[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
cookies
Hi
Karn's suggested method for creating the cookie is to
perform fast hash over the IP source and destination
address ,the UDP source andn Destination ports and a
locally generated secret random value.
ISAKMP requires that the cookies be unique for each
establisment to help prevent replay attacks, therefor
the date and time must be added to the information
added.
[ from page 20, 21 of ISAKMP draft]
and says cookie is an anti-clogging token.
in ISAKMP Header Processing:
WHEN WE CREATE an ISAKMP message: create respective cookie
WHEN WE RECEIVE an ISAKMP message: verify the initiator and
responder cookie...
[from pg 57 of ISAKMP draft]
1) how does the cookie acts as ACT and prevents from
REPLAY
2) How do we verify the cookies?.
-thanks in advance
-ramana
******************************************************************
* SrinivasRao. B. Kulkarni *
* Rendezvous On Chip Pvt Ltd. *
* First Floor, Plot No. 14, *
* NewVasaviNagar, Kharkhana, *
* SECUNDERABAD - 500015. *
* INDIA *
* Ph : (040) 7742606, 7740406 *
* email address : srinu@trinc.com *
******************************************************************