| rfc9407v2.txt | rfc9407.txt | |||
|---|---|---|---|---|
| skipping to change at line 963 ¶ | skipping to change at line 963 ¶ | |||
| that may impact all the nodes attached to the targeted network (e.g., | that may impact all the nodes attached to the targeted network (e.g., | |||
| by making flows unresponsive to congestion signals). | by making flows unresponsive to congestion signals). | |||
| In the following sections, we discuss these attacks, according to the | In the following sections, we discuss these attacks, according to the | |||
| component targeted by the attacker. | component targeted by the attacker. | |||
| 7.2. Attacks against the Data Flow | 7.2. Attacks against the Data Flow | |||
| An attacker may want to access confidential content by eavesdropping | An attacker may want to access confidential content by eavesdropping | |||
| the traffic between the Tetrys encoder/decoder. Traffic encryption | the traffic between the Tetrys encoder/decoder. Traffic encryption | |||
| is the usual approach to mitigate this risk; this encryption can be | is the usual approach to mitigate this risk, and this encryption can | |||
| done either on the source flow, above Tetrys, or below Tetrys, on the | be applied to the source flow upstream of the Tetrys encoder or to | |||
| output packets, both source and coded packets. The choice on where | the output packets downstream of the Tetrys encoder. The choice on | |||
| to apply encryption depends on various criteria, in particular the | where to apply encryption depends on various criteria, in particular | |||
| attacker model (e.g., when encryption happens below Tetrys, the | the attacker model (e.g., when encryption happens below Tetrys, the | |||
| security risk is assumed to be on the interconnection network). | security risk is assumed to be on the interconnection network). | |||
| An attacker may also want to corrupt the content (e.g., by injecting | An attacker may also want to corrupt the content (e.g., by injecting | |||
| forged or modified source and coded packets to prevent the Tetrys | forged or modified source and coded packets to prevent the Tetrys | |||
| decoder from recovering the original source flow). Content integrity | decoder from recovering the original source flow). Content integrity | |||
| and source authentication services at the packet level are then | and source authentication services at the packet level are then | |||
| needed to mitigate this risk. Here, these services need to be | needed to mitigate this risk. Here, these services need to be | |||
| provided below Tetrys in order to enable the receiver to drop | provided below Tetrys in order to enable the receiver to drop | |||
| undesired packets and only transfer legitimate packets to the Tetrys | undesired packets and only transfer legitimate packets to the Tetrys | |||
| decoder. It should be noted that forging or modifying feedback | decoder. It should be noted that forging or modifying feedback | |||
| End of changes. 1 change blocks. | ||||
| 5 lines changed or deleted | 5 lines changed or added | |||
This html diff was produced by rfcdiff 1.48. | ||||