Re: A pothole in ISAKMP/Oakley

[Stephen Kent <kent@bbn.com>]

Folks,

	I'm somehwat at fault here.  In re-writing the AH and ESP specs I
re-worded the brief description of SPIs to deemphasize any notion of
randomness for secruity purposes, as there was no documentation explaining
the motivation for such selection in the previous documents and those
documents merely hinted that the SPis should be "arbitrary," if I recall
correctly.

	I presume that the anti-D0S argument put forth here is based on the
notion that one can very quickly reject traffic that claims to be AH or ESP
is there is no matching SPI, rather than expending any effort for further
processing. If so, we need to be explicit about that in our documentation,
i.e., provide a brief statement of motivation as well as a requirement
specification. I guess that the threat model that motivates this technique
assumes that the attacker has no passive wiretap capability, which we also
need to mention in the architecture document.  Note that requiring
pseudo-random SPIs does have potentially adverse performance implications,
e.g., simple index SPIs are outlawed and that makes table lookups harder.
So, we should be convinced that making this a requirement is worthwhile,
e.g., we believe in the threat model I mentioned, before insisting on this
characteristic for SPIs.

Steve

---

References:

• Re: A pothole in ISAKMP/Oakley
• From: ho@earth.hpc.org (Hilarie Orman)
• Re: A pothole in ISAKMP/Oakley
• From: Dan.McDonald@Eng.sun.com (Dan McDonald)

---

• Prev by Date: Re: A pothole in ISAKMP/Oakley
• Next by Date: Re: A pothole in ISAKMP/Oakley
• Prev by thread: Re: A pothole in ISAKMP/Oakley
• Next by thread: Another pothole in ISAKMP/Oakley
• Index(es):
  • Main
  • Thread