[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RFC2409

To: ipsec@lists.tislabs.com
Subject: RFC2409
From: Ivars Suba <IvarsS@bank.lv>
Date: Mon, 7 Jun 1999 19:19:38 +0300
Sender: owner-ipsec@lists.tislabs.com

IPSec/IKE (RFC2409) Public Key Encryption Aggressive mode"(Phase 1)
vulnerability is myself advice. It seems that IPSec/IKE Public Key
Encryption Revised Aggressive Mode and IPSec/IKE Pre-Shared Key Aggressive
Mode also vulnerable to this type of attack (Chess grandmaster). However,
they will be stopped at Phase 2 - Quick Mode (ISAKMP payload is Encrypted).
If Initiator and Cheater will share DHPrivKey_i, they will continue this
attack against Responder in Phase 2 - Quick Mode still :). For more detailed
information look in appendice.
Best regards,
==============================
Ivars Suba                     Bank of Latvia
mailto:ivarss@bank.lv     http://www.bank.lv
Ph.: +371 7 022 524,       Fax: +371 7 022 112
===============================

CryptAnalysisVPN_IKE.ppt

Follow-Ups:

RFC2409

From: Tero Kivinen <kivinen@ssh.fi>

Prev by Date: Re: Proposal for IP Peer protocol
Next by Date: Re: Comments on draft-ietf-ipsec-ike-01.txt (long)
Prev by thread: SkipJack numbers?
Next by thread: RFC2409
Index(es):
- Main
- Thread