[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Key Managment Query/Comments...
We have studied SNMPv2 security and do not like what we have
found. The key management in SNMPv2 has undesirable characteristics
(e.g. you use the old key to get and install its replacement rather
than using KEK). If the old key had already been compromised, the new
key is also compromised upon installation.
Also, SNMPv2 does not have algorithm independence, so using it
for key management implies that one trusts _for all time_ that DES is
sufficient security for one's keys.
IMHO, using SNMPv2 for key management is not appropriate and
would not conform to the IPv4 security protocol's requirement for
algorithm independence.
NRL has much experience in the use of formal methods to
analyse key management protocols. There are many cases where key
management algorithms in the open literature have had serious flaws
discovered long after initial publication. Local discussions have
persuaded me that it is highly desirable to have a key management
protocol/mechanism that is entirely separate from the IP security
protocol. For example, I consider swIPe's so-called "out of band"
data to be too tightly coupled to swIPe for it to be suitable for key
mgmt.
If one uses a completely independent key management
protocol/mechanism and one needs to change the key management
protocol/mechanism at some future date, one can do so without having
to make major changes to the IP security protocol or any other
Internet protocol.
Regards,
Ran
atkinson@itd.nrl.navy.mil
Follow-Ups: