Re: replay attacks

[Steve Kent <kent@BBN.COM>]

Craig,

	The AH provide not just an authentication service, but also a
connectionless integrity service as well.  Replay prevention is a more
elaborate integrity service and thus it would not be unreasonable to
include it as an option part of AH, consistent with the name of this
protocol.  Inclusion in ESP of any form of integrity/authenticity
features would be both an optimization (less bandwidth than a
separate, embedded AH header, and would allow making the defintion of
AH more consistent (in terms of what portion of a packet is covered).

	While I agree that upper layer protocols are nominally good
places to provide for a variety of sequencing (and thus anti-replay)
integrity services, there are good reasons for providing some of these
services in the IPSEC context.  I originally argued with Phil when he
suggested putting sequence numbers in IPSEC, for the same reasons you
cited.  However, to the extent that one implements AH/ESP in a router,
then it does seem defensible to include anti-replay facilities at that
point as a form of denail of serviec countermeasure.  This is the same
rationale that leads to inclusion of the cookie mechanism in Photuris.

	More extensive sequencing facilities, e.g., analogous to those
of a connection-oriented protocol such as TCP, would be inappropriate,
since the IP layer does not provide sequencing.  However, a simple
anti-replay facility, using a window size negotiated on a
per-association basis, would be consistent with IP layer services and
also seems amenable to implementation in multi-homed environments.

Steve

---

• Prev by Date: Re: replay attacks
• Next by Date: Bill's emails
• Prev by thread: Re: replay attacks
• Next by thread: replay attacks
• Index(es):
  • Main
  • Thread