[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: replay attacks
> Date: Wed, 13 Sep 95 08:55:40 EDT
> From: atkinson@itd.nrl.navy.mil (Ran Atkinson)
> To: ipsec@ans.net
> Subject: replay attacks
>
> As to adding sequence numbers to AH, there remain 16 bits of reserved
> space in the AH header. Would it be sensible to have a 16 bit sequence
> number there ? If not, then what do folks think the replay attack
> detection mechanism should look like ?
>
> Ran
> rja@cs.nrl.navy.mil
I would think 16 bits would be insufficient. To avoid replay attacks,
I would presume the sequence space should be large enough to handle
the round-trip bandwidth-delay product for "worst case" delay and
bandwidth.
Let us assume the worst combination:
reasonably attainable link speeds (300 Mbps)
reasonably small packet sizes (1.5 KB)
reasonably large round-trip latency (1 s) (tolerated before replay)
That results in 300 Mb in transit, or 25000 packets in transit.
That's about 1/2 the sequence number space.
If bandwidth increases, or if the acceptable replay latency
should be larger (2s?, e.g., for radio/satellite?), the
space is insufficient.
The replay sequence space should be reasonably close to the
window-buffer size required e.g., for TCP, measured in packets.
Joe
Follow-Ups: