[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

AH-Lite

To: ipsec@tis.com
Subject: AH-Lite
From: Kai Martius <admin@imib.med.tu-dresden.de>
Date: Tue, 21 May 1997 16:50:52 MET
Organization: UNIKLINIK TUD
Reply-to: kai@imib.med.tu-dresden.de
Sender: owner-ipsec@ex.tis.com

Hi,

I'm fairly new on this list (unfortunally, because the discussion is
-mostly- very interesting), so I apologize for things I write or ask
that may have been discussed months ago.

First my opinion to the discussion about ESP with or w/o encryption:
Authentication and integrity will be in much broader use than
encryption, I believe. Beside export regulation issues there are much
more nodes on the Net that want to verify authenticity and integrity
of hosts/users/servers than nodes that have to provide privacy.
Privacy is more an end-to-end issue i.e. application to application.
Only in a VPN-construction where a security gateway detects
unencrypted packets it has to use Tunnel-ESP. It's much more important
the GW can use _autheticated_ adresses or -much better- certificates
to make a policy-based decision what to do with that packet. I read
the current I-D so that AH already provides authentication over the
whole packet (except some header fields) - so why we need auth.-only
ESP? (provokative question: why auth. in ESP on the whole? If you need
authenticy / integrity use AH , if you need privacy too, use ESP!; ESP
allone would only work with 'integrity-enabled' encryption mechanism)

Because we won't see public key crypto for auth. purposes very soon, I
see a problem in verifying AH on other systems than dst. system. 
Assuming fragmentation, AH could only be validated on dst. system
(even if we use public key crypto). AH-tunnel would be a way, but I
think thats a lot of overhead. So, is there a way to use AH for
header-authentication only? I could imagine following processing: 
- Sender uses AH to authenticate the whole packet, SA with ultimate
  destination. 
- if there are nodes on the way that want to verify
  packets, the sender has to establish different SAs to this nodes. But: It
  only needs to authenticate appropriate header fields, because a
  concatenation to data portion is given through inclusion of first AH
  in ICV-computation. Extra AHs should be placed _before_ all other AHs.
  Problem: how to find the nodes that need a extra AH? (ICMP-message or 
  special DNS-record - like proposed by Dan Harkins some times ago?).
  Question: Do I need another IP-Header together with extra AH (which
  would be AH-tunnel-mode without authenticating the whole packet
  again); but if the node is a router, packet won't be sent with dst.
  address <router>.. ? 
  Question: how could I maintain a SA without being the addressee of the 
  packet? 
- this solution would also be possible, if gateways / routers on organisation 
  boundaries don't want to verify packets from inside, but working on a VPN. 
  Now the gateway / router has to establish the appropriate SA and inserts the 
  extra AH. But: If there is no AH yet, it has to authenticate the whole packet. 
- every verified AH can be extracted from the packet. 

Any suggestions on this scheme?

Thanks,
Kai

Prev by Date: Re: ESP revisions straw poll
Next by Date: Re: ESP revisions straw poll
Prev by thread: Re: ESP revisions straw poll -Reply
Next by thread: new AH spec
Index(es):
- Main
- Thread