[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: change in isakmp/oakley

To: dharkins@cisco.com
Subject: Re: change in isakmp/oakley
From: Hugo Krawczyk <hugo@ee.technion.ac.il>
Date: Wed, 1 Oct 1997 13:42:14 +0300 (IDT)
Cc: ipsec@tis.com
Sender: owner-ipsec@ex.tis.com

Dan,

>   Is the (non)mixing of Ni and Nr in encryption mode authentication broken
> or does it just reenforce the brokenness of certain (as yet unnamed) prfs?

It may be closer to the latter, but still a MUST to fix.
You have no "right" to give future implementations a rope to
hung themselves..

We have put a lot of effort to have the protocol as robust as 
possible. Security is not only resistance to known attacks,
but resistance to tomorrow's attacker as well. And the specifications
should be complete enough to provide robustness "against"
tomorrow's implementers too.

Hugo

Follow-Ups:

Re: change in isakmp/oakley

From: dharkins@ipsec.com

Re: change in isakmp/oakley

From: Daniel Harkins <dharkins@cisco.com>

Next by Date: Re: change in isakmp/oakley
Next by thread: Re: change in isakmp/oakley
Index(es):
- Main
- Thread