[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: replay attacks



Bill,

	Thanks for the reminder from the written swipe I-D, but note
that the mention of replay attacks here is orthogonal to my notion of
the RATIONALE for sequencing.  As I recall, the anti-replay feature
was represented in the verbal presentations as supporting UDP and TCP
implementations in dealing with replay attacks.  I was not persuaded
by this argument, in part because of the layering violation
implications.  However, anti-replay measures also serve a purpose in
dealing with denial of service attacks, especially when the measures
are implemented at the permieter, e.g., in a "security router."  Thus,
this mechanism may be argued for based on different rationales and
people may reasonably support or reject the proposal based not just on
the mechanism but also on the rationale provided.

	As for the quesition of what portion of a packet is covered by
AH, let me quite from section 4.3 of the ESP I-D (a discussion of
authentication in both transport mode and tunnel modes):

  " ... There are two different approaches to
   using the Authentication Header with ESP, depending on which data is
   to be authenticated.  The location of the Authentication Header makes
   it clear which set of data is being authenticated."

   " ... if the data encapsulated by ESP were
   less than an entire IP datagram, then the IP Authentication Header
   would be placed as the first header inside the encrypted ESP payload
   and would be calculated across the data encrypted by ESP."

This would suggest that the data covered by the AH differs, depending
on where AH appears.  It is also confusing that this discussion of
what data is covered by AH appears not in the AH spec, or in the
architecture spec, but in the ESP spec.  I'd like to see us evolve the
specs to remove this dual mode usage of AH and focus, instead on
providing (optional) integrity and authenticity services within ESP.

Steve



References: