[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Comments on "Hybrid Auth. mode for IKE"



> 
> [cc: list trimmed...]
> 
> Pyda Srisuresh wrote:
> 
> <substantially trimmed...>
> 
> > > >> >    4. SA lifetime:
> > > >> >
> > > >> >       The current  metrics of "time-bound" and "Data-bound" for an
> > > >> >       SA lifetime do not seem adequate for remote access users.
> > > >> >       I would like to see a new metric like "network-connected-time"
> > > >> >       for SA lifetime. This new metric may be used in conjunction with
> > > >> >       other metrics (if the crypto algorithms mandate such a limiting
> > > >> >       criteria) or by itself.
> > > >>
> > > >> Why is not SA lifetime close enough to net sonnect time?  Why is the latter
> > > >> metric preferable?
> > > >>
> > > >
> > > >How would you pick a close enough metric? Could be quite arbitrary.
> > > >A user may have no way to know ahead of time, how long his/her sessions
> > > >are going to have to be kept alive or how much data he/she is going
> > > >to be exchanging.  If these metrics are to be set infinitely large,
> > > >then that defeats the purpose to start with.
> > > >
> > > >Most often than not, a user is likely to want to keep the negotiated
> > > >security parameters unchanged throughout the connected time.
> 
> Then the user is risking compromise due to the dearth of ciphertext and
> time the attacker is being given to attack the key with. Rekeying is a
> minor expense which provides greatly increased security. The cost
> associated with it is negligible, compared to the benefits.
> 

I did suggest to use this metric only when it doesnt compromise the
crypto strength (for example, 3DES encryption with 168-bit key). Reduction 
of management overhead is a significant benifit.

cheers,
suresh


References: