[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re[4]: IKMP Security Exchange Negotiation




Colin,

Thanks for the comments.  

>X-Disclaimer: Nyx is a public access Unix system run by the University
>   of Denver.  The University has neither control over nor
>   responsibility for the opinions or correct identity of users.
>
>Paul Lambert <Paul_Lambert-P15452@email.mot.com> wrote:
>(Is that "P15452" a cookie to prevent flooding by junk mail?)

I wish, it is more like corporate castor oil that is added by our X.400 gateway 
...


>
>> Example 5 - The cookies are needed when a recipient feels threatened (purhaps
>> it just recieved a bogus DH initiation).  It is then very important to allow
>> the recipient to request a cookie using a stateless response:
>> ->  (DH,DH1),(KC,)
>> <-  (KC,)
>> ->  (KC,KC1)
>> <-  (KC,KC2)
>> ... etc.
>
>Please note that the initial setup message in Karn Cookies is stateless,
>i.e. the "KC1" sent from intiator is 0 bits long.  (Well, okay, it's the
>IP address which is of non-zero size, but it's always included so you
>can send the reply, so the size attributable to the protocol is 0.)
>I was thinking of this for Photuris, although your technique is more general.
>So the second message would be KC2 (the cookie).

I had abstracted the exchanges and ignored the details of the Karn Cookies.  


>The KC exchange is a bit odd, because it's to be used in *addition* to
>another protocol.  I.e. you then go on to send (DH,DH1),KC2.

I had assumed a bundling approach where the KC included a Diffie-Hellman or 
similar key establishment.  For this example I really should have referenced 
Photuris and documented a PH exchange.

I had not considered treating the KC or similar flooding prevent mechanisms 
separate from the key establishment.  Previously, I have viewed the main 
protocol exchange as two steps: key establishment and attribute negotiation.  
It looks like a thrid optional cookie step could be added.  Cookies could be 
built into a key exchange, or intergrated into the IKMP as separate processing.


Regards,

Paul