Update Security Considerations and IANA Section #3
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
jiceatscion
requested changes
Dec 7, 2023
matzf
reviewed
Dec 12, 2023
nicorusti
reviewed
Dec 19, 2023
nicorusti
changed the title
Co-authored-by: Nicola Rustignoli <[email protected]>
jiceatscion
approved these changes
Jan 12, 2024
nicorusti
reviewed
Jan 16, 2024
knmeynell
reviewed
Jan 18, 2024
knmeynell
reviewed
Jan 18, 2024
Co-authored-by: knmeynell <[email protected]>
…uncing seemingly desirable paths
nicorusti
reviewed
Feb 23, 2024
nicorusti
reviewed
Feb 23, 2024
Comment on lines
+1534
to
+1538
| ### Peering Link Misuse {#peer-link-misuse} | ||
|
|
||
| The misuse of a peering link by an adversary represents another type of attack. Consider the case where AS A wants to share its peering link only with one of its downstream neighbors, AS B, and therefore selectively includes the peering link only in PCBs sent to B. An adversary may now try to gain access to this peering link by prepending the relevant PCBs to its own path. For this, the adversary needs to be able to (1) eavesdrop on the link from A to B, and (2) obtain the necessary hop fields by querying a control service and extracting the hop fields from registered paths. | ||
|
|
||
| Even if an adversary succeeds in misusing a peering link as described above, SCION is able to mitigate this kind of attack: Each AS includes an egress interface as well as specific “next hop” information to the PCB before disseminating it further downstream. If a malicious entity tries to misuse a stolen PCB by adding it to its own segments, verification will fail upstream as the egress interface mismatches. Therefore, the peering link can only be used by the intended AS. |
There was a problem hiding this comment.
This seems to me just a special case of "Path Hijacking through Interposition" described in the paragraph above. I'd leave it for now, but perhaps it could be merged to the paragraph above in the long term.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.