "Simplified Multicast Forwarding", RFC 6621, [RFC6621] Macker, J., "Simplified Multicast Forwarding", RFC 6621,
March 2012. May 2012.
[broadcast-storm] [broadcast-storm]
Ni, S., Tseng, Y., Chen, Y., and J. Sheu, "The Broadcast Ni, S., Tseng, Y., Chen, Y., and J. Sheu, "The Broadcast
Storm Problem in a Mobile Ad Hoc Network", Proceedings of Storm Problem in a Mobile Ad Hoc Network", Proceedings of
the 5th annual ACM/IEEE international conference on Mobile the 5th annual ACM/IEEE international conference on Mobile
computing and networking, 1999. computing and networking, 1999.
Authors' Addresses Authors' Addresses
Ulrich Herberg Ulrich Herberg
 End of changes. 14 change blocks. 
34 lines changed or deleted 38 lines changed or added

This html diff was produced by rfcdiff 1.41. The latest version is available from http://tools.ietf.org/tools/rfcdiff/