[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: A pothole in ISAKMP/Oakley

To: pau@watson.ibm.com, ho@earth.hpc.org
Subject: Re: A pothole in ISAKMP/Oakley
From: pau@watson.ibm.com
Date: Tue, 15 Apr 1997 15:27:04 -0400
Cc: Dan.McDonald@Eng.sun.com, canetti@watson.ibm.com, ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

> From ho@earth.hpc.org Tue Apr 15 14:32:44 1997
> Date: Tue, 15 Apr 1997 14:23:33 -0400
> From: ho@earth.hpc.org (Hilarie Orman)
> Message-Id: <199704151823.OAA04580@earth.hpc.org>
> To: pau@watson.ibm.com
> Cc: Dan.McDonald@Eng.Sun.COM, canetti@watson.ibm.com, ipsec@tis.com
> In-Reply-To: Yourmessage <9704151748.AA23438@secpwr.watson.ibm.com>
> Subject: Re: A pothole in ISAKMP/Oakley
> Content-Length: 537
> Status: RO
> 
> >  Also, it is possible to run a pseudo-random generator once, and use the
> >  new random value as SPI for both ESP and AH (since the spec also says
> >  they
> >  have separate SPI-spaces, see section 2.1 of ISAKMP draft 7). Is this 
> >  broken ?
> >  I guess it is a border-line case.
> 
> The requirement for pseudo-random SPI's was not motivated by key management
> concerns, but rather to protect against denial of service attacks, I thought.

You are right. But since Quick Mode Exchange is proteted
(encrypted and authenticated) by the phase 1 ISAKMP SA,
clogging attack should not be a big problem.

Ran's msg is about OAKLEY Quick Mode KEYMAT derivation,
NOT phase 1 main mode.


Regards, Pau-Chen

Follow-Ups:

Re: A pothole in ISAKMP/Oakley

From: ho@earth.hpc.org (Hilarie Orman)

Prev by Date: Re: A pothole in ISAKMP/Oakley
Next by Date: Re: A pothole in ISAKMP/Oakley
Prev by thread: Re: A pothole in ISAKMP/Oakley
Next by thread: Re: A pothole in ISAKMP/Oakley
Index(es):
- Main
- Thread