[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: comments on Photuris

To: hugo@watson.ibm.com
Subject: Re: comments on Photuris
From: Phil Karn <karn@qualcomm.com>
Date: Fri, 10 Mar 1995 19:26:11 -0800
Cc: IPSEC@ans.net
In-Reply-To: <199502221726.JAA03646@qualcomm.com> (hugo@watson.ibm.com)

Hugo,

>>   Suppose I add a rule to Photuris that says you should use an existing
>>   SAID whenever possible to encrypt the exchanges that create a new
>>   SAID. Would this give you some of the same sort of protection against
>>   partial compromises that you get with explicit key refreshment?

>If I understand correctly, what you mean is basically having two
>(simultaneous) ways to authenticate a key exchange. One is using

Actually, I wasn't thinking about authentication so much as I was
looking for a cheap way to harden the protocol against passive
eavesdropping. This is still by far the easiest attack to mount on a
large scale -- just ask NSA. Yes, an active attacker can still come
along and pretend to be a correspondent who has lost state, but this
is not only a lot harder to do, it greatly increases the chance of
being detected.

Phil

Prev by Date: The best
Next by Date: Re: The besty
Prev by thread: Re: The besty
Next by thread: Re: (IPng) The best
Index(es):
- Main
- Thread