[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Minor Security issues regarding Kb rekeying

To: ipsec@tis.com
Subject: Minor Security issues regarding Kb rekeying
From: Tamir Zegman <zegman@checkpoint.com>
Date: Wed, 02 Dec 1998 19:06:30 +0200
Organization: Check Point
Sender: owner-ipsec@ex.tis.com

There are two minor security issues regarding Kb rekeying.
For IKE SAs:
It is possible for an IKE SA to expire its KB lifetime without the peers
that established this SA knowing it.
For example, suppose that 2 peers established an IKE SA with a life
duration of 10 Kb,
Each peer encrypting 5 Kbytes using this SA but only 4 Kbytes reach
their destination and 2 Kb get lost on the way.
In this case each peer thinks only 9 Kb of material was encrypted
whereas the IKE SA should have been expired.

For IPSEC SAs:
Suppose an IPSEC SA with a lifetime of 1000Kb was established between
two peer.
Alice encrypts 1000Kb of data using this SA but only 900Kb of encrypted
data reach Bob.
Eve has now 1000Kb of encrypted data and can after cracking the SAs
keys, transmit data to Bob who
thinks this SA is still valid.


--
========================================================================

Zegman Tamir
Encryption group, R&D                    Tel: +972-3-7534606
Check Point Software Tech. Ltd.  Fax: +972-3-5759256
3A Jabotinsky St., Diamond Tower
Ramat-Gan 52520, ISRAEL

e-mail:  zegman@checkpoint.com            http://www.checkpoint.com
========================================================================

Follow-Ups:

Re: Minor Security issues regarding Kb rekeying

From: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>

Prev by Date: Re: Use IPSEC as SSH replacement
Next by Date: RE: IKE signature payload
Prev by thread: RE: IKE signature payload
Next by thread: Re: Minor Security issues regarding Kb rekeying
Index(es):
- Main
- Thread