[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re[2]: My current thoughts on IPSEC
Donald and Ran:
> ... Also, it might >be useful to indicate that the SAID might be
> directional (e.g. A-->B >uses SAID 1 and B-->A uses SAID 5)
> because this eliminates the need >for direction bits.
The direction of the datagram is not authenticated in this approach.
When the same key is used to protect traffic from A to B and from B to
A, then a mechanism is needed to ensure that an attacker does not simply
swap the from and to addresses. The SAID suggestion does not provide
sufficient protection. With this approach, the attacker simply swaps
the addresses and changes the SAID. After watching one datagram in each
direction, the attacher will have all of the information necessary to
"reflect" the traffic back to the originator.
There must be some indication of direction which is cryptographically
protected with the datagram.
> I also included an optional time stamp so you need a bit to say
> if it is present or not. This bit and time stamp could have been
> in the clear or encyrpted header. They need to be authenticated
> but there is no need to encyrpt the time stamp. If present, its
> just the "current" time.
How is the timestamp used? I do not see how these are authenticated? What
security service do they provide?
Russ
Follow-Ups: