>>>>> "Jari" == Jari Arkko <jari.ar...@piuha.net> writes:
>> What is it that you don't understand. I will be happy to explain
>> it to you.
Jari> Thanks. I read the details, but I'm missing the big
Jari> picture. I.e., some effort is required from the owner to
Jari> create an address. By repeating that effort (2^59)/2 times,
Jari> someone else is likely to hit the same key with a key pair
Jari> that he or she controls, and an attack can be launched. What
Jari> changes from RFC 3972 to your draft in this high-level
Jari> analysis?
To repeat your analysis, in part so that *I* understand as well:
a) CGA too expensive (generating new RSA) to calculate for nodes that
want mobility and/or privacy.
yet:
b) finding a hash collision takes, (2^59)/2 < effort to break RSA
behind CGA.
So the expensive of the CGA exceeds the (cryptographic) benefit.
(a) is a concern for nodes that are moving, not for web servers.
(b) makes CGA possibly uninteresting even web servers.
--
] Never tell me the odds! | ipv6 mesh networks [
] Michael Richardson, Sandelman Software Works | network architect [
] m...@sandelman.ca http://www.sandelman.ca/ | ruby on rails [
pgpin6yGGoOzm.pgp
Description: PGP signature
-------------------------------------------------------------------- IETF IPv6 working group mailing list ipv6@ietf.org Administrative Requests: https://www.ietf.org/mailman/listinfo/ipv6 --------------------------------------------------------------------
