[Cryptography] Langsec & authentication
Stephan Neuhaus
stephan.neuhaus at tik.ee.ethz.ch
Wed May 28 02:45:46 EDT 2014
On 05/27/2014 09:59 PM, Judson Lester wrote:
> On Tue, May 27, 2014 at 12:53 PM, Stephan Neuhaus
> <stephan.neuhaus at tik.ee.ethz.ch> wrote:
>> Once you have ambiguous blobs of data, one of which means "re-order
>> coffee" and the other meaning "nuke North Korea", you've lost the game.
>> But surely that's not the fault of the authentication subsystem.
>
> So, in that case you need your protocol language that describes
> messages unambiguously - so that there's only one blob that
> legitimately means "nuke North Korea."
My point was rather that if I send you a message which you can
legitimately decode as either a request for more caffeine or delivery of
apocalyptic weaponry, authenticating the message is the least of your
worries and you should redesign your protocol.
One protocol which does it right is IPFIX (see RFC 5101). This is a
protocol that's designed for the transport of network measurement data.
(It's a descendent of NetFlow V9, if that helps.) (Conflict-of-Interest
declaration: I am writing a fast IPFIX/V9 collection/transcoding/export
library.) The various data items have types, but these aren't the types
that a CS major would come up with (boolean, integer, float), but rather
have very specific semantics. Thus you have, for example, the types "IP
V4 source address" and "IP V4 destination address". There is really no
way to mistake one for the other. (Well of course there's always a way,
but the protocol really goes out of the way to make that difficult.)
In this protocol, there's no way to say "bring me more coffee" and have
it interpreted as "launch nukes", even though there are many ways to say
"there were 100 bytes exchanged between 1.2.3.4 and 5.6.7.8 last Monday
between 10.00 am and 10.01 am", through different orderings of the data
items. In this case, even reordering the source and destination IP
addresses would not change the meaning of the data, since the types of
the data items are not just "IP V4 address" but "IP V4 source address".
Fun,
Stephan
More information about the cryptography
mailing list