[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: linux-ipsec: Decrypting ID payload in Main Mode w/sharedsecrets

To: <gnu@toad.com>, <dharkins@network-alchemy.com>
Subject: Re: linux-ipsec: Decrypting ID payload in Main Mode w/sharedsecrets
From: "Hilarie Orman" <HORMAN@novell.com>
Date: Fri, 30 Apr 1999 15:39:48 -0600
Cc: <linux-ipsec@clinet.fi>, <hugo@ee.technion.ac.il>, <ipsec@lists.tislabs.com>, <gnu@toad.com>
Sender: owner-ipsec@lists.tislabs.com

Would you humor me for a moment and help me get oriented in
the requirements?  It seems to me that you've ended up in
an odd place, and I'm wondering why.

The original design has the two parties doing a non-authenticated
DH exchange, and the shared secret from that protects the
identities.  You have to be an active person in the middle
to learn the identities.  That would seem to satisfy the
criteria set out in your most recent note; so why not use
that, and is it not supported in IKE, now?

If you want to protect absolutely against person in the middle, then
you can most likely use Denker's suggestion to have the
client use the server's PK and send {K, DES(K, ID}}PK(svr)
using public key encryption.  This needs some further
analysis in the context of the whole protocol in order for
one to be certain that it protects against person in the
middle during the whole exchange, but it is promising.

Hilarie
(joined Novell several weeks ago; Utah is a beautiful place)

Prev by Date: Re: linux-ipsec: Decrypting ID payload in Main Mode w/shared secrets
Next by Date: Re: linux-ipsec: Decrypting ID payload in Main Mode w/shared secrets
Prev by thread: How is CONNECTED notify authenticated ?
Index(es):
- Main
- Thread