iotedge-lorawan-starterkit icon indicating copy to clipboard operation
iotedge-lorawan-starterkit copied to clipboard

Published 20 hours ago verified publisher icon Azure

Deduplication on replay attacks allows messages from a different concentrator to pass

Open spygi opened this issue 3 years ago • 1 comments

Consider the scenario:

  • Unconfirmed message with frame counter 10, Deduplication Mark or None
  • Station A picks it up, LNS marks it as Not Duplicate, goes upstream ✔
  • Station B gets it, LNS sees that it was already handled, marks it as SoftDuplicate, goes upstream ✔
  • Station A gets it again because of replay. LNS marks it as Resubmission, does not go upstream because it's marked as invalid counter in ValidateRequest
  • Station B gets it again because of replay. LNS marks it as SoftDuplicate, else if (payloadFcnt == loRaDevice.FCntUp && concentratorDeduplicationResult == ConcentratorDeduplicationResult.SoftDuplicateDueToDeduplicationStrategy) is true this time, goes upstream. ❌

There could be potentially other similar scenarios that are not covered besides this one.

Acceptance criteria:

  • Ensure test coverage for replay attacks. As of now we only check if message is sent only 1 additional time (total of 2).

spygi avatar Dec 16 '21 10:12 spygi

@spygi - can you validate this again?

p-schuler avatar Jan 12 '22 13:01 p-schuler