[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: New SPI when renegotiate keys?

To: Dan.McDonald@eng.sun.com (Dan McDonald)
Subject: Re: New SPI when renegotiate keys?
From: Bill Sommerfeld <sommerfeld@apollo.hp.com>
Date: Wed, 06 Aug 1997 17:26:40 -0400
Cc: cjgibson@semaphorecom.com (Catherine Gibson), ipsec@tis.com
In-Reply-To: Dan.McDonald's message of Wed, 06 Aug 1997 14:12:01 -0700. <199708062112.OAA20585@kebe.eng.sun.com>
Sender: owner-ipsec@ex.tis.com

> > If so, why?
> 
> Because IP has no delivery guarantees, and changing the keys on an existing
> SA will scramble packets that arrive AFTER the rekeying, but were
> encrypted/authenticated BEFORE the rekeying.  Hey, it's IP, anything can
> happen.
> 
> Consider the following SA:
> 
> 	A -> B, AH HMAC-MD5, SPI = 0x84001100, key = <foo>
> 
> So I receive some packets for SA {B, 0x84001100}.  Suddenly I perform an
> ISAKMP regnegotiation and change the key from <foo> to <bar>.
> 
> But say before that happened, a packet left A.  Let's say that the packet got
> caught in a routing loop while the ISAKMP exchange took place.  Suddenly this
> old packet arrives at B, and the SA lookup succeeds.  But now, the key is
> different so it won't authenticate.

I agree 100% with this analysis..

In addition, I believe that most if not all significant properties of
SA's need to be "immutable".. because any changes to SA's might be
reordered around traffic to/from them..

					- Bill

References:

Re: New SPI when renegotiate keys?

From: Dan.McDonald@eng.sun.com (Dan McDonald)

Prev by Date: Re: New SPI when renegotiate keys?
Next by Date: Corner-case question
Prev by thread: Re: New SPI when renegotiate keys?
Next by thread: Directions for ESP and AH?
Index(es):
- Main
- Thread