Sign in
Search rabbit-semi
Subscribe to rabbit-semi
Sponsor
Ads
Discussion Groups
See Also
Discussion Groups | Rabbit-Semi | security against reply attacks on udp
This is a group for folks designing and programming embedded systems using the Rabbit Semiconductor C-programmable microcontroller. Rabbit Semi is a spin-off from Z-World who makes a variety of embedded modules and tools. This group is not affiliated with either Rabbit or Z-World, but is a user forum for sharing ideas, asking questions, flaunting knowledge, and other typical user group stuff. The Rabbit is a powerful uC, supported by a full-featured C-compiler.
security against reply attacks on udp - nora_elhennawy - Aug 16 10:02:48 2009
i am working on a project based on r4000 and we are exchanging frames on udp(we are
obliged to udp since we need multicast)
now we are considering security issues specially replay attacks?
After a little research we came up with timestamp solution(have source to send time every predefined period and use time to reject old/replayed frame).further i thought of using the icmp request/reply timestamp but found that using icmp is not a good idea
is using timestamp the best way to detect and reject replayed frames?
is there anyway else to do it?
Note:our product may/maynot be connected into internet
any help will be appericated
Regards,
Nora
------------------------------------
(You need to be a member of rabbit-semi -- send a blank email to rabbit-semi-subscribe@yahoogroups.com )
now we are considering security issues specially replay attacks?
After a little research we came up with timestamp solution(have source to send time every predefined period and use time to reject old/replayed frame).further i thought of using the icmp request/reply timestamp but found that using icmp is not a good idea
is using timestamp the best way to detect and reject replayed frames?
is there anyway else to do it?
Note:our product may/maynot be connected into internet
any help will be appericated
Regards,
Nora
------------------------------------
(You need to be a member of rabbit-semi -- send a blank email to rabbit-semi-subscribe@yahoogroups.com )
Re: security against reply attacks on udp - Martin Honeywill - Aug 17 10:23:53 2009
--- In r...@yahoogroups.com, "nora_elhennawy" wrote:
>
> i am working on a project based on r4000 and we are exchanging frames on udp(we are obliged to udp since we need multicast)
>
> now we are considering security issues specially replay attacks?
> After a little research we came up with timestamp solution(have source to send time every predefined period and use time to reject old/replayed frame).further i thought of using the icmp request/reply timestamp but found that using icmp is not a good idea
>
> is using timestamp the best way to detect and reject replayed frames?
> is there anyway else to do it?
>
> Note:our product may/maynot be connected into internet
>
> any help will be appericated
>
> Regards,
> Nora
>
Why not have a frame number that is incremented with every message, and reject any frame that has a frame number <= the last frame number received. Note you will have to handle the situation of a roll-over to 0, but this one off case would be easy to handle.
Cheers
Martin
------------------------------------
(You need to be a member of rabbit-semi -- send a blank email to rabbit-semi-subscribe@yahoogroups.com )
>
> i am working on a project based on r4000 and we are exchanging frames on udp(we are obliged to udp since we need multicast)
>
> now we are considering security issues specially replay attacks?
> After a little research we came up with timestamp solution(have source to send time every predefined period and use time to reject old/replayed frame).further i thought of using the icmp request/reply timestamp but found that using icmp is not a good idea
>
> is using timestamp the best way to detect and reject replayed frames?
> is there anyway else to do it?
>
> Note:our product may/maynot be connected into internet
>
> any help will be appericated
>
> Regards,
> Nora
>
Why not have a frame number that is incremented with every message, and reject any frame that has a frame number <= the last frame number received. Note you will have to handle the situation of a roll-over to 0, but this one off case would be easy to handle.
Cheers
Martin
------------------------------------
(You need to be a member of rabbit-semi -- send a blank email to rabbit-semi-subscribe@yahoogroups.com )
RE: Re: security against reply attacks on udp - Kevin Franzen - Aug 17 10:59:21 2009
Even without a replay attack, it is possible to receive the same UDP
packet more than once. Also, UDP packets can be received out of order.
If either of these conditions could be a problem for your application
you should add some type of numbering scheme.
From: r...@yahoogroups.com [mailto:r...@yahoogroups.com]
On Behalf Of Martin Honeywill
Sent: Monday, August 17, 2009 9:23 AM
To: r...@yahoogroups.com
Subject: [rabbit-semi] Re: security against reply attacks on udp
--- In r...@yahoogroups.com
, "nora_elhennawy"
wrote:
>
> i am working on a project based on r4000 and we are exchanging frames
on udp(we are obliged to udp since we need multicast)
>
> now we are considering security issues specially replay attacks?
> After a little research we came up with timestamp solution(have source
to send time every predefined period and use time to reject old/replayed
frame).further i thought of using the icmp request/reply timestamp but
found that using icmp is not a good idea
>
> is using timestamp the best way to detect and reject replayed frames?
> is there anyway else to do it?
>
> Note:our product may/maynot be connected into internet
>
> any help will be appericated
>
> Regards,
> Nora
>
Why not have a frame number that is incremented with every message, and
reject any frame that has a frame number <= the last frame number
received. Note you will have to handle the situation of a roll-over to
0, but this one off case would be easy to handle.
Cheers
Martin
______________________________
controlSUITE™ software. Comprehensive. Intuitive. Optimized.
Real-world software for real-time control. Details Here!
(You need to be a member of rabbit-semi -- send a blank email to rabbit-semi-subscribe@yahoogroups.com )
packet more than once. Also, UDP packets can be received out of order.
If either of these conditions could be a problem for your application
you should add some type of numbering scheme.
From: r...@yahoogroups.com [mailto:r...@yahoogroups.com]
On Behalf Of Martin Honeywill
Sent: Monday, August 17, 2009 9:23 AM
To: r...@yahoogroups.com
Subject: [rabbit-semi] Re: security against reply attacks on udp
--- In r...@yahoogroups.com
wrote:
>
> i am working on a project based on r4000 and we are exchanging frames
on udp(we are obliged to udp since we need multicast)
>
> now we are considering security issues specially replay attacks?
> After a little research we came up with timestamp solution(have source
to send time every predefined period and use time to reject old/replayed
frame).further i thought of using the icmp request/reply timestamp but
found that using icmp is not a good idea
>
> is using timestamp the best way to detect and reject replayed frames?
> is there anyway else to do it?
>
> Note:our product may/maynot be connected into internet
>
> any help will be appericated
>
> Regards,
> Nora
>
Why not have a frame number that is incremented with every message, and
reject any frame that has a frame number <= the last frame number
received. Note you will have to handle the situation of a roll-over to
0, but this one off case would be easy to handle.
Cheers
Martin
______________________________
controlSUITE™ software. Comprehensive. Intuitive. Optimized.
Real-world software for real-time control. Details Here!
(You need to be a member of rabbit-semi -- send a blank email to rabbit-semi-subscribe@yahoogroups.com )