[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

IKE clarifications

To: dharkins@cisco.com
Subject: IKE clarifications
From: "Hilarie K. Orman" <ho@earth.hpc.org>
Date: Wed, 9 Sep 1998 20:16:48 -0700 (PDT)
Cc: isakmp-oakley@cisco.com, ipsec@tis.com
In-reply-to: Yourmessage <199809081815.LAA05462@dharkins-ss20.cisco.com>
Sender: owner-ipsec@ex.tis.com

Catherine Meadows at NRL has noted two points that need to be clarified
in order to ensure that secure implementations of IKE are produced.

The first is that message ID's must be pseudo-randomly generated; this
necessity is mentioned in the ISAKMP document, but could be easily
overlooked by an IKE implementor (and has been, more than once, it
seems).

The second point is to note that the decision about whether a message
is a Quick Mode initial message or a reply to a QM init msg must be
made on the basis of a pre-existing message ID only, not by using
any other attribute of the message.

Implementations that omit either of these recommendations are subject
to a denial-of-service attack which results in the production of
security associations that are not usable for communication with
the intended remote party.

Hilarie

Prev by Date: Re: I-D ACTION:draft-ietf-ipsec-ciph-cbc-03.txt
Next by Date: Re: I-D ACTION:draft-ietf-ipsec-ciph-cbc-03.txt
Prev by thread: draft-ietf-ipsec-cipb-cbc-03.txt to last call
Next by thread: Information on the IBM IPsec workshop
Index(es):
- Main
- Thread