RE: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures)

From: Dawson, Martin ^lt;Martin.Dawson@andrew.com>
Date: Mon Feb 19 2007 - 01:12:36 EST

So how, without exploit, does the attacker launch an arbitrary number of calls with signed location objects that appear to come from discrete devices at a specific location at a specific point in time? Cheers, Martin -----Original Message----- From: Marc Linsner [mailto:mlinsner@cisco.com] Sent: Saturday, 17 February 2007 12:19 PM To: 'Brian Rosen' Cc: geopriv@ietf.org Subject: RE: [Geopriv]WGLCondraft-ietf-geopriv-l7-lcp-ps-00(PIDF-LOdigitalsignatures) Brian, > > WRT signatures, the PSAP will treat locations with a good > signature differently than one without a signature or with a > bad signature. It will question the caller more closely. It > will alert the responders that there is a possibility that > the location is not accurate. > > When it is under attack, it may answer calls with a good > signature before it answers calls with a missing or bad signature. > > Pizza Hut has the same problems as the PSAP. It may be more > likely to not deliver if it gets a missing or bad signature. I certainly hope you understand that signatures simply move the attack vector. What you are stating is signed/verified location objects will be trusted at a higher status than signed/unverifiable or unsigned. The attack vector is now the level of trust. If the PSAP simply trusts good signatures, a smart attack would include a barrage of calls with the varying forms of location objects, and of course, the most trusted one will now be the exact location the attacker wants to send the responders. This isn't rocket science! You know this can be accomplished, albeit, it takes a slightly smarter attacker, of which there are many. I believe a safer solution would be for the PSAP to not trust any location, THE SAME WAY THEY DO TODAY. Besides, a signed verified location object is ALWAYS overridden by the human on the bearer channel. Signing location objects opens an additional attack vector fooling the PSAP with (false) trust! And a lot of work to open this avenue for attack! -Marc- _______________________________________________ Geopriv mailing list Geopriv@ietf.org https://www1.ietf.org/mailman/listinfo/geopriv ------------------------------------------------------------------------------------------------ This message is for the designated recipient only and may contain privileged, proprietary, or otherwise private information. If you have received it in error, please notify the sender immediately and delete the original. Any unauthorized use of this email is prohibited. ------------------------------------------------------------------------------------------------ [mf2]

_______________________________________________
Geopriv mailing list
Geopriv@ietf.org
https://www1.ietf.org/mailman/listinfo/geopriv
Received on Mon, 19 Feb 2007 00:12:36 -0600

This archive was generated by hypermail 2.1.8 : Mon Feb 19 2007 - 01:13:02 EST