Re: Bellovin's and Ahar's attacks

[pau@watson.ibm.com (Pau-Chen Cheng)]

I have a thought. The reason that Ashar's attack on UDP can succeed
is that an UDP packet has infinite life time. If we can restrict the
life time to a short period, then the attacks and possible damages
can be confined, though not completely eliminated.


Assuming the following :

 1. Every system can keep its time down to the precision of a second.

 2. Every system's clock tick at about the same rate, down to the precision
    of a second.

If the assumptions hold, then what can be done is :

 1. When exahanging keys (including re-keying), each system send its current
    time to the other.

 2. Upon receiving the other's time, a t-delta is computed between the local
    time and the other's time. This t-delta is then associated with the other's
    SPI.

 3. When sending a UDP message, including in the AH a time stamp which is
    equal to "current local time + t-delta". This value is an estimate of
    the other's time.

 4. When receiving a UDP message, examine the time stamp, discard any message
    that is too old (e.g., more than twice the network latency).


Regards, Pau-Chen

---

Follow-Ups:

• Re: Bellovin's and Ahar's attacks
• From: Derek Atkins <warlord@MIT.EDU>
• Re: Bellovin's and Ahar's attacks
• From: Ran Atkinson <rja@bodhi.cs.nrl.navy.mil>

References:

• Re: Bellovin's and Ahar's attacks
• From: Mark H Linehan/Watson/IBM Research <linehan@watson.ibm.com>

---

• Prev by Date: Re: Bellovin's and Ahar's attacks
• Next by Date: Re: Bellovin's and Ahar's attacks
• Next by thread: Re: IPv6 Security Last Call Initial Questions
• Index(es):
  • Main
  • Thread