[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Predictable SPIs (was: Re: A pothole in ISAKMP/Oakley)



David,

	I like your suggestion re unpredictable SPIs and easy indexing, but
it does seem that there is a minor vulnerability. If I am not able to
establish an SA to the target IPSEC implementation (and we assume that
passive wiretapping of valid SPIs is not generally feasible), then the
approach you describe does allow for easy indexing into an SPI table, while
making SPI values hard to guess.  However, if I can establish one such SA,
then I'll know the range in which the SPIs are being generated (since they
must be in the neighborhood of the one I have).  Thus, there is an
opportunity for me to use this info to generate probably SPIs that could be
inserted into packets carrying spurious source addresses, to divert
attention away from me as an attacker.  If the implementation is robust,
then the random offset would be relatively long lived, and thus this
vulnerability might be exploitable for some time.

	Another concern arises relative to the ease of getting any valid
SPI from an implemenattion.  I don't recall at what point in an ISAKMP
exchange does the target of an SA transmit the SPI that the initiator will
employ?  Can an attacker manage to get the SPI without successfully
completing the exchange?  If so, it might be easy for an attacker to get a
valid SPI to use as input to the sort of attack I noted above.

Steve




References: