The world according to MCR

[Tero Kivinen <kivinen@ssh.fi>]

Michael Richardson writes:
> 5. IKE SA's w/non-fixed IP address
> 	Yael Dayan
> 	Aggressive mode with preshared key.

I don't think this should be limited to pre shared keys. The RSA/DSA
signature modes are also vulnerable to the doing KE payload generation
and even signature calculation based on the first aggressive mode
packets without any kind proof that there is somebody in the other
end...

So if we really are concerned about the spoofed IP source address and
doing heavy calculation based on that we should not allow using
aggressive mode. 

> 	A user with a non-constant IP address, then we must use
> 	Aggressive mode. 
> 
> 	The problem is that the responding (the gateway) must do DH operations
> 	before it really knows if the user is legit.
> 
> 	Proposal for a New Phase I Exchange.
> 	
> 	[MCR's comment: Vendor ID payloads can be used in Aggressive
> 	mode to enable a new feature]a

No, you really cannot. This is clearly new exchange type, and needs to
get new exchange type number. There is no need to add vendor id in the
new exchange type. I think we need some kind of document telling how
to use vendor-id, private address spaces (in different places) etc. 
-- 
kivinen@iki.fi                               Work : +358-9-4354 3218
SSH Communications Security                  http://www.ssh.fi/
SSH IPSEC Toolkit                            http://www.ssh.fi/ipsec/

---

Follow-Ups:

• Re: The world according to MCR
• From: Dan Harkins <dharkins@network-alchemy.com>
• Re: The world according to MCR
• From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

References:

• The world according to MCR
• From: Michael Richardson <mcr@sandelman.ottawa.on.ca>

---

• Prev by Date: The world according to MCR
• Next by Date: Re: The world according to MCR
• Prev by thread: The world according to MCR
• Next by thread: Re: The world according to MCR
• Index(es):
  • Main
  • Thread