[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

draft-ietf-ipsec-ah-md5-00.txt

To: perry@imsi.com
Subject: draft-ietf-ipsec-ah-md5-00.txt
From: hugo@watson.ibm.com
Date: Tue, 17 Jan 95 10:53:55 EST
Cc: IPSEC@ans.net

Ref:  Your note of Tue, 17 Jan 1995 10:46:47 -0500 (attached)


 > Subject: Re: draft-ietf-ipsec-ah-md5-00.txt
 > In-Reply-To: Your message of "Tue, 17 Jan 1995 09:49:45 EST."
 >              <199501171502.AA20195@interlock.ans.net>
 > Reply-To: perry@imsi.com
 > X-Reposting-Policy: redistribute only with permission
 > Date: Tue, 17 Jan 1995 10:46:47 -0500
 > From: "Perry E. Metzger" <perry@imsi.com>
 >
 >
 > hugo@watson.ibm.com says:
 > > Just including the length as an authenticated field is NOT enough.
 > > To defeat the trivial appending attack on key-prepended MD5 one
 > > needs to specify that the length value appears in a FIXED OFFSET
 > > from the begining of the information being authenticated (e.g.,
 > > it is the first value in that information, or appears starting in
 > > byte 8, etc.).
 >
 > It does. See rfc791 on IP. Total length always occupies the third and
 > fourth octet of the IP header.
 >

The minimal thing is to explicitely write in the draft that one is relying
on the fixed offset for security; a better thing is not to rely on that
and append the key.

Hugo

Prev by Date: Re: draft-ietf-ipsec-ah-md5-00.txt
Next by Date: Re: draft-ietf-ipsec-ah-md5-00.txt
Prev by thread: Re: draft-ietf-ipsec-ah-md5-00.txt
Next by thread: Re: draft-ietf-ipsec-ah-md5-00.txt
Index(es):
- Main
- Thread