[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Comments on "Hybrid Auth. mode for IKE"
>
> [cc: list trimmed...]
>
> Pyda Srisuresh wrote:
>
> <substantially trimmed...>
>
> > > >> > 4. SA lifetime:
> > > >> >
> > > >> > The current metrics of "time-bound" and "Data-bound" for an
> > > >> > SA lifetime do not seem adequate for remote access users.
> > > >> > I would like to see a new metric like "network-connected-time"
> > > >> > for SA lifetime. This new metric may be used in conjunction with
> > > >> > other metrics (if the crypto algorithms mandate such a limiting
> > > >> > criteria) or by itself.
> > > >>
> > > >> Why is not SA lifetime close enough to net sonnect time? Why is the latter
> > > >> metric preferable?
> > > >>
> > > >
> > > >How would you pick a close enough metric? Could be quite arbitrary.
> > > >A user may have no way to know ahead of time, how long his/her sessions
> > > >are going to have to be kept alive or how much data he/she is going
> > > >to be exchanging. If these metrics are to be set infinitely large,
> > > >then that defeats the purpose to start with.
> > > >
> > > >Most often than not, a user is likely to want to keep the negotiated
> > > >security parameters unchanged throughout the connected time.
>
> Then the user is risking compromise due to the dearth of ciphertext and
> time the attacker is being given to attack the key with. Rekeying is a
> minor expense which provides greatly increased security. The cost
> associated with it is negligible, compared to the benefits.
>
I did suggest to use this metric only when it doesnt compromise the
crypto strength (for example, 3DES encryption with 168-bit key). Reduction
of management overhead is a significant benifit.
cheers,
suresh
References: