[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Sequence Number field for manually configured SAs

To: "Steve Klein (254-5623)" <steveklein@vnet.ibm.com>
Subject: Re: Sequence Number field for manually configured SAs
From: Rodney Thayer <rodney@sabletech.com>
Date: Mon, 28 Jul 1997 11:54:08 -0400
Cc: ipsec@tis.com
In-Reply-To: <199707281316.JAA29407@relay.hq.tis.com>
Sender: owner-ipsec@ex.tis.com

In manually configured SA's it is impossible for the receiver to use the
sequence number field for packet sequence checking.  Therefore, you can get
away with putting whatever you want in it at the transmitter.  I believe
what's going on here is that the main ESP document is saying you can't do
sequence number checking, and the derived-IV DES document is saying you
should put a random number in the field.

At 09:11 AM 7/28/97 EDT, you wrote:
>I am confused on how the Sequence Number field for ESP should be handled
>for manually configured SAs, especially with respect to implicit IVs.
>The latest ESP draft, draft-ietf-ipsec-esp-v2-00.txt (dated 21 July 1997),
>contains the following two passages:
>
>   2.2  Sequence Number
>   
  .
>   
  .
>   
  .
>      The Sequence Number is mandatory.  It is always included in an ESP
>      packet, to ensure alignment of the Payload field on an 8-byte
>      boundary (in support of IPv6).  Even if authentication is not
>      selected as a security service for the SA, or if ESP is employed in
>      an IPv4 environment, this field MUST be present.
>   
>      Processing of the Sequence Number field is at the discretion of the
>      receiver, i.e., the sender MUST always transmit this field, but the
>      receiver need not act upon it (see the discussion of Sequence Number
>      Verification in the "Inbound Processing" section below).
>
>
>   5.  Conformance Requirements
>   
>      ......................  If the key used to compute an ICV is manually
>      distributed, correct provision of the anti-replay service would
>      require correct maintenance of the counter state at the transmitter,
>      until the key is replaced, and there likely would be no automated
>      recovery provision if counter overflow were imminent.  Thus a
>      compliant implementation SHOULD NOT provide this service in
>      conjunction with SAs that are manually keyed.                 
>
>
>Based on these passages, one could assume that for manual SAs you should
>send the Sequence Number field in the ESP but do not increment any
>counters (to avoid the rollover of the field).
>
>The latest ESP DES-CBC transform draft,
draft-ietf-ipsec-ciph-des-derived-00.txt
>(dated July 1997), contains the following passage:
>
>   5.1.  ESP Sequence Number
>
>      The Sequence Number is a 32-bit (4 byte) unsigned counter.  This
>      field protects against replay attacks, and may also be used for syn-
>      chronization by stream or block-chaining ciphers.
>
>      When configured manually, the first value sent SHOULD be a random
>      number.  The limited anti-replay security of the sequence of data-
>      grams depends upon the unpredictability of the values.
>
>
>This passage leads me to believe that for manually configured ESP SAs,
>one should initialize the Sequence Number field to a random number,
>increment the field for each subsequent packet, and not worry about
>the rollover of the field.
>
>Which interpretation is correct?  I assume the same interpretation would
>also apply to the handling of the Sequence Number field in the manually
>configured AH SAs.
>
>Steve Klein
>
>

References:

Sequence Number field for manually configured SAs

From: "Steve Klein (254-5623)" <steveklein@vnet.ibm.com>

Prev by Date: RE: Derived versus Explicit technical rationale
Next by Date: Re: Sequence Number field for manually configured SAs
Prev by thread: Sequence Number field for manually configured SAs
Next by thread: Re: Sequence Number field for manually configured SAs
Index(es):
- Main
- Thread