How do you put a TV station on the Mbone?

Steven Bellovin smb at cs.columbia.edu
Thu May 5 05:46:06 CDT 2011


On May 5, 2011, at 1:55 54AM, George Bonser wrote:

>>> There is a security aspect to such things, though, as how do you
> know
>>> the content is from a trusted source?  That is the bugaboo with
>>> multicast.  It needs to be information that isn't going to hurt
>> anything
>>> if it is bogus.  Also, it opens up a DoS possibility with noise
>> traffic
>>> sent to the multicast group.
>> 
>> SSM with encryption?
> 
> Well, certainly, but source address can be very easily spoofed with a
> UDP multicast stream.  Now that could be mitigated with a lot of network
> configuration rules but something is needed that just works without all
> that.
> 
> So using multicast for things like software updates to computers over
> the general internet to the general public probably isn't going to work.
> Encryption is also an issue because it doesn't really work well over
> multicast. How do I encrypt something in a way that anyone can decrypt
> but nobody can duplicate?  If I have a separate stream per user, that is
> easy.  If I have one stream for all users, that is harder.  The answer
> is probably in some sort of digital signature but not really encryption.
> 
> Using public/private key encryption over multicast, I would have to
> distribute the private key so others could decrypt the content.  If they
> have the private key, they can generate a public key to use to generate
> content.
> 
> Encryption is probably overkill anyway.  What is needed is a mechanism
> simply to say that the content is certified to have come from the source
> it claims to come from.  So ... basically ... better not to use
> multicast for anything you really might have any security issues with.
> Fine for broadcasting a video, not so fine for a kernel update.
> 
See the work of the IETF MIKEY working group.

		--Steve Bellovin, https://www.cs.columbia.edu/~smb









More information about the NANOG mailing list