[Babel-users] Verify ETX route metric

Henning Rogge hrogge at gmail.com
Tue May 24 17:11:45 UTC 2016 

Hi,

there are some ideas that third nodes who can overhear a link between
two other nodes can do some checking, but it is difficult to do and
only gives you a probabilistic chance to detect someone fooling
someone else.

Of course defending against this kind of "insider attacker" is
practically impossible unless you have a node-id based cryptographic
signature... otherwise the attacker can just spoof his identity.

Henning Rogge

On Tue, May 24, 2016 at 4:28 AM, Jehan Tremback
<jehan.tremback at gmail.com> wrote:
> We are trying to mitigate one of the issues described in RFC6126:
>
>> As defined in this document, Babel is a completely insecure protocol. Any
>> attacker can attract data traffic by advertising routes with a low metric.
>
> We're concerned about this mostly because a node could advertise a low
> metric, attract traffic, and then charge for it. One avenue we've thought
> about is to run the link cost calculation end to end across the entire route
> to a given destination. This could give a "second opinion" of what the
> metric to that destination should be. This could be used as a way to detect
> nodes that are cheating.
>
> For example:
>
> if
>
> (A)--2--(B)--3--(C)--1--(D) = 5
>
> then
>
> (A)----------5----------(D) = 5
>
> A performs the link cost calculation between herself and D to find out if B
> or C are cheating. Have you thought about this at all? What's your opinion?
>
> -Jehan
>
> On Sun, May 22, 2016 at 11:16 PM, Juliusz Chroboczek
> <jch at pps.univ-paris-diderot.fr> wrote:
>>
>> > This is more a theoretical than practical question right now, but is it
>> > possible for a node to verify the ETX metrics of its neighbors? That is,
>> > compute the ETX between myself and a given destination, and use it to
>> > confirm
>> > that the additive ETX metric to that destination computed by the
>> > neighbor is
>> > correct.
>>
>> Could you please explain?  I'm not sure I'm following you.
>>
>> -- Juliusz
>>
>
>
> _______________________________________________
> Babel-users mailing list
> Babel-users at lists.alioth.debian.org
> http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/babel-users

More information about the Babel-users mailing list