[Olsr-dev] ARP prevention!

Henning Rogge (spam-protected)
Thu Aug 18 12:42:13 CEST 2011 

On Thu, 18 Aug 2011 11:50:57 Andrea Di Pasquale wrote:
> ArpON does what you're asking with the cooperation of all nodes. :)
> 
> Read please these links:
> 
> http://arpon.sourceforge.net/
> http://arpon.sourceforge.net/documentation.html
> http://arpon.sourceforge.net/algorithms.html
From what I read ARPon does work if the attacker cannot spoof its MAC address 
Spoofing the MAC address is trivial in wireless networks.
 
> In ARP, you solve the problem with authenticating each host and ArpON does
> it.
No, it does not.

ARPon verifies that the MAC address of a communication partner belongs to the 
verified node, nothing more.

Imagine the following scenario.

We have two verified users Alice (A) and Bob (B), which cannot directly hear 
each other in the mesh.

The attacker Mallory sets up two nodes, one near Alice (MA) and one near Bob 
(MB) which are connected by a hidden channel (a cable for example).

Mallory now begins to replay the traffic he hears on each node on the other 
side, including MAC addresses.

A --- MA --- MB --- B

The OLSR instance of Alice will hear OLSR HELLO messages from Bob, which will 
form a link between the two.

When an unicast packet has to travel from Alice to Bob, Alice sends an ARP 
challenge to Bob.

MA will hear the ARP request and replay it on MB, where it will be heard by 
Bob.

Bob will reply with a cryptographically signed ARP response, which will be 
transmitted by MB to MA and then to Alice.

Alice is now sure that she knows the MAC-Address of Bob (which is true).

But she still communicates with Bob through the cable between MA and MB, which 
is controlled by Mallory.

Henning Rogge
-- 
Diplom-Informatiker Henning Rogge , Fraunhofer-Institut für
Kommunikation, Informationsverarbeitung und Ergonomie FKIE
Kommunikationssysteme (KOM)
Neuenahrer Straße 20, 53343 Wachtberg, Germany
Telefon +49 228 9435-961,   Fax +49 228 9435 685
mailto:(spam-protected) http://www.fkie.fraunhofer.de
GPG: E1C6 0914 490B 3909 D944 F80D 4487 C67C 55EC CFE0
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4364 bytes
Desc: not available
URL: <http://lists.olsr.org/pipermail/olsr-dev/attachments/20110818/f792df73/attachment.bin>

More information about the Olsr-dev mailing list