Re: Bellovin's and Ahar's attacks

[Danny.Nessett@eng.sun.com (Dan Nessett)]

Mark,

I am somewhat uncomfortable with your proposition :
 
>  I
>  suggest that once we've done that, per-session (or per-user) keys are not
>  required as long as we re-key frequently.  The re-keying defeats Rogoway's
>  attack as effectively as per-session keying.

It assumes that an intruder cannot quickly capture and replay traffic. If he
is doing this manually, then this is probably a safe assumption. However, in
high value applications, there is no reason to believe an intruder will not
spend the resources to write a program that detects a potentially valuable
stream of target traffic, coordinates with an end system program and
replay's it according to Phil's and Ashar's suggestion. For example, transaction
systems (of the kind used to execute stock market trades) would be a perfect
target for such an attack. Each transaction is an independent action, may
quickly use a port and then make it available for use by other programs and
might provide an intruder with potentially valuable information (buy/sell
signals).

Dan

---

• Prev by Date: Re: Bellovin's and Ahar's attacks
• Next by Date: Re: Bellovin's and Ahar's attacks
• Next by thread: Re: IPv6 Security Last Call Initial Questions
• Index(es):
  • Main
  • Thread