[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: replay attacks

To: ipsec@ans.net, skip-info@tik.ee.ethz.ch
Subject: Re: replay attacks
From: Germano Caronni <caronni@tik.ee.ethz.ch>
Date: Wed, 13 Sep 1995 20:37:20 +0200 (MET DST)
In-Reply-To: <199509131615.AA43515@interlock.ans.net> from "Phillip Rogaway" at Sep 13, 95 12:15:44 pm

Phillip Rogaway wrote in the IPSEC mailing list:
>  [...] replay detection can 
>  be handled by choosing a MAC mechanism which directly provides
>  that service.  Indeed a 96-128 bit MAC has ample space to 
>  directly incorporate replay detection, and one can "generically" 
>  modify any (ordinary) Message Authentication mechanism into a new
>  one which protects against replays.  The cost is making the 
>  MAC some 32-64 bits longer, say.

Perhaps there is even no need to make the MAC longer? 

Using e.g. keyed MD5 or whatever one could place a time stamp with sufficent
granularity into the 'key' part of the authenticated data. So the MAC would
only be correct if the receiver gets it in the same time-frame.
The only drawback I see, is that you can not actually read from the packet for 
which time-slot it has been produced. 
Are there other drawbacks I am not aware of?

Friendly greetings,

	Germano

Follow-Ups:

Re: replay attacks

From: <dawagner@phoenix.Princeton.EDU>

References:

Re: replay attacks

From: rogaway@theory.lcs.mit.edu (Phillip Rogaway)

Prev by Date: Re: replay attacks
Next by Date: Re: replay attacks
Prev by thread: Re: replay attacks
Next by thread: Re: replay attacks
Index(es):
- Main
- Thread