Homework #10 - Securing Protocols - Due Monday Mar 2, 1PM

Turn in this assignment via email (vern@berkeley.edu) by the due date, with the term Homework in the Subject.

This assignment differs from past ones in that it isn't rooted in a research paper.

Whenever the IETF standardizes an Internet protocol, one requirement is that the corresponding RFC includes a Security Considerations section discussing different potential security issues that arise when using the protocol. RFC 3552 provides guidelines on how to write such a section.

Note: most of the RFC is a discussion of types of attacks rather than the particulars of writing security considerations. Accordingly, you might save yourself some time by reading sections 1-4 only lightly (or skipping them entirely and going straight to section 5), revisiting elements of them once you are focused on writing your own assessment.

For this assignment, choose any network protocol you're interested in (it doesn't have to be one that the IETF has standardized), other than (1) the examples from RFC 3552 (SMTP and VRRP), or (2) a security protocol. I recommend picking something simple. Feel free to pick an earlier version of the protocol, though if so, make clear which version you're assessing. Do not consult outside resources for your security analysis. (It's okay to do so for understanding features of the protocol you selected.)

Write up:

  1. Briefly describe in general terms how the protocol works: what it tries to achieve, the nature of the participants in the protocol, the types of messages, their encoding (needn't be detailed) and high-level semantics, and what sort of state the participants manage. Mention any RFCs you consulted (but see the next item before reading those RFCs).

  2. Without consulting any analyses of the protocol's security issues (including those in the corresponding RFCs, if any), write a Security Considerations section for the protocol. You should strive to consider the full range of types of issues identified in RFC 3552 that you believe have relevance for your protocol. If appropriate, discuss any additional considerations you identify not covered by the RFC (and consider framing these for Part 4).

    Your assessment here should be (reasonably) comprehensive. Note that security issues can often lurk in less-commonly-used functionality.

  3. What changes would you suggest for making the protocol more secure? Briefly analyze these in terms of practicality and cost.

  4. (Optional.) Discuss any facets of RFC 3552's guidelines that you disagree with, or considerations you believe it is missing.